var-201609-0325
Vulnerability from variot
The server IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.6, IOS XE through 3.18S, IOS XR 4.3.x and 5.0.x through 5.2.x, and PIX before 7.0 allows remote attackers to obtain sensitive information from device memory via a Security Association (SA) negotiation request, aka Bug IDs CSCvb29204 and CSCvb36055 or BENIGNCERTAIN. Cisco IOS and so on are all operating systems developed by Cisco. An information disclosure vulnerability exists in the implementation of server IKEv1 in several Cisco products. A remote attacker can use the vulnerability to send sensitive information from the device's memory by sending a SecurityAssociation negotiation request. This issue is being tracked by Cisco Bug IDs CSCvb29204 and CSCvb36055
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201609-0325",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ios xr",
"scope": "eq",
"trust": 1.4,
"vendor": "cisco",
"version": "4.3.x"
},
{
"model": "ios xr",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "4.3.0"
},
{
"model": "ios",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "15.6"
},
{
"model": "ios",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "15.0"
},
{
"model": "ios xr",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "5.3.0"
},
{
"model": "ios",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "12.4"
},
{
"model": "ios",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "12.2"
},
{
"model": "ios xe",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "3.18s"
},
{
"model": "ios xr",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "5.0.0"
},
{
"model": "ios xr",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "4.3.4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "12.2 to 12.4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "15.0 to 15.6"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "16.1"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "16.2"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "16.3"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.12s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.13s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.14s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.15s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.16s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.17s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.18s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.1s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.2s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.3s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.3sg"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.3xo"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.4s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.4sg"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.5e"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.5s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.6e"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.6s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.7e"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.7s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.8e"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.8s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.9e"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.9s"
},
{
"model": "ios xr",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "5.0.x to 5.2.x"
},
{
"model": "pix firewall software",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "7.0"
},
{
"model": "ios xr",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "5.0.x"
},
{
"model": "ios xr",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "5.1.x"
},
{
"model": "ios xr",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "5.2.x"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "12.3\\(4\\)t2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "12.4\\(15\\)xz2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "12.3\\(7\\)xi1c"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "12.2\\(33\\)scd7"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "12.3\\(8\\)yd1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "12.4\\(22\\)xr2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "12.3\\(14\\)t2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "12.3\\(7\\)xr4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "12.2\\(18\\)zu2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "12.4\\(22\\)yb2"
},
{
"model": "automation stratix",
"scope": "eq",
"trust": 0.3,
"vendor": "rockwell",
"version": "59000"
},
{
"model": "ios xr",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.1"
},
{
"model": "ios xr",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "ios xr",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3.2"
},
{
"model": "ios xr",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3.1"
},
{
"model": "ios xr",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"model": "ios xr",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2"
},
{
"model": "ios xr",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "ios xr",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3.4"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ios 15.6t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.6sp",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.6sn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.6s",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.6m",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.5t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.5sn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.5s",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.5m",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.4t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.4sy",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.4s",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.4m",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.4cg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.3t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.3sy",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.3s",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.3m",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.2t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.2sy",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.2sni",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.2snh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.2sng",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.2s",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.2m",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.2gc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.2ey",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.2ea",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.2e",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.1t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.1sy",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.1sni",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.1snh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.1sng",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.1sg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.1s",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.1mra",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.1mr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.1m",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.1gc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.0sy",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.0sg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.0se",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.0s",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.0m",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.0ey",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.0ek",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.0ej",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.0eh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.0ed",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.4yg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.4ye",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.4xr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.4xq",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.4t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.4sw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.4mdb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.4mda",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.4md",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.4gc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.4"
},
{
"model": "ios 12.2zya",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2sy",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2sxi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2sxh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2sre",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2srd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2se",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2sci",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2sch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2scg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2scf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2sce",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2scd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2sb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2mrb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2iri",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2irh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2irg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "automation stratix",
"scope": "ne",
"trust": 0.3,
"vendor": "rockwell",
"version": "590015.6.3"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-07726"
},
{
"db": "BID",
"id": "93003"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004798"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-342"
},
{
"db": "NVD",
"id": "CVE-2016-6415"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:cisco:ios",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:ios_xe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:ios_xr",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:pix_firewall_software",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-004798"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Shadow Brokers",
"sources": [
{
"db": "BID",
"id": "93003"
}
],
"trust": 0.3
},
"cve": "CVE-2016-6415",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2016-6415",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2016-07726",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-95235",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2016-6415",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2016-6415",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-6415",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2016-6415",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2016-07726",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201609-342",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-95235",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2016-6415",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-07726"
},
{
"db": "VULHUB",
"id": "VHN-95235"
},
{
"db": "VULMON",
"id": "CVE-2016-6415"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004798"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-342"
},
{
"db": "NVD",
"id": "CVE-2016-6415"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The server IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.6, IOS XE through 3.18S, IOS XR 4.3.x and 5.0.x through 5.2.x, and PIX before 7.0 allows remote attackers to obtain sensitive information from device memory via a Security Association (SA) negotiation request, aka Bug IDs CSCvb29204 and CSCvb36055 or BENIGNCERTAIN. Cisco IOS and so on are all operating systems developed by Cisco. An information disclosure vulnerability exists in the implementation of server IKEv1 in several Cisco products. A remote attacker can use the vulnerability to send sensitive information from the device\u0027s memory by sending a SecurityAssociation negotiation request. \nThis issue is being tracked by Cisco Bug IDs CSCvb29204 and CSCvb36055",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-6415"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004798"
},
{
"db": "CNVD",
"id": "CNVD-2016-07726"
},
{
"db": "BID",
"id": "93003"
},
{
"db": "VULHUB",
"id": "VHN-95235"
},
{
"db": "VULMON",
"id": "CVE-2016-6415"
}
],
"trust": 2.61
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-95235",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=43383",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-95235"
},
{
"db": "VULMON",
"id": "CVE-2016-6415"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-6415",
"trust": 3.5
},
{
"db": "BID",
"id": "93003",
"trust": 2.1
},
{
"db": "SECTRACK",
"id": "1036841",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004798",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201609-342",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2016-07726",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-17-094-04",
"trust": 0.4
},
{
"db": "EXPLOIT-DB",
"id": "43383",
"trust": 0.2
},
{
"db": "SEEBUG",
"id": "SSVID-92480",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-95235",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-6415",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-07726"
},
{
"db": "VULHUB",
"id": "VHN-95235"
},
{
"db": "VULMON",
"id": "CVE-2016-6415"
},
{
"db": "BID",
"id": "93003"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004798"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-342"
},
{
"db": "NVD",
"id": "CVE-2016-6415"
}
]
},
"id": "VAR-201609-0325",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-07726"
},
{
"db": "VULHUB",
"id": "VHN-95235"
}
],
"trust": 1.3952116
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-07726"
}
]
},
"last_update_date": "2024-11-23T20:16:54.202000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20160916-ikev1",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160916-ikev1"
},
{
"title": "Patches for multiple Cisco product information disclosure vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/81503"
},
{
"title": "CVE-2016-6415-BenignCertain-Monitor",
"trust": 0.1,
"url": "https://github.com/3ndG4me/CVE-2016-6415-BenignCertain-Monitor "
},
{
"title": "benigncertain",
"trust": 0.1,
"url": "https://github.com/dinosn/benigncertain "
},
{
"title": "MS17-010",
"trust": 0.1,
"url": "https://github.com/oneplus-x/MS17-010 "
},
{
"title": "Exp101tsArchiv30thers",
"trust": 0.1,
"url": "https://github.com/nu11secur1ty/Exp101tsArchiv30thers "
},
{
"title": "awesome-cve-poc_qazbnm456",
"trust": 0.1,
"url": "https://github.com/xbl3/awesome-cve-poc_qazbnm456 "
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/cisco-warns-of-ios-flaw-vulnerable-to-shadowbrokers-attack/120668/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-07726"
},
{
"db": "VULMON",
"id": "CVE-2016-6415"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004798"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-95235"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004798"
},
{
"db": "NVD",
"id": "CVE-2016-6415"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160916-ikev1"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/93003"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1036841"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-6415"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-6415"
},
{
"trust": 0.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-094-04"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/200.html"
},
{
"trust": 0.1,
"url": "https://github.com/3ndg4me/cve-2016-6415-benigncertain-monitor"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/43383/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-07726"
},
{
"db": "VULHUB",
"id": "VHN-95235"
},
{
"db": "VULMON",
"id": "CVE-2016-6415"
},
{
"db": "BID",
"id": "93003"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004798"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-342"
},
{
"db": "NVD",
"id": "CVE-2016-6415"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-07726"
},
{
"db": "VULHUB",
"id": "VHN-95235"
},
{
"db": "VULMON",
"id": "CVE-2016-6415"
},
{
"db": "BID",
"id": "93003"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004798"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-342"
},
{
"db": "NVD",
"id": "CVE-2016-6415"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-09-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-07726"
},
{
"date": "2016-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-95235"
},
{
"date": "2016-09-19T00:00:00",
"db": "VULMON",
"id": "CVE-2016-6415"
},
{
"date": "2016-09-16T00:00:00",
"db": "BID",
"id": "93003"
},
{
"date": "2016-09-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-004798"
},
{
"date": "2016-09-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201609-342"
},
{
"date": "2016-09-19T01:59:06.167000",
"db": "NVD",
"id": "CVE-2016-6415"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-09-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-07726"
},
{
"date": "2020-06-03T00:00:00",
"db": "VULHUB",
"id": "VHN-95235"
},
{
"date": "2020-06-03T00:00:00",
"db": "VULMON",
"id": "CVE-2016-6415"
},
{
"date": "2017-05-23T16:23:00",
"db": "BID",
"id": "93003"
},
{
"date": "2016-09-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-004798"
},
{
"date": "2020-06-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201609-342"
},
{
"date": "2024-11-21T02:56:05.187000",
"db": "NVD",
"id": "CVE-2016-6415"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201609-342"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Cisco Product server IKEv1 Vulnerability in the implementation of critical information obtained from device memory",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-004798"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201609-342"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.