CVE-2016-1301
Published Feb 7, 2016
Last updated 8 years ago
Overview
- Description
- The RBAC implementation in Cisco ASA-CX Content-Aware Security software before 9.3.1.1(112) and Cisco Prime Security Manager (PRSM) software before 9.3.1.1(112) allows remote authenticated users to change arbitrary passwords via a crafted HTTP request, aka Bug ID CSCuo94842.
- Source
- ykramarz@cisco.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.0
- Type
- Primary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 8.5
- Impact score
- 10
- Exploitability score
- 6.8
- Vector string
- AV:N/AC:M/Au:S/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-284
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:prime_security_manager:9.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0E288E19-D13C-4E66-92C4-832E6151BE03"
},
{
"criteria": "cpe:2.3:a:cisco:prime_security_manager:9.0.1-40:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C2AB78A0-939D-47F4-9F8A-E8D337FB852E"
},
{
"criteria": "cpe:2.3:a:cisco:prime_security_manager:9.0.2-68:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B057253B-3199-490D-8B16-4F6AC3187147"
},
{
"criteria": "cpe:2.3:a:cisco:prime_security_manager:9.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E3B5ADAD-E627-4D08-B50A-A3251BE025AC"
},
{
"criteria": "cpe:2.3:a:cisco:prime_security_manager:9.1.2-29:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "308EBED0-E069-4B8D-BE7B-5FB3940491FA"
},
{
"criteria": "cpe:2.3:a:cisco:prime_security_manager:9.1.2-42:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "657AC52E-EF40-49D9-A0F9-F9BDA8A67B4D"
},
{
"criteria": "cpe:2.3:a:cisco:prime_security_manager:9.1.3-8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B7FBB326-9011-434D-B142-5C6B1F422442"
},
{
"criteria": "cpe:2.3:a:cisco:prime_security_manager:9.1.3-10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "91D0E148-44D5-4A48-B33B-E5D891AC7F56"
},
{
"criteria": "cpe:2.3:a:cisco:prime_security_manager:9.1.3-13:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6D123EB5-1B8F-484B-818D-FD221E7531FA"
},
{
"criteria": "cpe:2.3:a:cisco:prime_security_manager:9.2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "955A92B5-5618-4046-888C-76B996F70FE3"
},
{
"criteria": "cpe:2.3:a:cisco:prime_security_manager:9.2.1-1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CB3F163F-4C7F-462A-8229-1D98C85B7D59"
},
{
"criteria": "cpe:2.3:a:cisco:prime_security_manager:9.2.1-2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DEDE8C4C-846A-41FA-998D-58802A3D7F49"
},
{
"criteria": "cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EBC9743A-641F-4F0A-97FC-5DF8B0333222"
},
{
"criteria": "cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.0.1-40:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F7F990CF-B6DD-4EE3-B45D-CE4B1110A6DB"
},
{
"criteria": "cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A81A0E90-9200-436C-81BC-FA4BF745EEDB"
},
{
"criteria": "cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.0.2-68:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "13B6FFEA-4F46-4D20-9821-FE32B57F6145"
},
{
"criteria": "cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.0_base:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8068EA1D-6AD6-4BF3-AA1F-C8AD0BC8F298"
},
{
"criteria": "cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.1.2-29:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6A4AE8C1-9BD1-491A-9835-D95F4D90F496"
},
{
"criteria": "cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.1.2-42:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A0710827-10AD-4DE9-BB0F-B4D072DDC8DA"
},
{
"criteria": "cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.1.3-8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "96F09A7A-9A3D-4D73-912A-2B01CEABEFBA"
},
{
"criteria": "cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.1.3-10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0AA36AEA-6516-41DD-90D3-0504A4CB5231"
},
{
"criteria": "cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.1.3-13:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "68C47683-C68B-4B84-80F6-FDFF9156991C"
},
{
"criteria": "cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.2.1-1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AEFA5ADA-E573-447B-AFD9-E37682B57BD9"
},
{
"criteria": "cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.2.1-2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1359CC7F-628F-44EB-B36D-FF1210E227B2"
},
{
"criteria": "cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.2.1-3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "16E7AFAD-3A1D-4244-AA61-85B430E8D51C"
},
{
"criteria": "cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.2.1-4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AC110506-3E7F-4DD9-99D2-6E04F1E65D29"
}
],
"operator": "OR"
}
]
}
]