#VU647 Information modification in Cisco Systems, Inc products - CVE-2016-6412
Vulnerability identifier: #VU647
Vulnerability risk: Low
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID:
CWE-ID:
CWE-20
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
Cisco IOS XE
Operating systems & Components /
Operating system
Cisco IOS
Operating systems & Components /
Operating system
Cisco IOS XR
Operating systems & Components /
Operating system
Vendor: Cisco Systems, Inc
Description
The vulnerabiity allows a remote user to modify user's information on the target system.
The weakness exists due to input validation flaw in the Cisco Application-hosting Framework (CAF) component. By insertion specially crafted HTTP headers into the communications path between the user and the target IOS system attackers can download an arbitrary file.
Successful exploitation of the vulnerability may result in modification of target user's data.
Mitigation
Install update from vendor's website.
Vulnerable software versions
Cisco IOS XE: 3.15S, 3.16S, 3.17S
Cisco IOS: 12.0, 12.1, 12.2 - 12.2.33, 12.3, 12.4, 15.2(2)ea - 15.2(4)ea
Cisco IOS XR: 5.1.0 - 5.1.3, 5.2.0 - 5.2.4, 5.3.0 - 5.3.3, 6.0.1
External links
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160921-caf1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
