CVE-2016-6449

A vulnerability in the system management of certain FireAMP system processes in Cisco FireAMP Connector Endpoint software could allow an authenticated, local attacker to stop certain protected FireAMP processes without requiring a password. Stopping certain critical processes could cause a denial of service (DoS) condition, and certain security features could no longer be available. More Information: CSCvb40597. Known Affected Releases: 1.

CVSS v3 7.8 HIGH
CVSS v2.0 4.6 MEDIUM

7.8^/10

CVSS v3 : HIGH

Vector : AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

4.6^/10

CVSS v2.0 : MEDIUM

Vector : AV:L/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 3.9 / Impact : 6.4

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://www.securityfocus.com/bid/94814
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-fireamp	Vendor Advisory
http://www.securityfocus.com/bid/94814
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-fireamp	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:cisco:fireamp_connector_endpoint_software:4.4.0:::::::*
	cpe:2.3:a:cisco:fireamp_connector_endpoint_software:4.4.2.10200:::::::*

History

21 Nov 2024, 02:56

Type	Values Removed	Values Added
References	~~() http://www.securityfocus.com/bid/94814 -~~	() http://www.securityfocus.com/bid/94814 -
References	~~() https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-fireamp - Vendor Advisory~~	() https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-fireamp - Vendor Advisory

Information

Published : 2016-12-14 00:59

Updated : 2024-11-21 02:56

NVD link : CVE-2016-6449

Mitre link : CVE-2016-6449

CVE.ORG link : CVE-2016-6449

JSON object : View

Products Affected

cisco

fireamp_connector_endpoint_software

CWE

CWE-264

Permissions, Privileges, and Access Controls

{"id": "CVE-2016-6449", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.6, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2016-12-14T00:59:01.610", "references": [{"url": "http://www.securityfocus.com/bid/94814", "source": "ykramarz@cisco.com"}, {"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-fireamp", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}, {"url": "http://www.securityfocus.com/bid/94814", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-fireamp", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the system management of certain FireAMP system processes in Cisco FireAMP Connector Endpoint software could allow an authenticated, local attacker to stop certain protected FireAMP processes without requiring a password. Stopping certain critical processes could cause a denial of service (DoS) condition, and certain security features could no longer be available. More Information: CSCvb40597. Known Affected Releases: 1."}, {"lang": "es", "value": "Una vulnerabilidad en el sistema de administraci\u00f3n de ciertos procesos de sistema FireAMP en el software Cisco FireAMP Connector Endpoint puede permitir a un atacante local no autenticado parar ciertos procesos de protecci\u00f3n FireAMP sin que se requiera una contrase\u00f1a. La parada de ciertos procesos cr\u00edticos pueden provocar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) y ciertas funciones de seguridad podr\u00edan no estar disponibles M\u00e1s informaci\u00f3n: CSCvb40597. Lanzamientos Afectados Conocidos: 1."}], "lastModified": "2024-11-21T02:56:09.337", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:fireamp_connector_endpoint_software:4.4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "260D02EF-FBD0-4226-AB60-CE39DC0879C1"}, {"criteria": "cpe:2.3:a:cisco:fireamp_connector_endpoint_software:4.4.2.10200:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7C9AB74D-5A31-471A-8AB1-4EF767B0B03B"}], "operator": "OR"}]}], "sourceIdentifier": "ykramarz@cisco.com"}