Details of VAR-201704-0488

ID

VAR-201704-0488

CVE

CVE-2016-9196

TITLE

plural Cisco Aironet Vulnerabilities related to authorization, authority, and access control in the platform

Trust: 0.8

sources: JVNDB: JVNDB-2016-008289

DESCRIPTION

A vulnerability in login authentication management in Cisco Aironet 1800, 2800, and 3800 Series Access Point platforms could allow an authenticated, local attacker to gain unrestricted root access to the underlying Linux operating system. The root Linux shell is provided for advanced troubleshooting and should not be available to individual users, even those with root privileges. The attacker must have the root password to exploit this vulnerability. More Information: CSCvb13893. Known Affected Releases: 8.2(121.0) 8.3(102.0). Known Fixed Releases: 8.4(1.53) 8.4(1.52) 8.3(111.0) 8.3(104.23) 8.2(130.0) 8.2(124.1). Cisco Aironet 1800 , 2800 ,and 3800 Series platform contains vulnerabilities related to authorization, permissions, and access control. Vendors have confirmed this vulnerability Bug ID CSCvb13893 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) An attack may be carried out. Cisco Aironet AccessPoints is a set of wireless access point devices from Cisco. A local privilege elevation vulnerability exists in the Cisco Aironet AccessPoints platform. This issue is being tracked by Cisco Bug ID CSCvb13893. The vulnerability is caused by the program not properly managing user credentials

Trust: 2.52

sources: NVD: CVE-2016-9196 // JVNDB: JVNDB-2016-008289 // CNVD: CNVD-2017-05164 // BID: 97468 // VULHUB: VHN-98016

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2017-05164

AFFECTED PRODUCTS

vendor:	cisco	model:	aironet access point	scope:	eq	version:	8.2_base	Trust: 1.6
vendor:	cisco	model:	aironet access point	scope:	eq	version:	8.1\(112.3\)	Trust: 1.6
vendor:	cisco	model:	aironet access point	scope:	eq	version:	8.2\(100.0\)	Trust: 1.6
vendor:	cisco	model:	aironet access point	scope:	eq	version:	8.2\(102.43\)	Trust: 1.6
vendor:	cisco	model:	aironet access point	scope:	eq	version:	8.1\(131.0\)	Trust: 1.6
vendor:	cisco	model:	aironet access point	scope:	eq	version:	8.1\(15.14\)	Trust: 1.6
vendor:	cisco	model:	aironet access point	scope:	eq	version:	8.1\(112.4\)	Trust: 1.6
vendor:	cisco	model:	aironet access point software	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	aironet series access points	scope:	eq	version:	1800	Trust: 0.6
vendor:	cisco	model:	aironet series access points	scope:	eq	version:	2800	Trust: 0.6
vendor:	cisco	model:	aironet series access points	scope:	eq	version:	38000	Trust: 0.3
vendor:	cisco	model:	aironet series access points	scope:	eq	version:	28000	Trust: 0.3
vendor:	cisco	model:	aironet series access points	scope:	eq	version:	18000	Trust: 0.3

sources: CNVD: CNVD-2017-05164 // BID: 97468 // JVNDB: JVNDB-2016-008289 // NVD: CVE-2016-9196 // CNNVD: CNNVD-201704-442

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD:	CVE-2016-9196
value:	MEDIUM
Trust: 1.8
CNVD:	CNVD-2017-05164
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201704-442
value:	HIGH
Trust: 0.6
VULHUB:	VHN-98016
value:	HIGH
Trust: 0.1

NVD:
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	FALSE
obtainAllPrivilege:	TRUE
obtainUserPrivilege:	FALSE
obtainOtherPrivilege:	FALSE
userInteractionRequired:	FALSE
version:	2.0
Trust: 1.0
NVD:	CVE-2016-9196
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
CNVD:	CNVD-2017-05164
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-98016
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

NVD:
baseSeverity:	MEDIUM
baseScore:	6.7
vectorString:	CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	0.8
impactScore:	5.9
version:	3.0
Trust: 1.0
NVD:	CVE-2016-9196
baseSeverity:	MEDIUM
baseScore:	6.7
vectorString:	CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2017-05164 // VULHUB: VHN-98016 // JVNDB: JVNDB-2016-008289 // NVD: CVE-2016-9196 // CNNVD: CNNVD-201704-442

PROBLEMTYPE DATA

problemtype:

CWE-264

Trust: 1.9

sources: VULHUB: VHN-98016 // JVNDB: JVNDB-2016-008289 // NVD: CVE-2016-9196

THREAT TYPE

local

Trust: 0.9

sources: BID: 97468 // CNNVD: CNNVD-201704-442

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201704-442

CONFIGURATIONS

sources: NVD: CVE-2016-9196

PATCH

title:	cisco-sa-20170405-aironet	url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170405-aironet	Trust: 0.8
title:	Patch for CiscoAironetAccessPoints Local Privilege Escalation Vulnerability	url:	https://www.cnvd.org.cn/patchinfo/show/92338	Trust: 0.6
title:	Cisco Aironet 1800 , 2800 and 3800 Series Access Point platforms Fixes for permission permissions and access control vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=75147	Trust: 0.6

sources: CNVD: CNVD-2017-05164 // JVNDB: JVNDB-2016-008289 // CNNVD: CNNVD-201704-442

EXTERNAL IDS

db:	NVD	id:	CVE-2016-9196	Trust: 3.4
db:	BID	id:	97468	Trust: 2.0
db:	SECTRACK	id:	1038187	Trust: 1.7
db:	JVNDB	id:	JVNDB-2016-008289	Trust: 0.8
db:	CNNVD	id:	CNNVD-201704-442	Trust: 0.7
db:	CNVD	id:	CNVD-2017-05164	Trust: 0.6
db:	NSFOCUS	id:	36323	Trust: 0.6
db:	VULHUB	id:	VHN-98016	Trust: 0.1

sources: CNVD: CNVD-2017-05164 // VULHUB: VHN-98016 // BID: 97468 // JVNDB: JVNDB-2016-008289 // NVD: CVE-2016-9196 // CNNVD: CNNVD-201704-442

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170405-aironet	Trust: 2.0
url:	http://www.securityfocus.com/bid/97468	Trust: 1.1
url:	http://www.securitytracker.com/id/1038187	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-9196	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2016-9196	Trust: 0.8
url:	http://securitytracker.com/id/1038187	Trust: 0.6
url:	http://www.nsfocus.net/vulndb/36323	Trust: 0.6
url:	http://www.cisco.com	Trust: 0.3

sources: CNVD: CNVD-2017-05164 // VULHUB: VHN-98016 // BID: 97468 // JVNDB: JVNDB-2016-008289 // NVD: CVE-2016-9196 // CNNVD: CNNVD-201704-442

CREDITS

Reuben Farrelly

Trust: 0.3

sources: BID: 97468

SOURCES

db:	CNVD	id:	CNVD-2017-05164
db:	VULHUB	id:	VHN-98016
db:	BID	id:	97468
db:	JVNDB	id:	JVNDB-2016-008289
db:	NVD	id:	CVE-2016-9196
db:	CNNVD	id:	CNNVD-201704-442

LAST UPDATE DATE

2023-12-18T12:37:29.337000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2017-05164	date:	2017-04-24T00:00:00
db:	VULHUB	id:	VHN-98016	date:	2017-07-12T00:00:00
db:	BID	id:	97468	date:	2017-04-11T00:03:00
db:	JVNDB	id:	JVNDB-2016-008289	date:	2017-05-12T00:00:00
db:	NVD	id:	CVE-2016-9196	date:	2017-07-12T01:29:03.207
db:	CNNVD	id:	CNNVD-201704-442	date:	2017-10-09T00:00:00

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2017-05164	date:	2017-04-21T00:00:00
db:	VULHUB	id:	VHN-98016	date:	2017-04-07T00:00:00
db:	BID	id:	97468	date:	2017-04-05T00:00:00
db:	JVNDB	id:	JVNDB-2016-008289	date:	2017-05-12T00:00:00
db:	NVD	id:	CVE-2016-9196	date:	2017-04-07T17:59:00.230
db:	CNNVD	id:	CNNVD-201704-442	date:	2017-04-07T00:00:00