Details of VAR-201607-0006

ID

VAR-201607-0006

CVE

CVE-2016-1289

TITLE

Cisco Prime Infrastructure and Evolved Programmable Network Manager of API Vulnerable to arbitrary code execution

Trust: 0.8

sources: JVNDB: JVNDB-2016-003413

DESCRIPTION

The API in Cisco Prime Infrastructure 1.2 through 3.0 and Evolved Programmable Network Manager (EPNM) 1.2 allows remote attackers to execute arbitrary code or obtain sensitive management information via a crafted HTTP request, as demonstrated by discovering managed-device credentials, aka Bug ID CSCuy10231. Multiple Cisco Products are prone to an authentication-bypass vulnerability. Attackers can exploit this issue to upload malicious code on the server or disclose sensitive information. This issue is being tracked by Cisco Bug ID's CSCuv56851 CSCuy10231 CSCuz01475 and CSCuz01505. PI is a set of wireless management solutions through Cisco Prime LAN Management Solution (LMS) and Cisco Prime Network Control System (NCS) technologies; EPNM is a set of network management solutions. A security vulnerability exists in the APIs of Cisco PI and EPNM

Trust: 1.98

sources: NVD: CVE-2016-1289 // JVNDB: JVNDB-2016-003413 // BID: 91504 // VULHUB: VHN-90108

AFFECTED PRODUCTS

vendor:	cisco	model:	prime infrastructure	scope:	eq	version:	1.2.1	Trust: 1.6
vendor:	cisco	model:	prime infrastructure	scope:	eq	version:	2.1.0	Trust: 1.6
vendor:	cisco	model:	prime infrastructure	scope:	eq	version:	1.3.0.20	Trust: 1.6
vendor:	cisco	model:	evolved programmable network manager	scope:	eq	version:	1.2.0	Trust: 1.6
vendor:	cisco	model:	prime infrastructure	scope:	eq	version:	1.4.0.45	Trust: 1.6
vendor:	cisco	model:	prime infrastructure	scope:	eq	version:	1.4.1	Trust: 1.6
vendor:	cisco	model:	prime infrastructure	scope:	eq	version:	2.0	Trust: 1.0
vendor:	cisco	model:	prime infrastructure	scope:	eq	version:	1.3	Trust: 1.0
vendor:	cisco	model:	prime infrastructure	scope:	eq	version:	2.2\(2\)	Trust: 1.0
vendor:	cisco	model:	prime infrastructure	scope:	eq	version:	1.4.2	Trust: 1.0
vendor:	cisco	model:	prime infrastructure	scope:	eq	version:	1.2	Trust: 1.0
vendor:	cisco	model:	prime infrastructure	scope:	eq	version:	2.2	Trust: 1.0
vendor:	cisco	model:	prime infrastructure	scope:	eq	version:	1.4	Trust: 1.0
vendor:	cisco	model:	prime infrastructure	scope:	eq	version:	1.2.0.103	Trust: 1.0
vendor:	cisco	model:	evolved programmable network manager	scope:	eq	version:	1.2	Trust: 0.8
vendor:	cisco	model:	prime infrastructure	scope:	eq	version:	1.2 to 3.0	Trust: 0.8
vendor:	cisco	model:	prime infrastructure	scope:	eq	version:	1.4.0	Trust: 0.6
vendor:	cisco	model:	prime infrastructure	scope:	eq	version:	1.3.0	Trust: 0.6
vendor:	cisco	model:	prime infrastructure	scope:	eq	version:	1.2.0	Trust: 0.6
vendor:	cisco	model:	prime infrastructure	scope:	eq	version:	2.0.0	Trust: 0.6

sources: JVNDB: JVNDB-2016-003413 // NVD: CVE-2016-1289 // CNNVD: CNNVD-201606-654

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD:	CVE-2016-1289
value:	CRITICAL
Trust: 1.8
CNNVD:	CNNVD-201606-654
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-90108
value:	HIGH
Trust: 0.1

NVD:
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	FALSE
obtainAllPrivilege:	FALSE
obtainUserPrivilege:	FALSE
obtainOtherPrivilege:	FALSE
userInteractionRequired:	FALSE
version:	2.0
Trust: 1.0
NVD:	CVE-2016-1289
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
VULHUB:	VHN-90108
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

NVD:
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.0
Trust: 1.0
NVD:	CVE-2016-1289
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-90108 // JVNDB: JVNDB-2016-003413 // NVD: CVE-2016-1289 // CNNVD: CNNVD-201606-654

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.9

sources: VULHUB: VHN-90108 // JVNDB: JVNDB-2016-003413 // NVD: CVE-2016-1289

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201606-654

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201606-654

CONFIGURATIONS

sources: NVD: CVE-2016-1289

PATCH

title:	cisco-sa-20160629-piauthbypass	url:	http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160629-piauthbypass	Trust: 0.8
title:	Cisco Prime Infrastructure and Evolved Programmable Network Manager API Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=62563	Trust: 0.6

sources: JVNDB: JVNDB-2016-003413 // CNNVD: CNNVD-201606-654

EXTERNAL IDS

db:	NVD	id:	CVE-2016-1289	Trust: 2.8
db:	BID	id:	91504	Trust: 2.0
db:	SECTRACK	id:	1036195	Trust: 1.7
db:	JVNDB	id:	JVNDB-2016-003413	Trust: 0.8
db:	CNNVD	id:	CNNVD-201606-654	Trust: 0.7
db:	VULHUB	id:	VHN-90108	Trust: 0.1

sources: VULHUB: VHN-90108 // BID: 91504 // JVNDB: JVNDB-2016-003413 // NVD: CVE-2016-1289 // CNNVD: CNNVD-201606-654

REFERENCES

url:	http://www.securityfocus.com/bid/91504	Trust: 1.7
url:	http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160629-piauthbypass	Trust: 1.7
url:	http://www.securitytracker.com/id/1036195	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1289	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1289	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3

sources: VULHUB: VHN-90108 // BID: 91504 // JVNDB: JVNDB-2016-003413 // NVD: CVE-2016-1289 // CNNVD: CNNVD-201606-654

CREDITS

This vulnerability was found and reported to Cisco by Daniel Jensen from Security-Assessment.com.

Trust: 0.6

sources: CNNVD: CNNVD-201606-654

SOURCES

db:	VULHUB	id:	VHN-90108
db:	BID	id:	91504
db:	JVNDB	id:	JVNDB-2016-003413
db:	NVD	id:	CVE-2016-1289
db:	CNNVD	id:	CNNVD-201606-654

LAST UPDATE DATE

2023-12-18T12:51:31.560000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-90108	date:	2019-07-29T00:00:00
db:	BID	id:	91504	date:	2016-07-06T15:10:00
db:	JVNDB	id:	JVNDB-2016-003413	date:	2016-07-06T00:00:00
db:	NVD	id:	CVE-2016-1289	date:	2019-07-29T17:47:15.557
db:	CNNVD	id:	CNNVD-201606-654	date:	2019-07-30T00:00:00

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-90108	date:	2016-07-02T00:00:00
db:	BID	id:	91504	date:	2016-06-29T00:00:00
db:	JVNDB	id:	JVNDB-2016-003413	date:	2016-07-06T00:00:00
db:	NVD	id:	CVE-2016-1289	date:	2016-07-02T14:59:06.100
db:	CNNVD	id:	CNNVD-201606-654	date:	2016-06-30T00:00:00