CVE-2016-1291 - OpenCVE

Cisco Prime Infrastructure 1.2.0 through 2.2(2) and Cisco Evolved Programmable Network Manager (EPNM) 1.2 allow remote attackers to execute arbitrary code via crafted deserialized data in an HTTP POST request, aka Bug ID CSCuw03192.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:M/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Cisco	Prime Infrastructure Evolved Programmable Network Manager
Sun	Opensolaris

Configuration 1 [-]

OR	cpe:2.3:a:cisco:evolved_programmable_network_manager:1.2.0:::::::*
	cpe:2.3:a:cisco:prime_infrastructure:1.2:::::::*
	cpe:2.3:a:cisco:prime_infrastructure:1.2.0.103:::::::*
	cpe:2.3:a:cisco:prime_infrastructure:1.2.1:::::::*
	cpe:2.3:a:cisco:prime_infrastructure:1.3:::::::*
	cpe:2.3:a:cisco:prime_infrastructure:1.3.0.20:::::::*
	cpe:2.3:a:cisco:prime_infrastructure:1.4:::::::*
	cpe:2.3:a:cisco:prime_infrastructure:1.4.0.45:::::::*
	cpe:2.3:a:cisco:prime_infrastructure:1.4.1:::::::*
	cpe:2.3:a:cisco:prime_infrastructure:1.4.2:::::::*
	cpe:2.3:a:cisco:prime_infrastructure:2.0:::::::*
	cpe:2.3:a:cisco:prime_infrastructure:2.1.0:::::::*
	cpe:2.3:a:cisco:prime_infrastructure:2.2:::::::*
	cpe:2.3:o:sun:opensolaris:snv_124::sparc:::::

References

Link	Resource
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-remcode	Vendor Advisory
http://www.securitytracker.com/id/1035497
https://blogs.securiteam.com/index.php/archives/2727	Third Party Advisory VDB Entry

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: cisco

Published: 2016-04-06T23:00:00

Updated: 2016-11-30T18:57:01

Reserved: 2016-01-04T00:00:00

Link: CVE-2016-1291

JSON object: View

NVD Information

Status : Modified

Published: 2016-04-06T23:59:11.847

Modified: 2019-07-29T17:47:15.557

Link: CVE-2016-1291

JSON object: View

Redhat Information

No data.

CWE

CWE-20

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-04-06T00:00:00", "descriptions": [{"lang": "en", "value": "Cisco Prime Infrastructure 1.2.0 through 2.2(2) and Cisco Evolved Programmable Network Manager (EPNM) 1.2 allow remote attackers to execute arbitrary code via crafted deserialized data in an HTTP POST request, aka Bug ID CSCuw03192."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-11-30T18:57:01", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "1035497", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1035497"}, {"tags": ["x_refsource_MISC"], "url": "https://blogs.securiteam.com/index.php/archives/2727"}, {"name": "20160406 Cisco Prime Infrastructure and Evolved Programmable Network Manager Remote Code Execution Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-remcode"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2016-1291", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Cisco Prime Infrastructure 1.2.0 through 2.2(2) and Cisco Evolved Programmable Network Manager (EPNM) 1.2 allow remote attackers to execute arbitrary code via crafted deserialized data in an HTTP POST request, aka Bug ID CSCuw03192."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "1035497", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035497"}, {"name": "https://blogs.securiteam.com/index.php/archives/2727", "refsource": "MISC", "url": "https://blogs.securiteam.com/index.php/archives/2727"}, {"name": "20160406 Cisco Prime Infrastructure and Evolved Programmable Network Manager Remote Code Execution Vulnerability", "refsource": "CISCO", "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-remcode"}]}}}}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2016-1291", "datePublished": "2016-04-06T23:00:00", "dateReserved": "2016-01-04T00:00:00", "dateUpdated": "2016-11-30T18:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:1.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C057764-0A1B-41A9-A21B-F665480145AD", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:prime_infrastructure:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "BA72A91C-0E65-420A-9DBE-3E0853EDB7C5", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:prime_infrastructure:1.2.0.103:*:*:*:*:*:*:*", "matchCriteriaId": "B257E2F8-30EB-4BCC-8ACF-35DF73107AAC", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:prime_infrastructure:1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "8B48C1E6-7C18-4C6B-B402-9C0E1A931C2C", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:prime_infrastructure:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "B64A7FCA-1DEA-45B2-9C69-CCDCC848D9B3", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:prime_infrastructure:1.3.0.20:*:*:*:*:*:*:*", "matchCriteriaId": "E78D776C-AA8C-471D-A0C0-02428FA07A29", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:prime_infrastructure:1.4:*:*:*:*:*:*:*", "matchCriteriaId": "9D3206E7-DC91-4861-AD32-46DA82509D5B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:prime_infrastructure:1.4.0.45:*:*:*:*:*:*:*", "matchCriteriaId": "1704AC8E-BD7E-4882-8BB3-45B9E2AE0F10", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:prime_infrastructure:1.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "9ACB00E7-41E3-4221-8400-A279A75FD355", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:prime_infrastructure:1.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "853315C7-01A7-4E83-9CBB-D45F6B5C4664", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "EB157A80-3A03-4B8D-9B20-C456A953CF7E", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "7678B118-E00C-4B1E-8B40-D3233DE3615C", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "56394A07-6D74-4588-8C05-DE04959F7FC7", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_124:*:sparc:*:*:*:*:*", "matchCriteriaId": "09B35C0E-6CBA-4B6B-BCD2-F5CC0BF8CF53", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Cisco Prime Infrastructure 1.2.0 through 2.2(2) and Cisco Evolved Programmable Network Manager (EPNM) 1.2 allow remote attackers to execute arbitrary code via crafted deserialized data in an HTTP POST request, aka Bug ID CSCuw03192."}, {"lang": "es", "value": "Cisco Prime Infrastructure 1.2.0 hasta la versi\u00f3n 2.2(2) y Cisco Evolved Programmable Network Manager (EPNM) 1.2 permiten a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de datos deserializados manipulados en una petici\u00f3n HTTP POST, tambi\u00e9n conocido como Bug ID CSCuw03192."}], "id": "CVE-2016-1291", "lastModified": "2019-07-29T17:47:15.557", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-04-06T23:59:11.847", "references": [{"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-remcode"}, {"source": "ykramarz@cisco.com", "url": "http://www.securitytracker.com/id/1035497"}, {"source": "ykramarz@cisco.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://blogs.securiteam.com/index.php/archives/2727"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}