Details of VAR-201612-0371

ID

VAR-201612-0371

CVE

CVE-2016-9209

TITLE

Cisco FirePOWER System software TCP Vulnerabilities in files that are normally blocked in the process of downloading

Trust: 0.8

sources: JVNDB: JVNDB-2016-006317

DESCRIPTION

A vulnerability in TCP processing in Cisco FirePOWER system software could allow an unauthenticated, remote attacker to download files that would normally be blocked. Affected Products: The following Cisco products are vulnerable: Adaptive Security Appliance (ASA) 5500-X Series with FirePOWER Services, Advanced Malware Protection (AMP) for Networks - 7000 Series Appliances, Advanced Malware Protection (AMP) for Networks - 8000 Series Appliances, FirePOWER 7000 Series Appliances, FirePOWER 8000 Series Appliances, FirePOWER Threat Defense for Integrated Services Routers (ISRs), Next Generation Intrusion Prevention System (NGIPS) for Blue Coat X-Series, Sourcefire 3D System Appliances, Virtual Next-Generation Intrusion Prevention System (NGIPSv) for VMware. More Information: CSCvb20102. Known Affected Releases: 2.9.7.10. Multiple Cisco Products are prone to a security-bypass vulnerability. Successful exploits may allow an attacker to bypass certain security restrictions to perform unauthorized actions. This may aid in further attacks. This issue is tracked by Cisco Bug ID CSCvb20102. Cisco Firepower System Software is a next-generation firewall product (NGFW) of Cisco (Cisco). TCP is one of the network transport protocols. Remote attackers can use specially crafted HTTP to exploit this vulnerability to trick users into downloading malicious files, bypassing the malicious file protection mechanism

Trust: 1.98

sources: NVD: CVE-2016-9209 // JVNDB: JVNDB-2016-006317 // BID: 94817 // VULHUB: VHN-98029

AFFECTED PRODUCTS

vendor:	cisco	model:	firepower services for adaptive security appliance	scope:	eq	version:	5.4.1.7	Trust: 1.6
vendor:	cisco	model:	firepower services for adaptive security appliance	scope:	eq	version:	5.4.1.4	Trust: 1.6
vendor:	cisco	model:	firepower services for adaptive security appliance	scope:	eq	version:	5.4.1	Trust: 1.6
vendor:	cisco	model:	firepower services for adaptive security appliance	scope:	eq	version:	5.4.0	Trust: 1.6
vendor:	cisco	model:	firepower services for adaptive security appliance	scope:	eq	version:	5.4.1.6	Trust: 1.6
vendor:	cisco	model:	firepower services for adaptive security appliance	scope:	eq	version:	5.4.1.3	Trust: 1.6
vendor:	cisco	model:	firepower services for adaptive security appliance	scope:	eq	version:	6.1.0	Trust: 1.6
vendor:	cisco	model:	firepower services for adaptive security appliance	scope:	eq	version:	5.4.1.5	Trust: 1.6
vendor:	cisco	model:	firepower services for adaptive security appliance	scope:	eq	version:	6.0.0	Trust: 1.6
vendor:	cisco	model:	firepower services for adaptive security appliance	scope:	eq	version:	5.3.0	Trust: 1.6
vendor:	cisco	model:	firepower services for adaptive security appliance	scope:	eq	version:	6.0.1	Trust: 1.0
vendor:	cisco	model:	firepower services for adaptive security appliance	scope:	eq	version:	5.4.1.2	Trust: 1.0
vendor:	cisco	model:	firepower services for adaptive security appliance	scope:	eq	version:	5.4.1.1	Trust: 1.0
vendor:	cisco	model:	firepower services for asa	scope:	eq	version:	5.3.0	Trust: 0.8
vendor:	cisco	model:	firepower services for asa	scope:	eq	version:	5.4.0	Trust: 0.8
vendor:	cisco	model:	firepower services for asa	scope:	eq	version:	5.4.1	Trust: 0.8
vendor:	cisco	model:	firepower services for asa	scope:	eq	version:	5.4.1.1	Trust: 0.8
vendor:	cisco	model:	firepower services for asa	scope:	eq	version:	5.4.1.2	Trust: 0.8
vendor:	cisco	model:	firepower services for asa	scope:	eq	version:	5.4.1.3	Trust: 0.8
vendor:	cisco	model:	firepower services for asa	scope:	eq	version:	5.4.1.4	Trust: 0.8
vendor:	cisco	model:	firepower services for asa	scope:	eq	version:	5.4.1.5	Trust: 0.8
vendor:	cisco	model:	firepower services for asa	scope:	eq	version:	5.4.1.6	Trust: 0.8
vendor:	cisco	model:	firepower services for asa	scope:	eq	version:	5.4.1.7	Trust: 0.8
vendor:	cisco	model:	firepower services for asa	scope:	eq	version:	6.0.0	Trust: 0.8
vendor:	cisco	model:	firepower services for asa	scope:	eq	version:	6.0.1	Trust: 0.8
vendor:	cisco	model:	firepower services for asa	scope:	eq	version:	6.1.0	Trust: 0.8
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	5.3.0	Trust: 0.8
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	5.4.0	Trust: 0.8
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	5.4.1	Trust: 0.8
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	5.4.1.1	Trust: 0.8
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	5.4.1.2	Trust: 0.8
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	5.4.1.3	Trust: 0.8
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	5.4.1.4	Trust: 0.8
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	5.4.1.5	Trust: 0.8
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	5.4.1.6	Trust: 0.8
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	5.4.1.7	Trust: 0.8
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	6.0.0	Trust: 0.8
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	6.0.1	Trust: 0.8
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	6.1.0	Trust: 0.8
vendor:	cisco	model:	virtual next-generation intrusion prevention system	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	sourcefire 3d system appliances	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	next generation intrusion prevention system	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	firepower threat defense for integrated services routers	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	firepower system software	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	firepower series appliances	scope:	eq	version:	80000	Trust: 0.3
vendor:	cisco	model:	firepower series appliances	scope:	eq	version:	70000	Trust: 0.3
vendor:	cisco	model:	advanced malware protection series appliances	scope:	eq	version:	80000	Trust: 0.3
vendor:	cisco	model:	advanced malware protection series appliances	scope:	eq	version:	70000	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance series	scope:	eq	version:	5500-x0	Trust: 0.3

sources: BID: 94817 // JVNDB: JVNDB-2016-006317 // CNNVD: CNNVD-201612-219 // NVD: CVE-2016-9209

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-9209
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2016-9209
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201612-219
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-98029
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2016-9209
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-98029
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2016-9209
baseSeverity:	MEDIUM
baseScore:	4.3
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	2.8
impactScore:	1.4
version:	3.0
Trust: 1.8

sources: VULHUB: VHN-98029 // JVNDB: JVNDB-2016-006317 // CNNVD: CNNVD-201612-219 // NVD: CVE-2016-9209

PROBLEMTYPE DATA

problemtype:

CWE-254

Trust: 1.9

sources: VULHUB: VHN-98029 // JVNDB: JVNDB-2016-006317 // NVD: CVE-2016-9209

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201612-219

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-201612-219

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-006317

PATCH

title:	cisco-sa-20161207-fpwr	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-fpwr	Trust: 0.8
title:	Cisco Firepower System Software Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=66257	Trust: 0.6

sources: JVNDB: JVNDB-2016-006317 // CNNVD: CNNVD-201612-219

EXTERNAL IDS

db:	NVD	id:	CVE-2016-9209	Trust: 2.8
db:	BID	id:	94817	Trust: 1.4
db:	JVNDB	id:	JVNDB-2016-006317	Trust: 0.8
db:	CNNVD	id:	CNNVD-201612-219	Trust: 0.7
db:	VULHUB	id:	VHN-98029	Trust: 0.1

sources: VULHUB: VHN-98029 // BID: 94817 // JVNDB: JVNDB-2016-006317 // CNNVD: CNNVD-201612-219 // NVD: CVE-2016-9209

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20161207-fpwr	Trust: 2.0
url:	http://www.securityfocus.com/bid/94817	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-9209	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-9209	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3

sources: VULHUB: VHN-98029 // BID: 94817 // JVNDB: JVNDB-2016-006317 // CNNVD: CNNVD-201612-219 // NVD: CVE-2016-9209

CREDITS

The vendor reported this issue.

Trust: 0.3

sources: BID: 94817

SOURCES

db:	VULHUB	id:	VHN-98029
db:	BID	id:	94817
db:	JVNDB	id:	JVNDB-2016-006317
db:	CNNVD	id:	CNNVD-201612-219
db:	NVD	id:	CVE-2016-9209

LAST UPDATE DATE

2025-04-13T23:33:55.839000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-98029	date:	2016-12-15T00:00:00
db:	BID	id:	94817	date:	2016-12-20T01:08:00
db:	JVNDB	id:	JVNDB-2016-006317	date:	2016-12-21T00:00:00
db:	CNNVD	id:	CNNVD-201612-219	date:	2016-12-12T00:00:00
db:	NVD	id:	CVE-2016-9209	date:	2025-04-12T10:46:40.837

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-98029	date:	2016-12-14T00:00:00
db:	BID	id:	94817	date:	2016-12-07T00:00:00
db:	JVNDB	id:	JVNDB-2016-006317	date:	2016-12-21T00:00:00
db:	CNNVD	id:	CNNVD-201612-219	date:	2016-12-09T00:00:00
db:	NVD	id:	CVE-2016-9209	date:	2016-12-14T00:59:30.803