CVE-2016-9091 - OpenCVE

Blue Coat Advanced Secure Gateway (ASG) 6.6 before 6.6.5.4 and Content Analysis System (CAS) 1.3 before 1.3.7.4 are susceptible to an OS command injection vulnerability. An authenticated malicious administrator can execute arbitrary OS commands with elevated system privileges.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:S/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Bluecoat	Content Analysis System Software Advanced Secure Gateway

Configuration 1 [-]

OR	cpe:2.3:a:bluecoat:advanced_secure_gateway::::::::
	cpe:2.3:a:bluecoat:content_analysis_system_software::::::::

References

Link	Resource
http://www.securityfocus.com/bid/97372	VDB Entry Third Party Advisory
https://bto.bluecoat.com/security-advisory/sa138	Mitigation Vendor Advisory
https://www.exploit-db.com/exploits/41785/
https://www.exploit-db.com/exploits/41786/

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: symantec

Published: 2017-04-05T15:00:00

Updated: 2017-08-15T09:57:01

Reserved: 2016-10-28T00:00:00

Link: CVE-2016-9091

JSON object: View

NVD Information

Status : Modified

Published: 2017-04-05T15:59:00.170

Modified: 2017-08-16T01:29:11.507

Link: CVE-2016-9091

JSON object: View

Redhat Information

No data.

CWE

CWE-78

{"containers": {"cna": {"affected": [{"product": "Blue Coat ASG", "vendor": "Symantec Corporation", "versions": [{"status": "affected", "version": "6.6 prior to 6.6.5.4"}]}, {"product": "Blue Coat CAS", "vendor": "Symantec Corporation", "versions": [{"status": "affected", "version": "1.3 prior to 1.3.7.4"}]}], "datePublic": "2017-04-03T00:00:00", "descriptions": [{"lang": "en", "value": "Blue Coat Advanced Secure Gateway (ASG) 6.6 before 6.6.5.4 and Content Analysis System (CAS) 1.3 before 1.3.7.4 are susceptible to an OS command injection vulnerability. An authenticated malicious administrator can execute arbitrary OS commands with elevated system privileges."}], "problemTypes": [{"descriptions": [{"description": "OS command injection", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-15T09:57:01", "orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5", "shortName": "symantec"}, "references": [{"name": "97372", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/97372"}, {"name": "41785", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/41785/"}, {"name": "41786", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/41786/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bto.bluecoat.com/security-advisory/sa138"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secure@symantec.com", "ID": "CVE-2016-9091", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Blue Coat ASG", "version": {"version_data": [{"version_value": "6.6 prior to 6.6.5.4"}]}}, {"product_name": "Blue Coat CAS", "version": {"version_data": [{"version_value": "1.3 prior to 1.3.7.4"}]}}]}, "vendor_name": "Symantec Corporation"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Blue Coat Advanced Secure Gateway (ASG) 6.6 before 6.6.5.4 and Content Analysis System (CAS) 1.3 before 1.3.7.4 are susceptible to an OS command injection vulnerability. An authenticated malicious administrator can execute arbitrary OS commands with elevated system privileges."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "OS command injection"}]}]}, "references": {"reference_data": [{"name": "97372", "refsource": "BID", "url": "http://www.securityfocus.com/bid/97372"}, {"name": "41785", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/41785/"}, {"name": "41786", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/41786/"}, {"name": "https://bto.bluecoat.com/security-advisory/sa138", "refsource": "CONFIRM", "url": "https://bto.bluecoat.com/security-advisory/sa138"}]}}}}, "cveMetadata": {"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5", "assignerShortName": "symantec", "cveId": "CVE-2016-9091", "datePublished": "2017-04-05T15:00:00", "dateReserved": "2016-10-28T00:00:00", "dateUpdated": "2017-08-15T09:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:bluecoat:advanced_secure_gateway:*:*:*:*:*:*:*:*", "matchCriteriaId": "2C0D9329-D60D-40F9-AE40-B5EDE0B52AB5", "versionEndIncluding": "6.6.5.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:bluecoat:content_analysis_system_software:*:*:*:*:*:*:*:*", "matchCriteriaId": "DEFA49F6-C7C2-4450-9067-E06368A33C85", "versionEndIncluding": "1.3.7.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Blue Coat Advanced Secure Gateway (ASG) 6.6 before 6.6.5.4 and Content Analysis System (CAS) 1.3 before 1.3.7.4 are susceptible to an OS command injection vulnerability. An authenticated malicious administrator can execute arbitrary OS commands with elevated system privileges."}, {"lang": "es", "value": "Blue Coat Advanced Security Gateway (ASG) 6.6 en versiones anteriores a 6.6.5.4 y el Sistema de An\u00e1lisis de Contenido (CAS) 1.3 en versiones anteriores a 1.3.7.4 son susceptibles a una vulnerabilidad de inyecci\u00f3n de comandos de OS. Un administrador malicioso autenticado puede ejecutar comandos de OS arbitrarios con privilegios de sistema elevados."}], "id": "CVE-2016-9091", "lastModified": "2017-08-16T01:29:11.507", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-04-05T15:59:00.170", "references": [{"source": "secure@symantec.com", "tags": ["VDB Entry", "Third Party Advisory"], "url": "http://www.securityfocus.com/bid/97372"}, {"source": "secure@symantec.com", "tags": ["Mitigation", "Vendor Advisory"], "url": "https://bto.bluecoat.com/security-advisory/sa138"}, {"source": "secure@symantec.com", "url": "https://www.exploit-db.com/exploits/41785/"}, {"source": "secure@symantec.com", "url": "https://www.exploit-db.com/exploits/41786/"}], "sourceIdentifier": "secure@symantec.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "nvd@nist.gov", "type": "Primary"}]}