CVE-2016-9212 - OpenCVE

A vulnerability in the Decrypt for End-User Notification configuration parameter of Cisco AsyncOS Software for Cisco Web Security Appliances could allow an unauthenticated, remote attacker to connect to a secure website over Secure Sockets Layer (SSL) or Transport Layer Security (TLS), even if the WSA is configured to block connections to the website. Affected Products: This vulnerability affects Cisco Web Security Appliances if the HTTPS decryption options are enabled and configured for the device to block connections to certain websites. More Information: CSCvb49012. Known Affected Releases: 9.0.1-162 9.1.1-074.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:L/Au:N/C:N/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Cisco	Web Security Appliance

Configuration 1 [-]

OR	cpe:2.3:a:cisco:web_security_appliance:9.0.1-162:::::::*
	cpe:2.3:a:cisco:web_security_appliance:9.1.1-074:::::::*

References

Link	Resource
http://www.securityfocus.com/bid/94774	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1037410	Third Party Advisory VDB Entry
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-wsa1	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: cisco

Published: 2016-12-14T00:37:00

Updated: 2016-12-20T21:57:01

Reserved: 2016-11-06T00:00:00

Link: CVE-2016-9212

JSON object: View

NVD Information

Status : Analyzed

Published: 2016-12-14T00:59:34.303

Modified: 2016-12-22T21:12:08.837

Link: CVE-2016-9212

JSON object: View

Redhat Information

No data.

CWE

CWE-20

{"containers": {"cna": {"affected": [{"product": "Cisco Web Security Appliance", "vendor": "n/a", "versions": [{"status": "affected", "version": "Cisco Web Security Appliance"}]}], "datePublic": "2016-12-13T00:00:00", "descriptions": [{"lang": "en", "value": "A vulnerability in the Decrypt for End-User Notification configuration parameter of Cisco AsyncOS Software for Cisco Web Security Appliances could allow an unauthenticated, remote attacker to connect to a secure website over Secure Sockets Layer (SSL) or Transport Layer Security (TLS), even if the WSA is configured to block connections to the website. Affected Products: This vulnerability affects Cisco Web Security Appliances if the HTTPS decryption options are enabled and configured for the device to block connections to certain websites. More Information: CSCvb49012. Known Affected Releases: 9.0.1-162 9.1.1-074."}], "problemTypes": [{"descriptions": [{"description": "unspecified", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-12-20T21:57:01", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-wsa1"}, {"name": "94774", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/94774"}, {"name": "1037410", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1037410"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2016-9212", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Cisco Web Security Appliance", "version": {"version_data": [{"version_value": "Cisco Web Security Appliance"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability in the Decrypt for End-User Notification configuration parameter of Cisco AsyncOS Software for Cisco Web Security Appliances could allow an unauthenticated, remote attacker to connect to a secure website over Secure Sockets Layer (SSL) or Transport Layer Security (TLS), even if the WSA is configured to block connections to the website. Affected Products: This vulnerability affects Cisco Web Security Appliances if the HTTPS decryption options are enabled and configured for the device to block connections to certain websites. More Information: CSCvb49012. Known Affected Releases: 9.0.1-162 9.1.1-074."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "unspecified"}]}]}, "references": {"reference_data": [{"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-wsa1", "refsource": "CONFIRM", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-wsa1"}, {"name": "94774", "refsource": "BID", "url": "http://www.securityfocus.com/bid/94774"}, {"name": "1037410", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037410"}]}}}}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2016-9212", "datePublished": "2016-12-14T00:37:00", "dateReserved": "2016-11-06T00:00:00", "dateUpdated": "2016-12-20T21:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:web_security_appliance:9.0.1-162:*:*:*:*:*:*:*", "matchCriteriaId": "133F003C-6043-4E53-BF1F-D8609B6C551B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance:9.1.1-074:*:*:*:*:*:*:*", "matchCriteriaId": "35F4D6C1-3493-400B-AAE8-E2C00AE53BE2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the Decrypt for End-User Notification configuration parameter of Cisco AsyncOS Software for Cisco Web Security Appliances could allow an unauthenticated, remote attacker to connect to a secure website over Secure Sockets Layer (SSL) or Transport Layer Security (TLS), even if the WSA is configured to block connections to the website. Affected Products: This vulnerability affects Cisco Web Security Appliances if the HTTPS decryption options are enabled and configured for the device to block connections to certain websites. More Information: CSCvb49012. Known Affected Releases: 9.0.1-162 9.1.1-074."}, {"lang": "es", "value": "Una vulnerabilidad en el par\u00e1metro de configuraci\u00f3n Decrypt for End-User Notification en Cisco AsyncOS Software para Cisco Web Security Appliances podr\u00eda permitir a un atacante remoto no autenticado conectarse a un sitio web seguro sobre Secure Sockets Layer (SSL) o Transport Layer Security (TLS), incluso si el WSA est\u00e1 configurado para bloquear conexiones al sitio web. Productos Afectados: Esta vulnerabilidad afecta a Cisco Web Security Appliances si las opciones de descifrado est\u00e1n activadas y configuradas para el dispositivo para bloquear conexiones a ciertos sitios web. M\u00e1s Informaci\u00f3n: CSCvb49012. Lanzamientos Afectados Conocidos: 9.0.1-162 9.1.1-074."}], "id": "CVE-2016-9212", "lastModified": "2016-12-22T21:12:08.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-12-14T00:59:34.303", "references": [{"source": "ykramarz@cisco.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/94774"}, {"source": "ykramarz@cisco.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1037410"}, {"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-wsa1"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}