Details of VAR-201704-0489

ID

VAR-201704-0489

CVE

CVE-2016-9197

TITLE

Cisco Mobility Express 2800 and 3800 series Wireless LAN Controller Vulnerabilities related to authorization, permissions, and access control

Trust: 0.8

sources: JVNDB: JVNDB-2016-008290

DESCRIPTION

A vulnerability in the CLI command parser of the Cisco Mobility Express 2800 and 3800 Series Wireless LAN Controllers could allow an authenticated, local attacker to obtain access to the underlying operating system shell with root-level privileges. More Information: CSCvb70351. Known Affected Releases: 8.3(102.0). Vendors have confirmed this vulnerability Bug ID CSCvb70351 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) An attack may be carried out. The Cisco Mobility Express 2800 and 3800 AccessPoints are wireless products based on the Mobility Express solution from Cisco. This issue is being tracked by Cisco Bug ID CSCvb70351. CLI command parser is one of the CLI (command line interface) command parsers

Trust: 2.52

sources: NVD: CVE-2016-9197 // JVNDB: JVNDB-2016-008290 // CNVD: CNVD-2017-04566 // BID: 97469 // VULHUB: VHN-98017

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2017-04566

AFFECTED PRODUCTS

vendor:	cisco	model:	mobility services engine	scope:	eq	version:	8.3.102.0	Trust: 1.6
vendor:	cisco	model:	mobility express	scope:	eq	version:	38008.3(102.0)	Trust: 0.9
vendor:	cisco	model:	mobility express	scope:	eq	version:	28008.3(102.0)	Trust: 0.9
vendor:	cisco	model:	mobility services engine	scope:	eq	version:	8.3(102.0)	Trust: 0.8

sources: CNVD: CNVD-2017-04566 // BID: 97469 // JVNDB: JVNDB-2016-008290 // NVD: CVE-2016-9197 // CNNVD: CNNVD-201704-441

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD:	CVE-2016-9197
value:	MEDIUM
Trust: 1.8
CNVD:	CNVD-2017-04566
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201704-441
value:	HIGH
Trust: 0.6
VULHUB:	VHN-98017
value:	HIGH
Trust: 0.1

NVD:
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	FALSE
obtainAllPrivilege:	TRUE
obtainUserPrivilege:	FALSE
obtainOtherPrivilege:	FALSE
userInteractionRequired:	FALSE
version:	2.0
Trust: 1.0
NVD:	CVE-2016-9197
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
CNVD:	CNVD-2017-04566
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-98017
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

NVD:
baseSeverity:	MEDIUM
baseScore:	6.7
vectorString:	CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	0.8
impactScore:	5.9
version:	3.0
Trust: 1.0
NVD:	CVE-2016-9197
baseSeverity:	MEDIUM
baseScore:	6.7
vectorString:	CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2017-04566 // VULHUB: VHN-98017 // JVNDB: JVNDB-2016-008290 // NVD: CVE-2016-9197 // CNNVD: CNNVD-201704-441

PROBLEMTYPE DATA

problemtype:

CWE-264

Trust: 1.9

sources: VULHUB: VHN-98017 // JVNDB: JVNDB-2016-008290 // NVD: CVE-2016-9197

THREAT TYPE

local

Trust: 0.9

sources: BID: 97469 // CNNVD: CNNVD-201704-441

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201704-441

CONFIGURATIONS

sources: NVD: CVE-2016-9197

PATCH

title:	cisco-sa-20170405-cme	url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170405-cme	Trust: 0.8
title:	CiscoMobilityExpress 2800 and 3800 Series Local Security Bypass Vulnerability Patch	url:	https://www.cnvd.org.cn/patchinfo/show/91872	Trust: 0.6
title:	Cisco Mobility Express 2800 and 3800 Series Wireless LAN Controllers CLI Fixes for Command Parser Permissions and Access Control Vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=73817	Trust: 0.6

sources: CNVD: CNVD-2017-04566 // JVNDB: JVNDB-2016-008290 // CNNVD: CNNVD-201704-441

EXTERNAL IDS

db:	NVD	id:	CVE-2016-9197	Trust: 3.4
db:	BID	id:	97469	Trust: 2.0
db:	JVNDB	id:	JVNDB-2016-008290	Trust: 0.8
db:	CNNVD	id:	CNNVD-201704-441	Trust: 0.7
db:	CNVD	id:	CNVD-2017-04566	Trust: 0.6
db:	NSFOCUS	id:	36319	Trust: 0.6
db:	VULHUB	id:	VHN-98017	Trust: 0.1

sources: CNVD: CNVD-2017-04566 // VULHUB: VHN-98017 // BID: 97469 // JVNDB: JVNDB-2016-008290 // NVD: CVE-2016-9197 // CNNVD: CNNVD-201704-441

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170405-cme	Trust: 2.0
url:	http://www.securityfocus.com/bid/97469	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-9197	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2016-9197	Trust: 0.8
url:	http://www.nsfocus.net/vulndb/36319	Trust: 0.6
url:	http://www.cisco.com/	Trust: 0.3

sources: CNVD: CNVD-2017-04566 // VULHUB: VHN-98017 // BID: 97469 // JVNDB: JVNDB-2016-008290 // NVD: CVE-2016-9197 // CNNVD: CNNVD-201704-441

CREDITS

The vendor reported this issue.

Trust: 0.3

sources: BID: 97469

SOURCES

db:	CNVD	id:	CNVD-2017-04566
db:	VULHUB	id:	VHN-98017
db:	BID	id:	97469
db:	JVNDB	id:	JVNDB-2016-008290
db:	NVD	id:	CVE-2016-9197
db:	CNNVD	id:	CNNVD-201704-441

LAST UPDATE DATE

2023-12-18T13:44:08.716000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2017-04566	date:	2017-04-17T00:00:00
db:	VULHUB	id:	VHN-98017	date:	2017-04-13T00:00:00
db:	BID	id:	97469	date:	2017-04-11T00:03:00
db:	JVNDB	id:	JVNDB-2016-008290	date:	2017-05-12T00:00:00
db:	NVD	id:	CVE-2016-9197	date:	2017-04-13T15:04:55.683
db:	CNNVD	id:	CNNVD-201704-441	date:	2017-08-31T00:00:00

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2017-04566	date:	2017-04-17T00:00:00
db:	VULHUB	id:	VHN-98017	date:	2017-04-07T00:00:00
db:	BID	id:	97469	date:	2017-04-05T00:00:00
db:	JVNDB	id:	JVNDB-2016-008290	date:	2017-05-12T00:00:00
db:	NVD	id:	CVE-2016-9197	date:	2017-04-07T17:59:00.263
db:	CNNVD	id:	CNNVD-201704-441	date:	2017-04-07T00:00:00