Lucene search

[email protected]CVE-2016-1443

HistoryJul 07, 2016 - 2:59 p.m.

CVE-2016-1443

2016-07-0714:59:04

CWE-254

[email protected]

web.nvd.nist.gov

cisco

amp threat grid

appliance

cve-2016-1443

sandbox protection

malware

remote attackers

interprocess

data modification

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

7.8 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

69.6%

JSON

The virtual network stack on Cisco AMP Threat Grid Appliance devices before 2.1.1 allows remote attackers to bypass a sandbox protection mechanism, and consequently obtain sensitive interprocess information or modify interprocess data, via a crafted malware sample.

Affected configurations

NVD

Node

ciscoamp_threat_grid_applianceMatch1.0

ciscoamp_threat_grid_applianceMatch1.1

ciscoamp_threat_grid_applianceMatch1.2

ciscoamp_threat_grid_applianceMatch1.2.1

ciscoamp_threat_grid_applianceMatch1.3

ciscoamp_threat_grid_applianceMatch1.4

ciscoamp_threat_grid_applianceMatch1.4.1

ciscoamp_threat_grid_applianceMatch1.4.2

ciscoamp_threat_grid_applianceMatch1.4.3

ciscoamp_threat_grid_applianceMatch1.4.4

ciscoamp_threat_grid_applianceMatch1.4.5

ciscoamp_threat_grid_applianceMatch1.4.6

ciscoamp_threat_grid_applianceMatch2.0

ciscoamp_threat_grid_applianceMatch2.0.1

ciscoamp_threat_grid_applianceMatch2.0.2

ciscoamp_threat_grid_applianceMatch2.0.3

ciscoamp_threat_grid_applianceMatch2.0.4

ciscoamp_threat_grid_applianceMatch2.1

CPENameOperatorVersion
cisco:amp_threat_grid_appliancecisco amp threat grid applianceeq1.0
cisco:amp_threat_grid_appliancecisco amp threat grid applianceeq1.1
cisco:amp_threat_grid_appliancecisco amp threat grid applianceeq1.2
cisco:amp_threat_grid_appliancecisco amp threat grid applianceeq1.2.1
cisco:amp_threat_grid_appliancecisco amp threat grid applianceeq1.3
cisco:amp_threat_grid_appliancecisco amp threat grid applianceeq1.4
cisco:amp_threat_grid_appliancecisco amp threat grid applianceeq1.4.1
cisco:amp_threat_grid_appliancecisco amp threat grid applianceeq1.4.2
cisco:amp_threat_grid_appliancecisco amp threat grid applianceeq1.4.3
cisco:amp_threat_grid_appliancecisco amp threat grid applianceeq1.4.4

CPE	Name	Operator	Version
cisco:amp_threat_grid_appliance	cisco amp threat grid appliance	eq	1.0
cisco:amp_threat_grid_appliance	cisco amp threat grid appliance	eq	1.1
cisco:amp_threat_grid_appliance	cisco amp threat grid appliance	eq	1.2
cisco:amp_threat_grid_appliance	cisco amp threat grid appliance	eq	1.2.1
cisco:amp_threat_grid_appliance	cisco amp threat grid appliance	eq	1.3
cisco:amp_threat_grid_appliance	cisco amp threat grid appliance	eq	1.4
cisco:amp_threat_grid_appliance	cisco amp threat grid appliance	eq	1.4.1
cisco:amp_threat_grid_appliance	cisco amp threat grid appliance	eq	1.4.2
cisco:amp_threat_grid_appliance	cisco amp threat grid appliance	eq	1.4.3
cisco:amp_threat_grid_appliance	cisco amp threat grid appliance	eq	1.4.4

Rows per page:

1-10 of 181

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160706-tg

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

7.8 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

69.6%

JSON

Related for CVE-2016-1443

cisco1 prion1 nvd1 cvelist1