CVE-2016-6461

{"id": "CVE-2016-6461", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 5.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.2}]}, "published": "2016-11-19T03:03:04.570", "references": [{"url": "http://www.securityfocus.com/bid/94365", "source": "psirt@cisco.com"}, {"url": "http://www.securitytracker.com/id/1037306", "source": "psirt@cisco.com"}, {"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161116-asa", "tags": ["Vendor Advisory"], "source": "psirt@cisco.com"}, {"url": "http://www.securityfocus.com/bid/94365", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id/1037306", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161116-asa", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the HTTP web-based management interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to inject arbitrary XML commands on the affected system. More Information: CSCva38556. Known Affected Releases: 9.1(6.10). Known Fixed Releases: 100.11(0.75) 100.15(0.137) 100.8(40.129) 96.2(0.95) 97.1(0.55) 97.1(12.7) 97.1(6.30)."}, {"lang": "es", "value": "Una vulnerabilidad en la interfaz de gesti\u00f3n basada en web HTTP de el Cisco Adaptive Security Appliance (ASA) podr\u00eda permitir a un atacante remoto no autenticado, inyectar comandos XML arbitrarios en el sistema afectado. M\u00e1s informaci\u00f3n: CSCva38556. Lanzamientos conocidos afectados: 9.1(6.10). Lanzamientos conocidos solucionados 100.11(0.75) 100.15(0.137) 100.8(40.129) 96.2(0.95) 97.1(0.55) 97.1(12.7) 97.1(6.30)."}], "lastModified": "2025-04-12T10:46:40.837", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1\\(7\\)4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "07BC9E2D-0B86-4A82-8CB4-A31FFBF322CE"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1\\(7\\)7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C6887033-E697-47D0-B6E0-61B64E9D3AC8"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1\\(7\\)9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B4C1AB6D-F2C5-4726-8792-581E8DCB9EB6"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1\\(7\\)11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BEA1216C-903C-469D-8615-ECFB3AA29BC9"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1\\(7\\)12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0707169B-34B9-4666-8EBD-F5967059D6AC"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.6.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1EF48794-2E5D-4BE0-9BB5-49ADE34F4A82"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2\\(0.0\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A3A13A9C-5387-4670-8E20-FE878946D091"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2\\(0.104\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9F7C7DA3-C24B-41BB-BDBE-7DC58EEAC4F8"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2\\(3.1\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AFC39DA3-8171-4344-A946-7965873C56F3"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F9C31567-8AEB-49C6-AA60-4150411D62AA"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CA140CB2-C17C-4164-A59A-8585906057BA"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.2.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "468D98A7-92D5-4C01-9EDD-CB44B85EA6BB"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.2.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7BAAC9FE-CCF0-4385-B5E9-FC424CD3EFD5"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.2.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5C9DEB1C-F9B9-4291-92B5-8EEEADC57E51"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "39330218-32FA-42FF-B5CA-288B7D140304"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.3.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A92D7CED-D036-414B-B9EB-DCAF7F425A7D"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.3.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C4AAAB02-140D-46F2-A315-5791BF5A853F"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2EB02DBE-6D60-4D0E-8E9D-7611C3C32748"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.4.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9A2F3C77-89CD-4990-98FA-E896079B6C87"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.4.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F5D03293-9765-46DB-B53D-1B23D5C14373"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.4.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0286DAF0-FACA-4F94-82E9-EAED8750DB7C"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.4.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "25E77826-1208-4582-A94C-242B601BD456"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.4.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DD617A59-2A4C-4264-BB5D-0126EF292079"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.4.16:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F5B9FC85-13B8-488C-80C4-C29C0E244601"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.4.17:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A2E7582A-835E-4A84-B197-EB40EE7985C9"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3\\(1.50\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1E044883-9952-477A-B2AA-3E0BB90C96A0"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3\\(1.105\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2E26A1B0-D61C-4A25-8E10-02A2E3E7A02B"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3\\(2.100\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6F4A28B7-87A2-464A-92A8-644E3F7D13D7"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3\\(2.243\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8D83ED80-972A-4548-9AB0-10F9A23DF749"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "26D99395-D18D-458E-9880-19B7767F69D0"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2E4CE047-3FEF-4A72-AD06-EC77D71EBCD9"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ED33F68A-9EB0-416A-A0A5-0DF2C349FFEE"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7F7DD812-DC72-4816-8B0F-361C32B2CD2F"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EC41D4CD-D5EA-4678-B3AA-962C7C937118"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "996C9552-5743-4639-A077-5B057605DF21"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A5779CE0-7691-47DA-902C-4D32D6650C9D"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.3.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0C69BE69-7C19-4ED3-98D3-04B1D41E56FE"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.3.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E7D12EFD-71D6-480E-97D5-278CCE4A7118"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.3.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "56AE55AB-8170-4E3A-AF89-A8F79599901A"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.3.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8B10653A-0E7C-4014-825D-76B5B438D378"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.3.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "77642A96-EF7F-4138-97BC-B3793EE0FB52"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AFE9F46B-DD74-4295-BB6A-9239E29F4416"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.0.115:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F8F53875-D589-4C34-B863-67AC9945BED8"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8870EB6E-DAE9-45F9-BBA5-2D20E5E00F83"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8B313B0E-4200-427F-A156-1EDA681F439D"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B8C49821-3BA5-4B44-84F5-113024FD030F"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2011F264-53A5-4507-843B-46F66D285ADB"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.1.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "290AA0BD-EDB0-4BA4-BF85-9CF29A1B7908"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "73FB7BAF-7B3E-4091-A90B-FB19B38FFE74"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6D2DA09B-CFBA-4FDE-A6D0-7C2CF202D72B"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2BE2EE9B-D44E-430D-8469-1DF0ADC322B5"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.3.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BC6B45EB-97BB-4683-9092-95E560B2585F"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.3.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8D3AA854-0F4D-4B08-A249-B3C19C056D7B"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.3.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "66E55E46-01F5-4C0D-8A69-1BBC590188BD"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.3.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D96BCCA3-958D-41C4-98CE-1A333F9667A7"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.3.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "245E680B-7A2D-4F98-9D59-6ECF70FE882B"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.3.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9C78E5C3-4D0D-4DFD-AA91-93DD58B195F0"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F831FD5A-1D54-4DFA-9AED-C3F2CBCE4069"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.5.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E29F95F5-6957-46F0-A0A2-CCACBBA14F90"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.5.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4D9EFD6D-A657-4102-982D-7634AC25E75E"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.5.2.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "59593836-990A-4CF1-AFBC-516C4A318641"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.5.2.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5479676D-6B3F-4154-B0D4-D2C81E6C941F"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.5.2.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F062A64B-7184-49C6-BDF5-8A413B0A85F0"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@cisco.com"}