Vulnerabilities > CVE-2016-1443 - 7PK - Security Features vulnerability in Cisco AMP Threat Grid Appliance

CVSS 6.8 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

cisco

CWE-254

NVD

Published: 2016-07-07

Updated: 2019-11-14

Summary

The virtual network stack on Cisco AMP Threat Grid Appliance devices before 2.1.1 allows remote attackers to bypass a sandbox protection mechanism, and consequently obtain sensitive interprocess information or modify interprocess data, via a crafted malware sample.

Vulnerable Configurations

Part	Description	Count
Application	Cisco Cisco AMP Threat Grid Appliance 1.0 Cisco AMP Threat Grid Appliance 1.1 Cisco AMP Threat Grid Appliance 1.2 Cisco AMP Threat Grid Appliance 1.2.1 Cisco AMP Threat Grid Appliance 1.3 Cisco AMP Threat Grid Appliance 1.4 Cisco AMP Threat Grid Appliance 1.4.1 Cisco AMP Threat Grid Appliance 1.4.2 Cisco AMP Threat Grid Appliance 1.4.3 Cisco AMP Threat Grid Appliance 1.4.4 Cisco AMP Threat Grid Appliance 1.4.5 Cisco AMP Threat Grid Appliance 1.4.6 Cisco AMP Threat Grid Appliance 2.0 Cisco AMP Threat Grid Appliance 2.0.1 Cisco AMP Threat Grid Appliance 2.0.2 Cisco AMP Threat Grid Appliance 2.0.3 Cisco AMP Threat Grid Appliance 2.0.4 Cisco AMP Threat Grid Appliance 2.1	18

Common Weakness Enumeration (CWE)

CWE-254 - 7PK - Security Features

References

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160706-tg