CVE-2016-1463

{"id": "CVE-2016-1463", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2016-07-28T01:59:43.760", "references": [{"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160727-firesight", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}, {"url": "http://www.securityfocus.com/bid/92152", "source": "ykramarz@cisco.com"}, {"url": "http://www.securitytracker.com/id/1036471", "source": "ykramarz@cisco.com"}, {"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160727-firesight", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/92152", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id/1036471", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "Cisco FireSIGHT System Software 5.3.0, 5.3.1, 5.4.0, 6.0, and 6.0.1 allows remote attackers to bypass Snort rules via crafted parameters in the header of an HTTP packet, aka Bug ID CSCuz20737."}, {"lang": "es", "value": "Cisco FireSIGHT System Software 5.3.0, 5.3.1, 5.4.0, 6.0 y 6.0.1 permite a atacantes remotos eludir reglas Snort a trav\u00e9s de par\u00e1metros manipulados en la cabecera de un paquete HTTP, tambi\u00e9n conocido como Bug ID CSCuz20737."}], "lastModified": "2024-11-21T02:46:29.463", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:firesight_system_software:5.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F1049BCE-4A7B-4636-9090-17724D5AFBA4"}, {"criteria": "cpe:2.3:a:cisco:firesight_system_software:5.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1BEF2B98-243F-4796-A98C-A978C4CCAD91"}, {"criteria": "cpe:2.3:a:cisco:firesight_system_software:5.4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0EB13B96-D431-49BD-ADAB-9AE5DB559935"}, {"criteria": "cpe:2.3:a:cisco:firesight_system_software:6.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "55D52DB0-4441-41C9-900E-DE917B0CBC91"}, {"criteria": "cpe:2.3:a:cisco:firesight_system_software:6.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DC5565FE-174C-41C7-9462-9138BB31507D"}], "operator": "OR"}]}], "sourceIdentifier": "ykramarz@cisco.com"}