CVE-2016-6367 — HIGH (7.8) — White Hats Nepal

Q: How severe is CVE-2016-6367?

CVE-2016-6367 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2016-6367?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Adaptive Security Appliance Software, Cisco Asa 5500, Cisco Asa 5500-X, Cisco Asa 5500 Csc-Ssm, Cisco Asa 5505.

Vulnerability Description

Cisco Adaptive Security Appliance (ASA) Software before 8.4(1) on ASA 5500, ASA 5500-X, PIX, and FWSM devices allows local users to gain privileges via invalid CLI commands, aka Bug ID CSCtu74257 or EPICBANANA.

CVSS Score

7.8

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Cisco	Adaptive Security Appliance Software	>= 7.2.0, < 8.4\(3\)
Cisco	Asa 5500	-
Cisco	Asa 5500-X	-
Cisco	Asa 5500 Csc-Ssm	-
Cisco	Asa 5505	-
Cisco	Asa 5506-X	-
Cisco	Asa 5506H-X	-
Cisco	Asa 5506W-X	-
Cisco	Asa 5508-X	-
Cisco	Asa 5510	-
Cisco	Asa 5512-X	-
Cisco	Asa 5515-X	-
Cisco	Asa 5516-X	-
Cisco	Asa 5520	-
Cisco	Asa 5525-X	-
Cisco	Asa 5540	-
Cisco	Asa 5545-X	-
Cisco	Asa 5550	-
Cisco	Asa 5555-X	-
Cisco	Asa 5580	-

Related Weaknesses (CWE)

CWE-77

References

http://blogs.cisco.com/security/shadow-brokersExploitPress/Media CoverageVendor Advisory
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20Vendor Advisory
http://tools.cisco.com/security/center/viewErp.x?alertId=ERP-56516Vendor Advisory
http://www.securityfocus.com/bid/92520Broken LinkThird Party AdvisoryVDB Entry
http://www.securitytracker.com/id/1036636Broken LinkThird Party AdvisoryVDB Entry
https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/spBroken LinkExploit
https://www.exploit-db.com/exploits/40271/Third Party AdvisoryVDB Entry
http://blogs.cisco.com/security/shadow-brokersExploitPress/Media CoverageVendor Advisory
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20Vendor Advisory
http://tools.cisco.com/security/center/viewErp.x?alertId=ERP-56516Vendor Advisory
http://www.securityfocus.com/bid/92520Broken LinkThird Party AdvisoryVDB Entry
http://www.securitytracker.com/id/1036636Broken LinkThird Party AdvisoryVDB Entry
https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/spBroken LinkExploit
https://www.exploit-db.com/exploits/40271/Third Party AdvisoryVDB Entry
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-US Government Resource

FAQ

What is CVE-2016-6367?

CVE-2016-6367 is a vulnerability with a CVSS score of 7.8 (HIGH). Cisco Adaptive Security Appliance (ASA) Software before 8.4(1) on ASA 5500, ASA 5500-X, PIX, and FWSM devices allows local users to gain privileges via invalid CLI commands, aka Bug ID CSCtu74257 or E...

How severe is CVE-2016-6367?

CVE-2016-6367 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2016-6367?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Adaptive Security Appliance Software, Cisco Asa 5500, Cisco Asa 5500-X, Cisco Asa 5500 Csc-Ssm, Cisco Asa 5505.