CyberSec.Space Logo
返回 CVE 浏览器

CVE-2016-6367

Known Exploited (CISA KEV)HIGH
7.8
CVSS Severity Score
EPSS Score52.5880%
EPSS Percentile85.74th
Published2016年8月18日
Last Modified2026年4月22日

Vulnerability Description

Cisco Adaptive Security Appliance (ASA) Software before 8.4(1) on ASA 5500, ASA 5500-X, PIX, and FWSM devices allows local users to gain privileges via invalid CLI commands, aka Bug ID CSCtu74257 or EPICBANANA.

Affected Platforms (CPE)

💻
Cisco

Adaptive Security Appliance Software

>= 7.2.0 and < 8.4\(3\)
💻
Cisco

Adaptive Security Appliance Software

>= 8.5 and < 9.0\(1\)

References & Advisories

🔗 http://blogs.cisco.com/security/shadow-brokers
🔗 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-asa-cli
🔗 http://tools.cisco.com/security/center/viewErp.x?alertId=ERP-56516
🔗 http://www.securityfocus.com/bid/92520
🔗 http://www.securitytracker.com/id/1036636
🔗 https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40271.zip
🔗 https://www.exploit-db.com/exploits/40271/
🔗 http://blogs.cisco.com/security/shadow-brokers

相关漏洞威胁

CVE-2013-550910.0

The SSL implementation in Cisco Adaptive Security Appliance (ASA) Software 9.0 before 9.0(2.6) and 9.1 before 9.1(2) allows remote...

CVE-2009-491910.0

Buffer overflow on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attacker...

CVE-2009-491210.0

Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) complete an SSL handshake with an HTTPS c...

CVE-2013-551110.0

The Adaptive Security Device Management (ASDM) remote-management feature in Cisco Adaptive Security Appliance (ASA) Software 8.2.x...