CVE-2016-1366

The SCP and SFTP modules in Cisco IOS XR 5.0.0 through 5.2.5 on Network Convergence System 6000 devices use weak permissions for system files, which allows remote authenticated users to cause a denial of service (overwrite) via unspecified vectors, aka Bug ID CSCuw75848.

CVSS v3 6.5 MEDIUM
CVSS v2.0 6.8 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

Vector : AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

6.8^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:S/C:N/I:C/A:N

Exploitability : 8.0 / Impact : 6.9

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact NONE

Integrity Impact COMPLETE

Availability Impact NONE

References

Link	Resource
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-ncs	Vendor Advisory
http://www.securitytracker.com/id/1035407
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-ncs	Vendor Advisory
http://www.securitytracker.com/id/1035407

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:cisco:ios_xr:5.0.0:::::::*
	cpe:2.3:o:cisco:ios_xr:5.0.1:::::::*
	cpe:2.3:o:cisco:ios_xr:5.2.1:::::::*
	cpe:2.3:o:cisco:ios_xr:5.2.3:::::::*
	cpe:2.3:o:cisco:ios_xr:5.2.4:::::::*
	cpe:2.3:o:cisco:ios_xr:5.2.5:::::::*

History

21 Nov 2024, 02:46

Type	Values Removed	Values Added
References	~~() http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-ncs - Vendor Advisory~~	() http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-ncs - Vendor Advisory
References	~~() http://www.securitytracker.com/id/1035407 -~~	() http://www.securitytracker.com/id/1035407 -

Information

Published : 2016-03-24 22:59

Updated : 2024-11-21 02:46

NVD link : CVE-2016-1366

Mitre link : CVE-2016-1366

CVE.ORG link : CVE-2016-1366

JSON object : View

Products Affected

cisco

ios_xr

CWE

CWE-264

Permissions, Privileges, and Access Controls

{"id": "CVE-2016-1366", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:N/I:C/A:N", "authentication": "SINGLE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2016-03-24T22:59:00.953", "references": [{"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-ncs", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}, {"url": "http://www.securitytracker.com/id/1035407", "source": "ykramarz@cisco.com"}, {"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-ncs", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id/1035407", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "The SCP and SFTP modules in Cisco IOS XR 5.0.0 through 5.2.5 on Network Convergence System 6000 devices use weak permissions for system files, which allows remote authenticated users to cause a denial of service (overwrite) via unspecified vectors, aka Bug ID CSCuw75848."}, {"lang": "es", "value": "Los m\u00f3dulos SCP y SFTP en Cisco IOS XR 5.0.0 hasta la versi\u00f3n 5.2.5 en dispositivos Network Convergence System 6000 utilizan permisos d\u00e9biles para archivos de sistema, lo que permite a usuarios remotos autenticados causar una denegaci\u00f3n de servicio (sobrescritura) a trav\u00e9s de vectores no especificados, tambi\u00e9n conocida como Bug ID CSCuw75848."}], "lastModified": "2024-11-21T02:46:15.953", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:ios_xr:5.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F7620A88-C4B3-4184-846F-1E3FD8A751EB"}, {"criteria": "cpe:2.3:o:cisco:ios_xr:5.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "96BFB5A5-EF04-4334-9A62-558A375DE768"}, {"criteria": "cpe:2.3:o:cisco:ios_xr:5.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "95175A2E-14DB-4730-93EA-2291ED7E0DFC"}, {"criteria": "cpe:2.3:o:cisco:ios_xr:5.2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E5EFC65A-C469-4267-9C0B-DD25E2E8C0F4"}, {"criteria": "cpe:2.3:o:cisco:ios_xr:5.2.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7DABC2A4-B161-4597-B053-0ECEFCCDD89F"}, {"criteria": "cpe:2.3:o:cisco:ios_xr:5.2.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A0B5C0F4-1BEC-4B54-ABF0-948CFF80E5E0"}], "operator": "OR"}]}], "sourceIdentifier": "ykramarz@cisco.com"}