CVE-2016-9193

{"id": "CVE-2016-9193", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2016-12-14T00:59:16.973", "references": [{"url": "http://www.securityfocus.com/bid/94801", "tags": ["Third Party Advisory", "VDB Entry"], "source": "ykramarz@cisco.com"}, {"url": "http://www.securitytracker.com/id/1037421", "tags": ["Third Party Advisory", "VDB Entry"], "source": "ykramarz@cisco.com"}, {"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-firepower", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the malicious file detection and blocking features of Cisco Firepower Management Center and Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass malware detection mechanisms on an affected system. Affected Products: Cisco Firepower Management Center and FireSIGHT System Software are affected when they are configured to use a file policy that has the Block Malware action. More Information: CSCvb27494. Known Affected Releases: 6.0.1.1 6.1.0."}, {"lang": "es", "value": "Una vulnerabilidad en las caracter\u00edsticas de detecci\u00f3n y bloqueo de archivos maliciosos de Cisco Firepower Management Center y Cisco FireSIGHT System Software podr\u00eda permitir a un atacante remoto no autenticado eludir los mecanismos de detecci\u00f3n de malware en un dispositivo afectado. Productos Afectados: Cisco Firepower Management Center y FireSIGHT System Software son afectados cuando est\u00e1n configurados para utilizar una pol\u00edtica de archivos con la acci\u00f3n Block Malware. M\u00e1s Informaci\u00f3n: CSCvb27494. Lanzamientos Afectados Conocidos: 6.0.1.1 6.1.0."}], "lastModified": "2016-12-23T04:27:58.567", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:firepower_management_center:6.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B6FFC36B-7EC9-48C2-87B0-E267EBF04779"}, {"criteria": "cpe:2.3:a:cisco:firepower_management_center:6.0.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2DF15BD2-9D69-49E2-9454-08DE3BCBC009"}, {"criteria": "cpe:2.3:a:cisco:firepower_management_center:6.0.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "67F35B60-ED13-488D-B53C-35DBC27563E6"}, {"criteria": "cpe:2.3:a:cisco:firepower_management_center:6.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D5C15D62-A995-4AEC-BB9C-6CFE3104902D"}, {"criteria": "cpe:2.3:a:cisco:firepower_management_center:6.0.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BBFFEDBD-D761-4529-808C-6770E5ADF3CE"}, {"criteria": "cpe:2.3:a:cisco:firepower_management_center:6.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2AC1B12A-A2EC-4C24-AEBC-944AE2939458"}, {"criteria": "cpe:2.3:a:cisco:firesight_system_software:6.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "55D52DB0-4441-41C9-900E-DE917B0CBC91"}, {"criteria": "cpe:2.3:a:cisco:firesight_system_software:6.0.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CB492B2E-2CE6-4D29-9D82-D40A2B9508B8"}, {"criteria": "cpe:2.3:a:cisco:firesight_system_software:6.0.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0D032900-6B00-4F4D-A2F7-6119F113675F"}, {"criteria": "cpe:2.3:a:cisco:firesight_system_software:6.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DC5565FE-174C-41C7-9462-9138BB31507D"}, {"criteria": "cpe:2.3:a:cisco:firesight_system_software:6.0.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B764E48A-C748-4451-8E81-DD8B62B4BA9B"}, {"criteria": "cpe:2.3:a:cisco:firesight_system_software:6.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "362E320D-70E9-4B51-9298-ADF612FD440F"}], "operator": "OR"}]}], "sourceIdentifier": "ykramarz@cisco.com"}