Lucene search

CiscoCVE-2016-6431

HistoryOct 27, 2016 - 9:59 p.m.

CVE-2016-6431

2016-10-2721:59:05

CWE-20

cisco

web.nvd.nist.gov

cisco asa

vulnerability

remote attacker

system reload

crafted packets

certificate authority

https

nvd

CVSS2

7.1

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.003

Percentile

65.6%

JSON

A vulnerability in the local Certificate Authority (CA) feature of Cisco ASA Software before 9.6(1.5) could allow an unauthenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to improper handling of crafted packets during the enrollment operation. An attacker could exploit this vulnerability by sending a crafted enrollment request to the affected system. An exploit could allow the attacker to cause the reload of the affected system. Note: Only HTTPS packets directed to the Cisco ASA interface, where the local CA is allowing user enrollment, can be used to trigger this vulnerability. This vulnerability affects systems configured in routed firewall mode and in single or multiple context mode.

Affected configurations

Nvd

Node

ciscoadaptive_security_appliance_softwareMatch8.0.2.11

ciscoadaptive_security_appliance_softwareMatch8.0.2.15

ciscoadaptive_security_appliance_softwareMatch8.0.3

ciscoadaptive_security_appliance_softwareMatch8.0.3.6

ciscoadaptive_security_appliance_softwareMatch8.0.3.12

ciscoadaptive_security_appliance_softwareMatch8.0.3.19

ciscoadaptive_security_appliance_softwareMatch8.0.4

ciscoadaptive_security_appliance_softwareMatch8.0.4.3

ciscoadaptive_security_appliance_softwareMatch8.0.4.9

ciscoadaptive_security_appliance_softwareMatch8.0.4.16

ciscoadaptive_security_appliance_softwareMatch8.0.4.23

ciscoadaptive_security_appliance_softwareMatch8.0.4.25

ciscoadaptive_security_appliance_softwareMatch8.0.4.28

ciscoadaptive_security_appliance_softwareMatch8.0.4.31

ciscoadaptive_security_appliance_softwareMatch8.0.4.32

ciscoadaptive_security_appliance_softwareMatch8.0.4.33

ciscoadaptive_security_appliance_softwareMatch8.0.5

ciscoadaptive_security_appliance_softwareMatch8.0.5.20

ciscoadaptive_security_appliance_softwareMatch8.0.5.23

ciscoadaptive_security_appliance_softwareMatch8.0.5.25

ciscoadaptive_security_appliance_softwareMatch8.0.5.27

ciscoadaptive_security_appliance_softwareMatch8.0.5.28

ciscoadaptive_security_appliance_softwareMatch8.0.5.31

ciscoadaptive_security_appliance_softwareMatch8.1.0.104

ciscoadaptive_security_appliance_softwareMatch8.1.1

ciscoadaptive_security_appliance_softwareMatch8.1.1.6

ciscoadaptive_security_appliance_softwareMatch8.1.2

ciscoadaptive_security_appliance_softwareMatch8.1.2.13

ciscoadaptive_security_appliance_softwareMatch8.1.2.15

ciscoadaptive_security_appliance_softwareMatch8.1.2.16

ciscoadaptive_security_appliance_softwareMatch8.1.2.19

ciscoadaptive_security_appliance_softwareMatch8.1.2.23

ciscoadaptive_security_appliance_softwareMatch8.1.2.24

ciscoadaptive_security_appliance_softwareMatch8.1.2.49

ciscoadaptive_security_appliance_softwareMatch8.1.2.50

ciscoadaptive_security_appliance_softwareMatch8.1.2.55

ciscoadaptive_security_appliance_softwareMatch8.1.2.56

ciscoadaptive_security_appliance_softwareMatch8.2.0.45

ciscoadaptive_security_appliance_softwareMatch8.2.1

ciscoadaptive_security_appliance_softwareMatch8.2.1.11

ciscoadaptive_security_appliance_softwareMatch8.2.2

ciscoadaptive_security_appliance_softwareMatch8.2.2.9

ciscoadaptive_security_appliance_softwareMatch8.2.2.10

ciscoadaptive_security_appliance_softwareMatch8.2.2.12

ciscoadaptive_security_appliance_softwareMatch8.2.2.16

ciscoadaptive_security_appliance_softwareMatch8.2.2.17

ciscoadaptive_security_appliance_softwareMatch8.2.3

ciscoadaptive_security_appliance_softwareMatch8.2.4

ciscoadaptive_security_appliance_softwareMatch8.2.4.1

ciscoadaptive_security_appliance_softwareMatch8.2.4.4

ciscoadaptive_security_appliance_softwareMatch8.2.5

ciscoadaptive_security_appliance_softwareMatch8.2.5.13

ciscoadaptive_security_appliance_softwareMatch8.2.5.22

ciscoadaptive_security_appliance_softwareMatch8.2.5.26

ciscoadaptive_security_appliance_softwareMatch8.2.5.33

ciscoadaptive_security_appliance_softwareMatch8.2.5.40

ciscoadaptive_security_appliance_softwareMatch8.2.5.41

ciscoadaptive_security_appliance_softwareMatch8.2.5.46

ciscoadaptive_security_appliance_softwareMatch8.2.5.48

ciscoadaptive_security_appliance_softwareMatch8.2.5.50

ciscoadaptive_security_appliance_softwareMatch8.2.5.52

ciscoadaptive_security_appliance_softwareMatch8.2.5.55

ciscoadaptive_security_appliance_softwareMatch8.2.5.57

ciscoadaptive_security_appliance_softwareMatch8.2.5.59

ciscoadaptive_security_appliance_softwareMatch8.3.1

ciscoadaptive_security_appliance_softwareMatch8.3.1.1

ciscoadaptive_security_appliance_softwareMatch8.3.1.4

ciscoadaptive_security_appliance_softwareMatch8.3.1.6

ciscoadaptive_security_appliance_softwareMatch8.3.2

ciscoadaptive_security_appliance_softwareMatch8.3.2.4

ciscoadaptive_security_appliance_softwareMatch8.3.2.13

ciscoadaptive_security_appliance_softwareMatch8.3.2.23

ciscoadaptive_security_appliance_softwareMatch8.3.2.25

ciscoadaptive_security_appliance_softwareMatch8.3.2.31

ciscoadaptive_security_appliance_softwareMatch8.3.2.33

ciscoadaptive_security_appliance_softwareMatch8.3.2.34

ciscoadaptive_security_appliance_softwareMatch8.3.2.37

ciscoadaptive_security_appliance_softwareMatch8.3.2.39

ciscoadaptive_security_appliance_softwareMatch8.3.2.40

ciscoadaptive_security_appliance_softwareMatch8.3.2.41

ciscoadaptive_security_appliance_softwareMatch8.3.2.44

ciscoadaptive_security_appliance_softwareMatch8.4.0

ciscoadaptive_security_appliance_softwareMatch8.4.1

ciscoadaptive_security_appliance_softwareMatch8.4.1.3

ciscoadaptive_security_appliance_softwareMatch8.4.1.11

ciscoadaptive_security_appliance_softwareMatch8.4.2

ciscoadaptive_security_appliance_softwareMatch8.4.2.1

ciscoadaptive_security_appliance_softwareMatch8.4.2.8

ciscoadaptive_security_appliance_softwareMatch8.4.3

ciscoadaptive_security_appliance_softwareMatch8.4.3.8

ciscoadaptive_security_appliance_softwareMatch8.4.3.9

ciscoadaptive_security_appliance_softwareMatch8.4.4

ciscoadaptive_security_appliance_softwareMatch8.4.4.1

ciscoadaptive_security_appliance_softwareMatch8.4.4.3

ciscoadaptive_security_appliance_softwareMatch8.4.4.5

ciscoadaptive_security_appliance_softwareMatch8.4.4.9

ciscoadaptive_security_appliance_softwareMatch8.4.5

ciscoadaptive_security_appliance_softwareMatch8.4.5.6

ciscoadaptive_security_appliance_softwareMatch8.4.6

ciscoadaptive_security_appliance_softwareMatch8.4.7

ciscoadaptive_security_appliance_softwareMatch8.4.7.3

ciscoadaptive_security_appliance_softwareMatch8.4.7.15

ciscoadaptive_security_appliance_softwareMatch8.4.7.22

ciscoadaptive_security_appliance_softwareMatch8.4.7.23

ciscoadaptive_security_appliance_softwareMatch8.4.7.26

ciscoadaptive_security_appliance_softwareMatch8.4.7.28

ciscoadaptive_security_appliance_softwareMatch8.4.7.29

ciscoadaptive_security_appliance_softwareMatch8.6.1

ciscoadaptive_security_appliance_softwareMatch8.6.1.1

ciscoadaptive_security_appliance_softwareMatch8.6.1.2

ciscoadaptive_security_appliance_softwareMatch8.6.1.5

ciscoadaptive_security_appliance_softwareMatch8.6.1.10

ciscoadaptive_security_appliance_softwareMatch8.6.1.12

ciscoadaptive_security_appliance_softwareMatch8.6.1.13

ciscoadaptive_security_appliance_softwareMatch8.6.1.14

ciscoadaptive_security_appliance_softwareMatch8.6.1.17

ciscoadaptive_security_appliance_softwareMatch9.0.1

ciscoadaptive_security_appliance_softwareMatch9.0.2

ciscoadaptive_security_appliance_softwareMatch9.0.2.10

ciscoadaptive_security_appliance_softwareMatch9.0.3

ciscoadaptive_security_appliance_softwareMatch9.0.3.6

ciscoadaptive_security_appliance_softwareMatch9.0.3.8

ciscoadaptive_security_appliance_softwareMatch9.0.4

ciscoadaptive_security_appliance_softwareMatch9.0.4.1

ciscoadaptive_security_appliance_softwareMatch9.0.4.5

ciscoadaptive_security_appliance_softwareMatch9.0.4.7

ciscoadaptive_security_appliance_softwareMatch9.0.4.17

ciscoadaptive_security_appliance_softwareMatch9.0.4.20

ciscoadaptive_security_appliance_softwareMatch9.0.4.24

ciscoadaptive_security_appliance_softwareMatch9.0.4.26

ciscoadaptive_security_appliance_softwareMatch9.0.4.29

ciscoadaptive_security_appliance_softwareMatch9.0.4.33

ciscoadaptive_security_appliance_softwareMatch9.0.4.35

ciscoadaptive_security_appliance_softwareMatch9.0.4.37

ciscoadaptive_security_appliance_softwareMatch9.0.4.40

ciscoadaptive_security_appliance_softwareMatch9.1\(7\)4

ciscoadaptive_security_appliance_softwareMatch9.1\(7\)6

ciscoadaptive_security_appliance_softwareMatch9.1.1

ciscoadaptive_security_appliance_softwareMatch9.1.1.4

ciscoadaptive_security_appliance_softwareMatch9.1.2

ciscoadaptive_security_appliance_softwareMatch9.1.2.8

ciscoadaptive_security_appliance_softwareMatch9.1.3

ciscoadaptive_security_appliance_softwareMatch9.1.3.2

ciscoadaptive_security_appliance_softwareMatch9.1.4

ciscoadaptive_security_appliance_softwareMatch9.1.4.5

ciscoadaptive_security_appliance_softwareMatch9.1.5

ciscoadaptive_security_appliance_softwareMatch9.1.5.10

ciscoadaptive_security_appliance_softwareMatch9.1.5.12

ciscoadaptive_security_appliance_softwareMatch9.1.5.15

ciscoadaptive_security_appliance_softwareMatch9.1.5.21

ciscoadaptive_security_appliance_softwareMatch9.1.6

ciscoadaptive_security_appliance_softwareMatch9.1.6.1

ciscoadaptive_security_appliance_softwareMatch9.1.6.4

ciscoadaptive_security_appliance_softwareMatch9.1.6.6

ciscoadaptive_security_appliance_softwareMatch9.1.6.8

ciscoadaptive_security_appliance_softwareMatch9.1.6.10

ciscoadaptive_security_appliance_softwareMatch9.2\(0.0\)

ciscoadaptive_security_appliance_softwareMatch9.2\(0.104\)

ciscoadaptive_security_appliance_softwareMatch9.2\(3.1\)

ciscoadaptive_security_appliance_softwareMatch9.2.1

ciscoadaptive_security_appliance_softwareMatch9.2.2

ciscoadaptive_security_appliance_softwareMatch9.2.2.4

ciscoadaptive_security_appliance_softwareMatch9.2.2.7

ciscoadaptive_security_appliance_softwareMatch9.2.2.8

ciscoadaptive_security_appliance_softwareMatch9.2.3

ciscoadaptive_security_appliance_softwareMatch9.2.3.3

ciscoadaptive_security_appliance_softwareMatch9.2.3.4

ciscoadaptive_security_appliance_softwareMatch9.2.4

ciscoadaptive_security_appliance_softwareMatch9.2.4.2

ciscoadaptive_security_appliance_softwareMatch9.2.4.4

ciscoadaptive_security_appliance_softwareMatch9.2.4.8

ciscoadaptive_security_appliance_softwareMatch9.2.4.10

ciscoadaptive_security_appliance_softwareMatch9.3\(1.50\)

ciscoadaptive_security_appliance_softwareMatch9.3\(1.105\)

ciscoadaptive_security_appliance_softwareMatch9.3\(2.100\)

ciscoadaptive_security_appliance_softwareMatch9.3\(2.243\)

ciscoadaptive_security_appliance_softwareMatch9.3.1

ciscoadaptive_security_appliance_softwareMatch9.3.1.1

ciscoadaptive_security_appliance_softwareMatch9.3.2

ciscoadaptive_security_appliance_softwareMatch9.3.2.2

ciscoadaptive_security_appliance_softwareMatch9.3.3

ciscoadaptive_security_appliance_softwareMatch9.3.3.1

ciscoadaptive_security_appliance_softwareMatch9.3.3.2

ciscoadaptive_security_appliance_softwareMatch9.3.3.5

ciscoadaptive_security_appliance_softwareMatch9.3.3.6

ciscoadaptive_security_appliance_softwareMatch9.3.3.9

ciscoadaptive_security_appliance_softwareMatch9.3.3.10

ciscoadaptive_security_appliance_softwareMatch9.4.0.115

ciscoadaptive_security_appliance_softwareMatch9.4.1

ciscoadaptive_security_appliance_softwareMatch9.4.1.1

ciscoadaptive_security_appliance_softwareMatch9.4.1.2

ciscoadaptive_security_appliance_softwareMatch9.4.1.3

ciscoadaptive_security_appliance_softwareMatch9.4.1.5

ciscoadaptive_security_appliance_softwareMatch9.4.2

ciscoadaptive_security_appliance_softwareMatch9.4.2.3

ciscoadaptive_security_appliance_softwareMatch9.4.3

ciscoadaptive_security_appliance_softwareMatch9.4.3.3

ciscoadaptive_security_appliance_softwareMatch9.4.3.4

ciscoadaptive_security_appliance_softwareMatch9.5.1

ciscoadaptive_security_appliance_softwareMatch9.5.2

ciscoadaptive_security_appliance_softwareMatch9.5.2.6

ciscoadaptive_security_appliance_softwareMatch9.5.2.10

ciscoadaptive_security_appliance_softwareMatch9.5.2.14

ciscoadaptive_security_appliance_softwareMatch9.6.0

ciscoadaptive_security_appliance_softwareMatch9.6.1

ciscoadaptive_security_appliance_softwareMatch9.6.1.3

VendorProductVersionCPE
ciscoadaptive_security_appliance_software8.0.2.11cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.2.11:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software8.0.2.15cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.2.15:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software8.0.3cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.3:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software8.0.3.6cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.3.6:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software8.0.3.12cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.3.12:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software8.0.3.19cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.3.19:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software8.0.4cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.4:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software8.0.4.3cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.4.3:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software8.0.4.9cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.4.9:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software8.0.4.16cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.4.16:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	adaptive_security_appliance_software	8.0.2.11	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.2.11:::::::*
cisco	adaptive_security_appliance_software	8.0.2.15	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.2.15:::::::*
cisco	adaptive_security_appliance_software	8.0.3	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.3:::::::*
cisco	adaptive_security_appliance_software	8.0.3.6	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.3.6:::::::*
cisco	adaptive_security_appliance_software	8.0.3.12	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.3.12:::::::*
cisco	adaptive_security_appliance_software	8.0.3.19	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.3.19:::::::*
cisco	adaptive_security_appliance_software	8.0.4	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.4:::::::*
cisco	adaptive_security_appliance_software	8.0.4.3	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.4.3:::::::*
cisco	adaptive_security_appliance_software	8.0.4.9	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.4.9:::::::*
cisco	adaptive_security_appliance_software	8.0.4.16	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.4.16:::::::*

Rows per page:

1-10 of 2061

CNA Affected

[
  {
    "product": "Cisco ASA Software before 9.6(1.5)",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Cisco ASA Software before 9.6(1.5)"
      }
    ]
  }
]

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161019-asa-ca

www.securityfocus.com/bid/93786

www.securitytracker.com/id/1037060

Social References

CVSS2

7.1

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.003

Percentile

65.6%

JSON

Related for CVE-2016-6431