CVE-2016-1295

Published Jan 16, 2016

Last updated 2 years ago

CVSS medium 5.3

Overview

Description: Cisco Adaptive Security Appliance (ASA) Software 8.4 allows remote attackers to obtain sensitive information via an AnyConnect authentication attempt, aka Bug ID CSCuo65775.
Source: ykramarz@cisco.com
NVD status: Analyzed

Risk scores

CVSS 3.0

Type: Primary
Base score: 5.3
Impact score: 1.4
Exploitability score: 3.9
Vector string: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Severity: MEDIUM

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: CWE-200

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FA1C5485-EAF4-4F4D-AFA1-E105F433665E"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "989F9AC4-C2D1-49A0-95C3-79A4EB827E07"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BFE2E079-D7AC-4FE9-8938-A75C12AF5CA4"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.1.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B442C852-2465-4EA8-A977-1F10A4CE23AA"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C6DB6ED4-3095-46C1-9CB6-2975A7B05303"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EE68CD8E-B9CF-4519-8B0E-4C4488B34887"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.2.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D762C9A7-005C-44FD-9BB2-7A1DD4EBE90B"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EE0B1212-87F3-46E5-B14A-C0C6BBAAAC98"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.3.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "518D4826-06B0-4DDC-B082-A536418FD292"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.3.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E343DE08-58FA-4C39-99F9-8CB5F57D0CD8"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "76363698-DB62-4D92-8EE4-069891A9F92C"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6159BEE3-D097-4E07-9962-06DB740E2AE3"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.4.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FD606591-F69A-47AD-9256-20B98CA16135"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.4.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A4EF3895-F372-45D3-9C7D-15F5C4712D08"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.4.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4DC5960D-B917-4ABA-850F-A710676ACB40"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B746A138-6650-49A3-87C8-3728FE5CF215"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.5.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E50C2A13-5A8B-4FA5-ABB8-1157E560503B"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "909F9D55-9276-4CF1-BC63-7CEEF8F25C21"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F383D276-D5EC-4335-AC09-9D30F6443AF0"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "39C2A7FF-6AC3-42B5-954A-9AA5950C523A"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7.15:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9D7F36A8-C291-423D-AF28-56AAD8D0F712"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7.22:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3C2009F4-F832-49D6-8346-54A7328BD93B"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7.23:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C9221DD4-498A-4867-B647-47E42299CE45"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7.26:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B839A425-E08C-41B1-9270-E177E40B1E27"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7.28:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8F4DDF53-0995-4971-A980-30FD15A40C78"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7.29:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2F3BD921-A58A-47EB-B90D-21C3A5D02D40"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References