CVE-2016-6366 vulnerability in Cisco Products
Published on August 18, 2016

Buffer overflow in Cisco Adaptive Security Appliance (ASA) Software through 9.4.2.3 on ASA 5500, ASA 5500-X, ASA Services Module, ASA 1000V, ASAv, Firepower 9300 ASA Security Module, PIX, and FWSM devices allows remote authenticated users to execute arbitrary code via crafted IPv4 SNMP packets, aka Bug ID CSCva92151 or EXTRABACON.

Vendor Advisory Vendor Advisory Vendor Advisory NVD

Known Exploited Vulnerability

This Cisco Adaptive Security Appliance (ASA) SNMP Buffer Overflow Vulnerability is part of CISA's list of Known Exploited Vulnerabilities. A buffer overflow vulnerability in the Simple Network Management Protocol (SNMP) code of Cisco ASA software could allow an attacker to cause a reload of the affected system or to remotely execute code.

The following remediation steps are recommended / required by June 14, 2022: Apply updates per vendor instructions.

Vulnerability Analysis

CVE-2016-6366 is exploitable with network access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

What is a Buffer Overflow Vulnerability?

The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

CVE-2016-6366 has been classified to as a Buffer Overflow vulnerability or weakness.

Products Associated with CVE-2016-6366

You can be notified by stack.watch whenever vulnerabilities like CVE-2016-6366 are published in these products:

Cisco Firepower Threat Defense Software

Cisco Firepower Services Software Asa

Cisco Pix Firewall

Cisco Adaptive Security Appliance Software

Cisco Asa 1000v Cloud Firewall Software

What versions are vulnerable to CVE-2016-6366?

Cisco Firepower Threat Defense Software Version 6.0.0
Cisco Firepower Threat Defense Software Version 6.0.1

Cisco Firepower Services Software Asa Version 5.4.1
Cisco Firepower Services Software Asa Version 5.4.0
Cisco Firepower Services Software Asa Version 5.4.1.5
Cisco Firepower Services Software Asa Version 5.4.1.3
Cisco Firepower Services Software Asa Version 5.4.1.1
Cisco Firepower Services Software Asa Version 5.4.1.6
Cisco Firepower Services Software Asa Version 5.4.1.4
Cisco Firepower Services Software Asa Version 5.4.1.7
Cisco Firepower Services Software Asa Version 5.4.1.2

Cisco Pix Firewall Version 525_6.3
Cisco Pix Firewall Version 515_base
Cisco Pix Firewall Version 525_base
Cisco Pix Firewall Version base
Cisco Pix Firewall Version 520_base
Cisco Pix Firewall Version 535_base
Cisco Pix Firewall Version 501_base
Cisco Pix Firewall Version 515e_base
Cisco Pix Firewall Version 506_base

Cisco Adaptive Security Appliance Software Version 9.3.2
Cisco Adaptive Security Appliance Software Version 9.1.1.4
Cisco Adaptive Security Appliance Software Version 9.1.4
Cisco Adaptive Security Appliance Software Version 8.6.1.12
Cisco Adaptive Security Appliance Software Version 9.2.2.7
Cisco Adaptive Security Appliance Software Version 9.1.5.21
Cisco Adaptive Security Appliance Software Version 9.1.3
Cisco Adaptive Security Appliance Software Version 9.1.2
Cisco Adaptive Security Appliance Software Version 9.2.3
Cisco Adaptive Security Appliance Software Version 9.3.1.1
Cisco Adaptive Security Appliance Software Version 9.1.1
Cisco Adaptive Security Appliance Software Version 9.2.2.8
Cisco Adaptive Security Appliance Software Version 9.3.1
Cisco Adaptive Security Appliance Software Version 9.1.2.8
Cisco Adaptive Security Appliance Software Version 9.1.5.15
Cisco Adaptive Security Appliance Software Version 9.1.5.10
Cisco Adaptive Security Appliance Software Version 9.2.1
Cisco Adaptive Security Appliance Software Version 9.3.2.2
Cisco Adaptive Security Appliance Software Version 9.1.5
Cisco Adaptive Security Appliance Software Version 9.2.2.4
Cisco Adaptive Security Appliance Software Version 9.1.5.12
Cisco Adaptive Security Appliance Software Version 9.1.3.2
Cisco Adaptive Security Appliance Software Version 9.1.4.5
Cisco Adaptive Security Appliance Software Version 9.2.2
Cisco Adaptive Security Appliance Software Version 9.3.3.2
Cisco Adaptive Security Appliance Software Version 7.0.7.1
Cisco Adaptive Security Appliance Software Version 9.1.6.6
Cisco Adaptive Security Appliance Software Version 7.0.7.9
Cisco Adaptive Security Appliance Software Version 7.0.7.12
Cisco Adaptive Security Appliance Software Version 9.1.6.1
Cisco Adaptive Security Appliance Software Version 9.2\(3.1\)
Cisco Adaptive Security Appliance Software Version 9.3\(2.100\)
Cisco Adaptive Security Appliance Software Version 7.0.6.4
Cisco Adaptive Security Appliance Software Version 7.0.8.13
Cisco Adaptive Security Appliance Software Version 7.0.3
Cisco Adaptive Security Appliance Software Version 9.2.4.2
Cisco Adaptive Security Appliance Software Version 7.0.8.2
Cisco Adaptive Security Appliance Software Version 7.0.7.4
Cisco Adaptive Security Appliance Software Version 9.4.2.3
Cisco Adaptive Security Appliance Software Version 9.2\(0.104\)
Cisco Adaptive Security Appliance Software Version 9.4.1.2
Cisco Adaptive Security Appliance Software Version 7.0.4
Cisco Adaptive Security Appliance Software Version 7.0.1
Cisco Adaptive Security Appliance Software Version 9.2\(0.0\)
Cisco Adaptive Security Appliance Software Version 7.0.7
Cisco Adaptive Security Appliance Software Version 7.0.2
Cisco Adaptive Security Appliance Software Version 7.0.1.4
Cisco Adaptive Security Appliance Software Version 9.3\(1.105\)
Cisco Adaptive Security Appliance Software Version 9.1.6
Cisco Adaptive Security Appliance Software Version 9.3.3
Cisco Adaptive Security Appliance Software Version 9.1.6.10
Cisco Adaptive Security Appliance Software Version 9.3.3.5
Cisco Adaptive Security Appliance Software Version 9.2.4
Cisco Adaptive Security Appliance Software Version 9.1.6.4
Cisco Adaptive Security Appliance Software Version 7.0.6
Cisco Adaptive Security Appliance Software Version 9.2.3.3
Cisco Adaptive Security Appliance Software Version 9.4.2
Cisco Adaptive Security Appliance Software Version 7.0.6.8
Cisco Adaptive Security Appliance Software Version 7.0.8.8
Cisco Adaptive Security Appliance Software Version 9.2.3.4
Cisco Adaptive Security Appliance Software Version 9.3.3.1
Cisco Adaptive Security Appliance Software Version 7.0.6.18
Cisco Adaptive Security Appliance Software Version 9.4.1.5
Cisco Adaptive Security Appliance Software Version 7.0.6.32
Cisco Adaptive Security Appliance Software Version 9.4.1.3
Cisco Adaptive Security Appliance Software Version 7.0.8.12
Cisco Adaptive Security Appliance Software Version 7.0.5
Cisco Adaptive Security Appliance Software Version 9.4.1
Cisco Adaptive Security Appliance Software Version 7.0.4.2
Cisco Adaptive Security Appliance Software Version 9.1.6.8
Cisco Adaptive Security Appliance Software Version 9.3\(2.243\)
Cisco Adaptive Security Appliance Software Version 9.3.5
Cisco Adaptive Security Appliance Software Version 9.3\(1.50\)
Cisco Adaptive Security Appliance Software Version 9.4.0.115
Cisco Adaptive Security Appliance Software Version 7.0.6.29
Cisco Adaptive Security Appliance Software Version 9.2.4.4
Cisco Adaptive Security Appliance Software Version 7.0.5.12
Cisco Adaptive Security Appliance Software Version 7.0.8
Cisco Adaptive Security Appliance Software Version 7.0.6.22
Cisco Adaptive Security Appliance Software Version 9.4.1.1
Cisco Adaptive Security Appliance Software Version 7.0.6.26
Cisco Adaptive Security Appliance Software Version 9.3.3.6
Cisco Adaptive Security Appliance Software Version 7.2.4.30
Cisco Adaptive Security Appliance Software Version 7.1.2.24
Cisco Adaptive Security Appliance Software Version 7.2.4.18
Cisco Adaptive Security Appliance Software Version 7.1.2.81
Cisco Adaptive Security Appliance Software Version 7.2.3.12
Cisco Adaptive Security Appliance Software Version 7.2.5.7
Cisco Adaptive Security Appliance Software Version 7.2.1.24
Cisco Adaptive Security Appliance Software Version 7.2.3.16
Cisco Adaptive Security Appliance Software Version 7.2.1.13
Cisco Adaptive Security Appliance Software Version 7.2.2.10
Cisco Adaptive Security Appliance Software Version 7.1.2.16
Cisco Adaptive Security Appliance Software Version 7.1.2.28
Cisco Adaptive Security Appliance Software Version 7.1.2.20
Cisco Adaptive Security Appliance Software Version 7.2.4.33
Cisco Adaptive Security Appliance Software Version 7.2.2.22
Cisco Adaptive Security Appliance Software Version 7.1.2.64
Cisco Adaptive Security Appliance Software Version 7.2.5.12
Cisco Adaptive Security Appliance Software Version 7.2.3
Cisco Adaptive Security Appliance Software Version 7.2.5.16
Cisco Adaptive Security Appliance Software Version 7.2.1.19
Cisco Adaptive Security Appliance Software Version 7.2.4.27
Cisco Adaptive Security Appliance Software Version 7.1.2.46
Cisco Adaptive Security Appliance Software Version 7.2.2.14
Cisco Adaptive Security Appliance Software Version 7.2.2.18
Cisco Adaptive Security Appliance Software Version 7.2.5.4
Cisco Adaptive Security Appliance Software Version 7.1.2.61
Cisco Adaptive Security Appliance Software Version 7.2.3.1
Cisco Adaptive Security Appliance Software Version 7.2.5.10
Cisco Adaptive Security Appliance Software Version 7.2.1.9
Cisco Adaptive Security Appliance Software Version 7.1.2.42
Cisco Adaptive Security Appliance Software Version 7.2.2.6
Cisco Adaptive Security Appliance Software Version 7.2.4.9
Cisco Adaptive Security Appliance Software Version 7.2.2
Cisco Adaptive Security Appliance Software Version 7.2.2.34
Cisco Adaptive Security Appliance Software Version 7.1.2.49
Cisco Adaptive Security Appliance Software Version 7.2.5.2
Cisco Adaptive Security Appliance Software Version 7.1.2.72
Cisco Adaptive Security Appliance Software Version 7.1.2.53
Cisco Adaptive Security Appliance Software Version 7.2.4.25
Cisco Adaptive Security Appliance Software Version 7.2.4.6
Cisco Adaptive Security Appliance Software Version 7.2.2.19
Cisco Adaptive Security Appliance Software Version 7.2.4
Cisco Adaptive Security Appliance Software Version 7.1.2.38
Cisco Adaptive Security Appliance Software Version 7.2.5
Cisco Adaptive Security Appliance Software Version 7.2.5.8
Cisco Adaptive Security Appliance Software Version 7.1.2
Cisco Adaptive Security Appliance Software Version 7.2.1
Cisco Adaptive Security Appliance Software Version 8.3.2.40
Cisco Adaptive Security Appliance Software Version 8.3.1
Cisco Adaptive Security Appliance Software Version 8.0.4.28
Cisco Adaptive Security Appliance Software Version 8.2.2
Cisco Adaptive Security Appliance Software Version 8.3.1.1
Cisco Adaptive Security Appliance Software Version 8.0.1.2
Cisco Adaptive Security Appliance Software Version 8.0.5.27
Cisco Adaptive Security Appliance Software Version 8.0.4.33
Cisco Adaptive Security Appliance Software Version 8.3.1.6
Cisco Adaptive Security Appliance Software Version 8.2.5.40
Cisco Adaptive Security Appliance Software Version 8.1.2.49
Cisco Adaptive Security Appliance Software Version 8.2.1
Cisco Adaptive Security Appliance Software Version 8.2.2.12
Cisco Adaptive Security Appliance Software Version 8.0.4.3
Cisco Adaptive Security Appliance Software Version 8.2.5.22
Cisco Adaptive Security Appliance Software Version 8.2.5.33
Cisco Adaptive Security Appliance Software Version 8.2.5.41
Cisco Adaptive Security Appliance Software Version 8.2.4.4
Cisco Adaptive Security Appliance Software Version 8.2.2.10
Cisco Adaptive Security Appliance Software Version 8.0.5.23
Cisco Adaptive Security Appliance Software Version 8.3.2.37
Cisco Adaptive Security Appliance Software Version 8.1.1
Cisco Adaptive Security Appliance Software Version 8.3.2.39
Cisco Adaptive Security Appliance Software Version 8.0.4.25
Cisco Adaptive Security Appliance Software Version 8.0.4.16
Cisco Adaptive Security Appliance Software Version 8.2.5.26
Cisco Adaptive Security Appliance Software Version 8.0.5.20
Cisco Adaptive Security Appliance Software Version 8.0.4.9
Cisco Adaptive Security Appliance Software Version 8.1.2
Cisco Adaptive Security Appliance Software Version 8.3.2
Cisco Adaptive Security Appliance Software Version 8.3.2.33
Cisco Adaptive Security Appliance Software Version 8.2.4
Cisco Adaptive Security Appliance Software Version 8.1.2.24
Cisco Adaptive Security Appliance Software Version 8.2.5.57
Cisco Adaptive Security Appliance Software Version 8.3.2.41
Cisco Adaptive Security Appliance Software Version 8.1.2.23
Cisco Adaptive Security Appliance Software Version 8.2.4.1
Cisco Adaptive Security Appliance Software Version 8.2.3
Cisco Adaptive Security Appliance Software Version 8.3.1.4
Cisco Adaptive Security Appliance Software Version 8.3.2.44
Cisco Adaptive Security Appliance Software Version 8.0.5.28
Cisco Adaptive Security Appliance Software Version 8.0.4.31
Cisco Adaptive Security Appliance Software Version 8.3.2.34
Cisco Adaptive Security Appliance Software Version 8.0.4.23
Cisco Adaptive Security Appliance Software Version 8.2.5.50
Cisco Adaptive Security Appliance Software Version 8.0.2
Cisco Adaptive Security Appliance Software Version 8.2.5
Cisco Adaptive Security Appliance Software Version 8.1.2.19
Cisco Adaptive Security Appliance Software Version 8.3.2.13
Cisco Adaptive Security Appliance Software Version 8.2.5.13
Cisco Adaptive Security Appliance Software Version 8.3.2.23
Cisco Adaptive Security Appliance Software Version 8.1.2.55
Cisco Adaptive Security Appliance Software Version 8.2.5.52
Cisco Adaptive Security Appliance Software Version 8.0.2.11
Cisco Adaptive Security Appliance Software Version 8.3.2.31
Cisco Adaptive Security Appliance Software Version 8.1.2.16
Cisco Adaptive Security Appliance Software Version 8.2.5.55
Cisco Adaptive Security Appliance Software Version 8.1.2.56
Cisco Adaptive Security Appliance Software Version 8.3.2.4
Cisco Adaptive Security Appliance Software Version 8.0.3.6
Cisco Adaptive Security Appliance Software Version 8.1.1.6
Cisco Adaptive Security Appliance Software Version 8.0.4.32
Cisco Adaptive Security Appliance Software Version 8.0.5.31
Cisco Adaptive Security Appliance Software Version 8.1.0.104
Cisco Adaptive Security Appliance Software Version 8.0.5
Cisco Adaptive Security Appliance Software Version 8.2.2.17
Cisco Adaptive Security Appliance Software Version 8.2.2.9
Cisco Adaptive Security Appliance Software Version 8.0.4
Cisco Adaptive Security Appliance Software Version 8.1.2.13
Cisco Adaptive Security Appliance Software Version 8.0.3.19
Cisco Adaptive Security Appliance Software Version 8.2.2.16
Cisco Adaptive Security Appliance Software Version 8.0.3
Cisco Adaptive Security Appliance Software Version 8.0.2.15
Cisco Adaptive Security Appliance Software Version 8.3.2.25
Cisco Adaptive Security Appliance Software Version 8.2.1.11
Cisco Adaptive Security Appliance Software Version 8.2.5.46
Cisco Adaptive Security Appliance Software Version 8.0.5.25
Cisco Adaptive Security Appliance Software Version 8.2.5.48
Cisco Adaptive Security Appliance Software Version 8.1.2.50
Cisco Adaptive Security Appliance Software Version 8.1.2.15
Cisco Adaptive Security Appliance Software Version 8.0.3.12
Cisco Adaptive Security Appliance Software Version 8.2.0.45
Cisco Adaptive Security Appliance Software Version 8.4.3
Cisco Adaptive Security Appliance Software Version 8.4.4.9
Cisco Adaptive Security Appliance Software Version 8.4.4
Cisco Adaptive Security Appliance Software Version 8.4.0
Cisco Adaptive Security Appliance Software Version 8.4.1.3
Cisco Adaptive Security Appliance Software Version 8.4.7.29
Cisco Adaptive Security Appliance Software Version 8.4.1.11
Cisco Adaptive Security Appliance Software Version 8.4.7.22
Cisco Adaptive Security Appliance Software Version 8.4.2.1
Cisco Adaptive Security Appliance Software Version 8.4.4.1
Cisco Adaptive Security Appliance Software Version 8.4.7
Cisco Adaptive Security Appliance Software Version 8.4.7.26
Cisco Adaptive Security Appliance Software Version 8.4.5
Cisco Adaptive Security Appliance Software Version 8.4.7.15
Cisco Adaptive Security Appliance Software Version 8.4.4.5
Cisco Adaptive Security Appliance Software Version 8.4.3.8
Cisco Adaptive Security Appliance Software Version 8.4.7.23
Cisco Adaptive Security Appliance Software Version 8.4.3.9
Cisco Adaptive Security Appliance Software Version 8.4.6
Cisco Adaptive Security Appliance Software Version 8.4.5.6
Cisco Adaptive Security Appliance Software Version 8.4.7.3
Cisco Adaptive Security Appliance Software Version 8.4.4.3
Cisco Adaptive Security Appliance Software Version 8.4.2.8
Cisco Adaptive Security Appliance Software Version 8.4.1
Cisco Adaptive Security Appliance Software Version 8.4.7.28
Cisco Adaptive Security Appliance Software Version 8.4.2
Cisco Adaptive Security Appliance Software Version 8.6.1
Cisco Adaptive Security Appliance Software Version 8.5.1.18
Cisco Adaptive Security Appliance Software Version 8.5.1.14
Cisco Adaptive Security Appliance Software Version 8.5.1.19
Cisco Adaptive Security Appliance Software Version 8.6.1.13
Cisco Adaptive Security Appliance Software Version 8.6.1.2
Cisco Adaptive Security Appliance Software Version 8.5.1.7
Cisco Adaptive Security Appliance Software Version 8.6.1.14
Cisco Adaptive Security Appliance Software Version 8.5.1.24
Cisco Adaptive Security Appliance Software Version 8.6.1.17
Cisco Adaptive Security Appliance Software Version 8.5.1.21
Cisco Adaptive Security Appliance Software Version 8.6.1.10
Cisco Adaptive Security Appliance Software Version 8.5.1.1
Cisco Adaptive Security Appliance Software Version 8.6.1.1
Cisco Adaptive Security Appliance Software Version 8.5.1
Cisco Adaptive Security Appliance Software Version 8.5.1.6
Cisco Adaptive Security Appliance Software Version 8.6.1.5
Cisco Adaptive Security Appliance Software Version 8.5.1.17
Cisco Adaptive Security Appliance Software Version 8.7.1.4
Cisco Adaptive Security Appliance Software Version 8.7.1.16
Cisco Adaptive Security Appliance Software Version 9.0.4.37
Cisco Adaptive Security Appliance Software Version 9.0.4
Cisco Adaptive Security Appliance Software Version 9.0.4.5
Cisco Adaptive Security Appliance Software Version 8.7.1.7
Cisco Adaptive Security Appliance Software Version 9.0.4.7
Cisco Adaptive Security Appliance Software Version 9.0.4.26
Cisco Adaptive Security Appliance Software Version 9.0.3.8
Cisco Adaptive Security Appliance Software Version 9.0.4.35
Cisco Adaptive Security Appliance Software Version 8.7.1.17
Cisco Adaptive Security Appliance Software Version 9.0.4.17
Cisco Adaptive Security Appliance Software Version 8.7.1
Cisco Adaptive Security Appliance Software Version 9.0.3.6
Cisco Adaptive Security Appliance Software Version 8.7.1.8
Cisco Adaptive Security Appliance Software Version 9.0.2.10
Cisco Adaptive Security Appliance Software Version 9.0.1
Cisco Adaptive Security Appliance Software Version 9.0.4.33
Cisco Adaptive Security Appliance Software Version 9.0.4.24
Cisco Adaptive Security Appliance Software Version 8.7.1.11
Cisco Adaptive Security Appliance Software Version 9.0.2
Cisco Adaptive Security Appliance Software Version 9.0.4.20
Cisco Adaptive Security Appliance Software Version 9.0.4.29
Cisco Adaptive Security Appliance Software Version 8.7.1.3
Cisco Adaptive Security Appliance Software Version 8.7.1.1
Cisco Adaptive Security Appliance Software Version 9.0.3
Cisco Adaptive Security Appliance Software Version 8.7.1.13
Cisco Adaptive Security Appliance Software Version 9.0.4.1

Cisco Asa 1000v Cloud Firewall Software Version 8.7.1.1
Cisco Asa 1000v Cloud Firewall Software Version 8.7.1