CVE-2016-1345

Published Apr 1, 2016

Last updated 8 years ago

Overview

Description: Cisco FireSIGHT System Software 5.4.0 through 6.0.1 and ASA with FirePOWER Services 5.4.0 through 6.0.0.1 allow remote attackers to bypass malware protection via crafted fields in HTTP headers, aka Bug ID CSCux22726.
Source: ykramarz@cisco.com
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 3.0

Type: Primary
Base score: 7.5
Impact score: 3.6
Exploitability score: 3.9
Vector string: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-20

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cisco:asa_with_firepower_services:5.4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D8C72F82-238A-496E-9B01-F545889DE972"
          },
          {
            "criteria": "cpe:2.3:a:cisco:asa_with_firepower_services:5.4.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1AB63124-15FC-434A-9BC3-B8072BB74DD4"
          },
          {
            "criteria": "cpe:2.3:a:cisco:asa_with_firepower_services:5.4.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7FC9D5C8-A2F7-4A4D-9672-BA92D3F70299"
          },
          {
            "criteria": "cpe:2.3:a:cisco:asa_with_firepower_services:5.4.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3162DAB2-0866-4427-9B6D-58B025DFD0F0"
          },
          {
            "criteria": "cpe:2.3:a:cisco:asa_with_firepower_services:5.4.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C51E5901-A395-4208-B642-4DD23A6B63A2"
          },
          {
            "criteria": "cpe:2.3:a:cisco:asa_with_firepower_services:5.4.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4B6488E2-4B6A-4C93-A9CF-AA32013A1605"
          },
          {
            "criteria": "cpe:2.3:a:cisco:asa_with_firepower_services:5.4.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "08314129-10D6-421C-AEE1-348460EBDD0C"
          },
          {
            "criteria": "cpe:2.3:a:cisco:asa_with_firepower_services:6.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2239F826-AAFA-4354-9BED-2C33AEF983D8"
          },
          {
            "criteria": "cpe:2.3:a:cisco:asa_with_firepower_services:6.0.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0275E2F5-30EF-4D0D-A0CC-BFEB0B97E378"
          },
          {
            "criteria": "cpe:2.3:a:cisco:firesight_system_software:5.4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0EB13B96-D431-49BD-ADAB-9AE5DB559935"
          },
          {
            "criteria": "cpe:2.3:a:cisco:firesight_system_software:5.4.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "79AECC9E-657F-4BFF-B640-B96CD1384647"
          },
          {
            "criteria": "cpe:2.3:a:cisco:firesight_system_software:5.4.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F2424A93-0C9D-4839-9773-EBFD143F6240"
          },
          {
            "criteria": "cpe:2.3:a:cisco:firesight_system_software:5.4.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C27E220F-160C-4706-9516-27889F7B37E2"
          },
          {
            "criteria": "cpe:2.3:a:cisco:firesight_system_software:5.4.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9CB0484C-F0B7-4349-856E-194E97A7F8A6"
          },
          {
            "criteria": "cpe:2.3:a:cisco:firesight_system_software:5.4.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1FD5721D-8F28-4A7C-B2BE-97CE796B208A"
          },
          {
            "criteria": "cpe:2.3:a:cisco:firesight_system_software:5.4.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "85DEC2B7-2142-4959-817F-2F9B3AA82660"
          },
          {
            "criteria": "cpe:2.3:a:cisco:firesight_system_software:5.4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B7DC251B-1CA8-4232-A900-885933E01FB1"
          },
          {
            "criteria": "cpe:2.3:a:cisco:firesight_system_software:5.4.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FD0DF530-4865-45A1-87CA-6ED6026A56A6"
          },
          {
            "criteria": "cpe:2.3:a:cisco:firesight_system_software:5.4.1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7335266F-B16F-4EFB-B1D2-1F61B3EBB437"
          },
          {
            "criteria": "cpe:2.3:a:cisco:firesight_system_software:5.4.1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "13BF9C6F-B511-444B-B6B7-960DF8758964"
          },
          {
            "criteria": "cpe:2.3:a:cisco:firesight_system_software:6.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "55D52DB0-4441-41C9-900E-DE917B0CBC91"
          },
          {
            "criteria": "cpe:2.3:a:cisco:firesight_system_software:6.0.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0D032900-6B00-4F4D-A2F7-6119F113675F"
          },
          {
            "criteria": "cpe:2.3:a:cisco:firesight_system_software:6.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DC5565FE-174C-41C7-9462-9138BB31507D"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Configurations

References