Details of VAR-201607-0424

ID

VAR-201607-0424

CVE

CVE-2016-1443

TITLE

Cisco AMP Threat Grid Vulnerabilities that bypass the sandbox protection mechanism in the virtual network stack of appliance devices

Trust: 0.8

sources: JVNDB: JVNDB-2016-003510

DESCRIPTION

The virtual network stack on Cisco AMP Threat Grid Appliance devices before 2.1.1 allows remote attackers to bypass a sandbox protection mechanism, and consequently obtain sensitive interprocess information or modify interprocess data, via a crafted malware sample. Supplementary information : CWE Vulnerability type by CWE-254: Security Features ( Security function ) Has been identified. Cisco AMP Threat Grid Appliance is prone to an unauthorized-access vulnerability. Attackers can exploit this issue to gain unauthorized access to the affected application. This may aid in further attacks. Cisco AMP Threat Grid Appliance running software versions prior to 2.1.1 are vulnerable. The solution can help enterprises analyze the behavior and intent of malware, the impact of threats, and defense methods

Trust: 1.98

sources: NVD: CVE-2016-1443 // JVNDB: JVNDB-2016-003510 // BID: 91610 // VULHUB: VHN-90262

AFFECTED PRODUCTS

vendor:	cisco	model:	amp threat grid appliance	scope:	eq	version:	1.4.5	Trust: 1.6
vendor:	cisco	model:	amp threat grid appliance	scope:	eq	version:	1.4.1	Trust: 1.6
vendor:	cisco	model:	amp threat grid appliance	scope:	eq	version:	1.4.2	Trust: 1.6
vendor:	cisco	model:	amp threat grid appliance	scope:	eq	version:	1.2.1	Trust: 1.6
vendor:	cisco	model:	amp threat grid appliance	scope:	eq	version:	1.2	Trust: 1.0
vendor:	cisco	model:	amp threat grid appliance	scope:	eq	version:	2.0.4	Trust: 1.0
vendor:	cisco	model:	amp threat grid appliance	scope:	eq	version:	1.4.3	Trust: 1.0
vendor:	cisco	model:	amp threat grid appliance	scope:	eq	version:	2.0.1	Trust: 1.0
vendor:	cisco	model:	amp threat grid appliance	scope:	eq	version:	2.0.2	Trust: 1.0
vendor:	cisco	model:	amp threat grid appliance	scope:	eq	version:	1.1	Trust: 1.0
vendor:	cisco	model:	amp threat grid appliance	scope:	eq	version:	1.4.4	Trust: 1.0
vendor:	cisco	model:	amp threat grid appliance	scope:	eq	version:	1.3	Trust: 1.0
vendor:	cisco	model:	amp threat grid appliance	scope:	eq	version:	2.1	Trust: 1.0
vendor:	cisco	model:	amp threat grid appliance	scope:	eq	version:	2.0.3	Trust: 1.0
vendor:	cisco	model:	amp threat grid appliance	scope:	eq	version:	2.0	Trust: 1.0
vendor:	cisco	model:	amp threat grid appliance	scope:	eq	version:	1.4.6	Trust: 1.0
vendor:	cisco	model:	amp threat grid appliance	scope:	eq	version:	1.0	Trust: 1.0
vendor:	cisco	model:	amp threat grid appliance	scope:	eq	version:	1.4	Trust: 1.0
vendor:	cisco	model:	amp threat grid the appliance software	scope:	lt	version:	2.1.1	Trust: 0.8
vendor:	cisco	model:	amp threat grid appliance	scope:	eq	version:	1.4_base	Trust: 0.6
vendor:	cisco	model:	amp threat grid appliance	scope:	eq	version:	1.1_base	Trust: 0.6
vendor:	cisco	model:	amp threat grid appliance	scope:	eq	version:	1.2_base	Trust: 0.6
vendor:	cisco	model:	amp threat grid appliance	scope:	eq	version:	1.3_base	Trust: 0.6
vendor:	cisco	model:	amp threat grid appliance	scope:	eq	version:	2.1_base	Trust: 0.6
vendor:	cisco	model:	amp threat grid appliance	scope:	eq	version:	1.0_base	Trust: 0.6
vendor:	cisco	model:	amp threat grid appliance	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	amp threat grid appliance	scope:	ne	version:	2.1.1	Trust: 0.3

sources: BID: 91610 // JVNDB: JVNDB-2016-003510 // CNNVD: CNNVD-201607-035 // NVD: CVE-2016-1443

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-1443
value:	HIGH
Trust: 1.0
NVD:	CVE-2016-1443
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201607-035
value:	HIGH
Trust: 0.6
VULHUB:	VHN-90262
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2016-1443
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-90262
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2016-1443
baseSeverity:	HIGH
baseScore:	8.1
vectorString:	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.2
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2016-1443
baseSeverity:	HIGH
baseScore:	8.1
vectorString:	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-90262 // JVNDB: JVNDB-2016-003510 // CNNVD: CNNVD-201607-035 // NVD: CVE-2016-1443

PROBLEMTYPE DATA

problemtype:	CWE-254	Trust: 1.1
problemtype:	CWE-Other	Trust: 0.8

sources: VULHUB: VHN-90262 // JVNDB: JVNDB-2016-003510 // NVD: CVE-2016-1443

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201607-035

TYPE

security feature problem

Trust: 0.6

sources: CNNVD: CNNVD-201607-035

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-003510

PATCH

title:	cisco-sa-20160706-tg	url:	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160706-tg	Trust: 0.8
title:	Cisco AMP Threat Grid Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=62627	Trust: 0.6

sources: JVNDB: JVNDB-2016-003510 // CNNVD: CNNVD-201607-035

EXTERNAL IDS

db:	NVD	id:	CVE-2016-1443	Trust: 2.8
db:	JVNDB	id:	JVNDB-2016-003510	Trust: 0.8
db:	CNNVD	id:	CNNVD-201607-035	Trust: 0.7
db:	BID	id:	91610	Trust: 0.4
db:	VULHUB	id:	VHN-90262	Trust: 0.1

sources: VULHUB: VHN-90262 // BID: 91610 // JVNDB: JVNDB-2016-003510 // CNNVD: CNNVD-201607-035 // NVD: CVE-2016-1443

REFERENCES

url:	http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160706-tg	Trust: 2.0
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1443	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1443	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3

sources: VULHUB: VHN-90262 // BID: 91610 // JVNDB: JVNDB-2016-003510 // CNNVD: CNNVD-201607-035 // NVD: CVE-2016-1443

CREDITS

This vulnerability was found duringinternal security tests.

Trust: 0.6

sources: CNNVD: CNNVD-201607-035

SOURCES

db:	VULHUB	id:	VHN-90262
db:	BID	id:	91610
db:	JVNDB	id:	JVNDB-2016-003510
db:	CNNVD	id:	CNNVD-201607-035
db:	NVD	id:	CVE-2016-1443

LAST UPDATE DATE

2025-04-13T23:17:53.641000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-90262	date:	2019-11-14T00:00:00
db:	BID	id:	91610	date:	2016-07-06T00:00:00
db:	JVNDB	id:	JVNDB-2016-003510	date:	2016-07-12T00:00:00
db:	CNNVD	id:	CNNVD-201607-035	date:	2019-11-15T00:00:00
db:	NVD	id:	CVE-2016-1443	date:	2025-04-12T10:46:40.837

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-90262	date:	2016-07-07T00:00:00
db:	BID	id:	91610	date:	2016-07-06T00:00:00
db:	JVNDB	id:	JVNDB-2016-003510	date:	2016-07-12T00:00:00
db:	CNNVD	id:	CNNVD-201607-035	date:	2016-07-07T00:00:00
db:	NVD	id:	CVE-2016-1443	date:	2016-07-07T14:59:04.313