CVE-2016-1443

Published Jul 7, 2016

Last updated 5 years ago

CVSS high 8.1

Overview

Description: The virtual network stack on Cisco AMP Threat Grid Appliance devices before 2.1.1 allows remote attackers to bypass a sandbox protection mechanism, and consequently obtain sensitive interprocess information or modify interprocess data, via a crafted malware sample.
Source: ykramarz@cisco.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 8.1
Impact score: 5.9
Exploitability score: 2.2
Vector string: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 6.8
Impact score: 6.4
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-254

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cisco:amp_threat_grid_appliance:1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2E7BF740-0A6B-4CF3-AAF2-82639DD1FC1C"
          },
          {
            "criteria": "cpe:2.3:a:cisco:amp_threat_grid_appliance:1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "21A3E4A7-575A-4905-A7DE-ED7CC271C639"
          },
          {
            "criteria": "cpe:2.3:a:cisco:amp_threat_grid_appliance:1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "67A01851-3BCF-478A-A7E3-4AA806ED7035"
          },
          {
            "criteria": "cpe:2.3:a:cisco:amp_threat_grid_appliance:1.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3D613E3D-F0B3-487D-B419-8741AB101417"
          },
          {
            "criteria": "cpe:2.3:a:cisco:amp_threat_grid_appliance:1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2AA1940D-A59C-4486-80C0-E8C4BD877DF7"
          },
          {
            "criteria": "cpe:2.3:a:cisco:amp_threat_grid_appliance:1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C303ED7C-BE13-4753-A2D8-68161A2312D9"
          },
          {
            "criteria": "cpe:2.3:a:cisco:amp_threat_grid_appliance:1.4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "84C8A220-4DD3-4417-90C8-3F92BA98175F"
          },
          {
            "criteria": "cpe:2.3:a:cisco:amp_threat_grid_appliance:1.4.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A14A27F0-090F-4A92-8B8E-2AFBBFF99A95"
          },
          {
            "criteria": "cpe:2.3:a:cisco:amp_threat_grid_appliance:1.4.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "49BC08DF-E7FB-49E4-B69F-81456DCB6F2A"
          },
          {
            "criteria": "cpe:2.3:a:cisco:amp_threat_grid_appliance:1.4.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "501A2CB3-36C2-4526-BAE8-267481510A7A"
          },
          {
            "criteria": "cpe:2.3:a:cisco:amp_threat_grid_appliance:1.4.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3D675FFB-2A52-466A-B352-0A861C26F853"
          },
          {
            "criteria": "cpe:2.3:a:cisco:amp_threat_grid_appliance:1.4.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D84A018C-1B8A-471B-94C6-B1EDF35F2013"
          },
          {
            "criteria": "cpe:2.3:a:cisco:amp_threat_grid_appliance:2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F2338A78-9ED8-41A6-B725-77207ED0ED5A"
          },
          {
            "criteria": "cpe:2.3:a:cisco:amp_threat_grid_appliance:2.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CB6177F2-8C73-4843-B31D-C869D5A2748F"
          },
          {
            "criteria": "cpe:2.3:a:cisco:amp_threat_grid_appliance:2.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BAAC6654-0C3D-4FF0-B449-B70FAB92119C"
          },
          {
            "criteria": "cpe:2.3:a:cisco:amp_threat_grid_appliance:2.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "29699833-1198-48C7-BB1D-86C4DA87323B"
          },
          {
            "criteria": "cpe:2.3:a:cisco:amp_threat_grid_appliance:2.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "59C978F6-AD1D-466C-A402-1BA3AAFCFD4A"
          },
          {
            "criteria": "cpe:2.3:a:cisco:amp_threat_grid_appliance:2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BD0D0717-6CEB-4AF0-AB54-6D19726AC605"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References