CVE-2016-1345

Cisco FireSIGHT System Software 5.4.0 through 6.0.1 and ASA with FirePOWER Services 5.4.0 through 6.0.0.1 allow remote attackers to bypass malware protection via crafted fields in HTTP headers, aka Bug ID CSCux22726.

CVSS v3 7.5 HIGH
CVSS v2.0 5.0 MEDIUM

7.5^/10

CVSS v3 : HIGH

V3 Legend

Vector : AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

5.0^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:P/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160330-fp	Vendor Advisory
http://www.securitytracker.com/id/1035437
http://www.securitytracker.com/id/1035438
http://www.securitytracker.com/id/1035439
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160330-fp	Vendor Advisory
http://www.securitytracker.com/id/1035437
http://www.securitytracker.com/id/1035438
http://www.securitytracker.com/id/1035439

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:cisco:asa_with_firepower_services:5.4.0:::::::*
	cpe:2.3:a:cisco:asa_with_firepower_services:5.4.0.1:::::::*
	cpe:2.3:a:cisco:asa_with_firepower_services:5.4.0.2:::::::*
	cpe:2.3:a:cisco:asa_with_firepower_services:5.4.0.3:::::::*
	cpe:2.3:a:cisco:asa_with_firepower_services:5.4.0.4:::::::*
	cpe:2.3:a:cisco:asa_with_firepower_services:5.4.0.5:::::::*
	cpe:2.3:a:cisco:asa_with_firepower_services:5.4.0.6:::::::*
	cpe:2.3:a:cisco:asa_with_firepower_services:6.0.0:::::::*
	cpe:2.3:a:cisco:asa_with_firepower_services:6.0.0.1:::::::*
	cpe:2.3:a:cisco:firesight_system_software:5.4.0:::::::*
	cpe:2.3:a:cisco:firesight_system_software:5.4.0.1:::::::*
	cpe:2.3:a:cisco:firesight_system_software:5.4.0.2:::::::*
	cpe:2.3:a:cisco:firesight_system_software:5.4.0.3:::::::*
	cpe:2.3:a:cisco:firesight_system_software:5.4.0.4:::::::*
	cpe:2.3:a:cisco:firesight_system_software:5.4.0.5:::::::*
	cpe:2.3:a:cisco:firesight_system_software:5.4.0.6:::::::*
	cpe:2.3:a:cisco:firesight_system_software:5.4.1:::::::*
	cpe:2.3:a:cisco:firesight_system_software:5.4.1.2:::::::*
	cpe:2.3:a:cisco:firesight_system_software:5.4.1.3:::::::*
	cpe:2.3:a:cisco:firesight_system_software:5.4.1.4:::::::*
	cpe:2.3:a:cisco:firesight_system_software:6.0.0:::::::*
	cpe:2.3:a:cisco:firesight_system_software:6.0.0.1:::::::*
	cpe:2.3:a:cisco:firesight_system_software:6.0.1:::::::*

History

21 Nov 2024, 02:46

Type	Values Removed	Values Added
References	~~() http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160330-fp - Vendor Advisory~~	() http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160330-fp - Vendor Advisory
References	~~() http://www.securitytracker.com/id/1035437 -~~	() http://www.securitytracker.com/id/1035437 -
References	~~() http://www.securitytracker.com/id/1035438 -~~	() http://www.securitytracker.com/id/1035438 -
References	~~() http://www.securitytracker.com/id/1035439 -~~	() http://www.securitytracker.com/id/1035439 -

Information

Published : 2016-04-01 00:59

Updated : 2025-04-12 10:46

NVD link : CVE-2016-1345

Mitre link : CVE-2016-1345

CVE.ORG link : CVE-2016-1345

JSON object : View

Products Affected

cisco

asa_with_firepower_services
firesight_system_software

CWE

CWE-20

Improper Input Validation

{"id": "CVE-2016-1345", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2016-04-01T00:59:00.113", "references": [{"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160330-fp", "tags": ["Vendor Advisory"], "source": "psirt@cisco.com"}, {"url": "http://www.securitytracker.com/id/1035437", "source": "psirt@cisco.com"}, {"url": "http://www.securitytracker.com/id/1035438", "source": "psirt@cisco.com"}, {"url": "http://www.securitytracker.com/id/1035439", "source": "psirt@cisco.com"}, {"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160330-fp", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id/1035437", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id/1035438", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id/1035439", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "Cisco FireSIGHT System Software 5.4.0 through 6.0.1 and ASA with FirePOWER Services 5.4.0 through 6.0.0.1 allow remote attackers to bypass malware protection via crafted fields in HTTP headers, aka Bug ID CSCux22726."}, {"lang": "es", "value": "Cisco FireSIGHT System Software 5.4.0 hasta la versi\u00f3n 6.0.1 y ASA con FirePOWER Services 5.4.0 hasta la versi\u00f3n 6.0.0.1 permiten a atacantes remotos eludir la protecci\u00f3n de malware a trav\u00e9s de campos manipulados en cabeceras HTTP, tambi\u00e9n conocida como Bug ID CSCux22726."}], "lastModified": "2025-04-12T10:46:40.837", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:asa_with_firepower_services:5.4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D8C72F82-238A-496E-9B01-F545889DE972"}, {"criteria": "cpe:2.3:a:cisco:asa_with_firepower_services:5.4.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1AB63124-15FC-434A-9BC3-B8072BB74DD4"}, {"criteria": "cpe:2.3:a:cisco:asa_with_firepower_services:5.4.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7FC9D5C8-A2F7-4A4D-9672-BA92D3F70299"}, {"criteria": "cpe:2.3:a:cisco:asa_with_firepower_services:5.4.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3162DAB2-0866-4427-9B6D-58B025DFD0F0"}, {"criteria": "cpe:2.3:a:cisco:asa_with_firepower_services:5.4.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C51E5901-A395-4208-B642-4DD23A6B63A2"}, {"criteria": "cpe:2.3:a:cisco:asa_with_firepower_services:5.4.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4B6488E2-4B6A-4C93-A9CF-AA32013A1605"}, {"criteria": "cpe:2.3:a:cisco:asa_with_firepower_services:5.4.0.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "08314129-10D6-421C-AEE1-348460EBDD0C"}, {"criteria": "cpe:2.3:a:cisco:asa_with_firepower_services:6.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2239F826-AAFA-4354-9BED-2C33AEF983D8"}, {"criteria": "cpe:2.3:a:cisco:asa_with_firepower_services:6.0.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0275E2F5-30EF-4D0D-A0CC-BFEB0B97E378"}, {"criteria": "cpe:2.3:a:cisco:firesight_system_software:5.4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0EB13B96-D431-49BD-ADAB-9AE5DB559935"}, {"criteria": "cpe:2.3:a:cisco:firesight_system_software:5.4.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "79AECC9E-657F-4BFF-B640-B96CD1384647"}, {"criteria": "cpe:2.3:a:cisco:firesight_system_software:5.4.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F2424A93-0C9D-4839-9773-EBFD143F6240"}, {"criteria": "cpe:2.3:a:cisco:firesight_system_software:5.4.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C27E220F-160C-4706-9516-27889F7B37E2"}, {"criteria": "cpe:2.3:a:cisco:firesight_system_software:5.4.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9CB0484C-F0B7-4349-856E-194E97A7F8A6"}, {"criteria": "cpe:2.3:a:cisco:firesight_system_software:5.4.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1FD5721D-8F28-4A7C-B2BE-97CE796B208A"}, {"criteria": "cpe:2.3:a:cisco:firesight_system_software:5.4.0.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "85DEC2B7-2142-4959-817F-2F9B3AA82660"}, {"criteria": "cpe:2.3:a:cisco:firesight_system_software:5.4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B7DC251B-1CA8-4232-A900-885933E01FB1"}, {"criteria": "cpe:2.3:a:cisco:firesight_system_software:5.4.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FD0DF530-4865-45A1-87CA-6ED6026A56A6"}, {"criteria": "cpe:2.3:a:cisco:firesight_system_software:5.4.1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7335266F-B16F-4EFB-B1D2-1F61B3EBB437"}, {"criteria": "cpe:2.3:a:cisco:firesight_system_software:5.4.1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "13BF9C6F-B511-444B-B6B7-960DF8758964"}, {"criteria": "cpe:2.3:a:cisco:firesight_system_software:6.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "55D52DB0-4441-41C9-900E-DE917B0CBC91"}, {"criteria": "cpe:2.3:a:cisco:firesight_system_software:6.0.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0D032900-6B00-4F4D-A2F7-6119F113675F"}, {"criteria": "cpe:2.3:a:cisco:firesight_system_software:6.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DC5565FE-174C-41C7-9462-9138BB31507D"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@cisco.com"}

7.5 /10

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

5.0 /10

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

JSON object

Attach tags to CVE-2016-1345

7.5^/10

5.0^/10

Attach tags to `CVE-2016-1345`