CVE-2016-6367 is a vulnerability in Cisco Adaptive Security Appliance Software
Published on August 18, 2016

Cisco Adaptive Security Appliance (ASA) Software before 8.4(1) on ASA 5500, ASA 5500-X, PIX, and FWSM devices allows local users to gain privileges via invalid CLI commands, aka Bug ID CSCtu74257 or EPICBANANA.

Vendor Advisory Vendor Advisory Vendor Advisory NVD

Known Exploited Vulnerability

This Cisco Adaptive Security Appliance (ASA) CLI Remote Code Execution Vulnerability is part of CISA's list of Known Exploited Vulnerabilities. A vulnerability in the command-line interface (CLI) parser of Cisco ASA software could allow an authenticated, local attacker to create a denial-of-service condition or potentially execute code.

The following remediation steps are recommended / required by June 14, 2022: Apply updates per vendor instructions.

Vulnerability Analysis

CVE-2016-6367 can be exploited with local system access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Products Associated with CVE-2016-6367

You can be notified by stack.watch whenever vulnerabilities like CVE-2016-6367 are published in these products:

Cisco Adaptive Security Appliance Software

What versions of Adaptive Security Appliance Software are vulnerable to CVE-2016-6367?

Cisco Adaptive Security Appliance Software Version 7.0.7.1
Cisco Adaptive Security Appliance Software Version 7.0.7.9
Cisco Adaptive Security Appliance Software Version 7.0.7.12
Cisco Adaptive Security Appliance Software Version 7.0.6.4
Cisco Adaptive Security Appliance Software Version 7.0.8.13
Cisco Adaptive Security Appliance Software Version 7.0.3
Cisco Adaptive Security Appliance Software Version 7.0.8.2
Cisco Adaptive Security Appliance Software Version 7.0.7.4
Cisco Adaptive Security Appliance Software Version 7.0.4
Cisco Adaptive Security Appliance Software Version 7.0.1
Cisco Adaptive Security Appliance Software Version 7.0.7
Cisco Adaptive Security Appliance Software Version 7.0.2
Cisco Adaptive Security Appliance Software Version 7.0.1.4
Cisco Adaptive Security Appliance Software Version 7.0.6
Cisco Adaptive Security Appliance Software Version 7.0.6.8
Cisco Adaptive Security Appliance Software Version 7.0.8.8
Cisco Adaptive Security Appliance Software Version 7.0.6.18
Cisco Adaptive Security Appliance Software Version 7.0.6.32
Cisco Adaptive Security Appliance Software Version 7.0.8.12
Cisco Adaptive Security Appliance Software Version 7.0.5
Cisco Adaptive Security Appliance Software Version 7.0.4.2
Cisco Adaptive Security Appliance Software Version 7.0.6.29
Cisco Adaptive Security Appliance Software Version 7.0.5.12
Cisco Adaptive Security Appliance Software Version 7.0.8
Cisco Adaptive Security Appliance Software Version 7.0.6.22
Cisco Adaptive Security Appliance Software Version 7.0.6.26
Cisco Adaptive Security Appliance Software Version 7.2.4.30
Cisco Adaptive Security Appliance Software Version 7.1.2.24
Cisco Adaptive Security Appliance Software Version 7.2.4.18
Cisco Adaptive Security Appliance Software Version 7.1.2.81
Cisco Adaptive Security Appliance Software Version 7.2.3.12
Cisco Adaptive Security Appliance Software Version 7.2.5.7
Cisco Adaptive Security Appliance Software Version 7.2.1.24
Cisco Adaptive Security Appliance Software Version 7.2.3.16
Cisco Adaptive Security Appliance Software Version 7.2.1.13
Cisco Adaptive Security Appliance Software Version 7.2.2.10
Cisco Adaptive Security Appliance Software Version 7.1.2.16
Cisco Adaptive Security Appliance Software Version 7.1.2.28
Cisco Adaptive Security Appliance Software Version 7.1.2.20
Cisco Adaptive Security Appliance Software Version 7.2.4.33
Cisco Adaptive Security Appliance Software Version 7.2.2.22
Cisco Adaptive Security Appliance Software Version 7.1.2.64
Cisco Adaptive Security Appliance Software Version 7.2.5.12
Cisco Adaptive Security Appliance Software Version 7.2.3
Cisco Adaptive Security Appliance Software Version 7.2.5.16
Cisco Adaptive Security Appliance Software Version 7.2.1.19
Cisco Adaptive Security Appliance Software Version 7.2.4.27
Cisco Adaptive Security Appliance Software Version 7.1.2.46
Cisco Adaptive Security Appliance Software Version 7.2.2.14
Cisco Adaptive Security Appliance Software Version 7.2.2.18
Cisco Adaptive Security Appliance Software Version 7.2.5.4
Cisco Adaptive Security Appliance Software Version 7.1.2.61
Cisco Adaptive Security Appliance Software Version 7.2.3.1
Cisco Adaptive Security Appliance Software Version 7.2.5.10
Cisco Adaptive Security Appliance Software Version 7.2.1.9
Cisco Adaptive Security Appliance Software Version 7.1.2.42
Cisco Adaptive Security Appliance Software Version 7.2.2.6
Cisco Adaptive Security Appliance Software Version 7.2.4.9
Cisco Adaptive Security Appliance Software Version 7.2.2
Cisco Adaptive Security Appliance Software Version 7.2.2.34
Cisco Adaptive Security Appliance Software Version 7.1.2.49
Cisco Adaptive Security Appliance Software Version 7.2.5.2
Cisco Adaptive Security Appliance Software Version 7.1.2.72
Cisco Adaptive Security Appliance Software Version 7.1.2.53
Cisco Adaptive Security Appliance Software Version 7.2.4.25
Cisco Adaptive Security Appliance Software Version 7.2.4.6
Cisco Adaptive Security Appliance Software Version 7.2.2.19
Cisco Adaptive Security Appliance Software Version 7.2.4
Cisco Adaptive Security Appliance Software Version 7.1.2.38
Cisco Adaptive Security Appliance Software Version 7.2.5
Cisco Adaptive Security Appliance Software Version 7.2.5.8
Cisco Adaptive Security Appliance Software Version 7.1.2
Cisco Adaptive Security Appliance Software Version 7.2.1
Cisco Adaptive Security Appliance Software Version 8.3.2.40
Cisco Adaptive Security Appliance Software Version 8.3.1
Cisco Adaptive Security Appliance Software Version 8.0.4.28
Cisco Adaptive Security Appliance Software Version 8.2.2
Cisco Adaptive Security Appliance Software Version 8.3.1.1
Cisco Adaptive Security Appliance Software Version 8.0.1.2
Cisco Adaptive Security Appliance Software Version 8.0.5.27
Cisco Adaptive Security Appliance Software Version 8.0.4.33
Cisco Adaptive Security Appliance Software Version 8.3.1.6
Cisco Adaptive Security Appliance Software Version 8.2.5.40
Cisco Adaptive Security Appliance Software Version 8.1.2.49
Cisco Adaptive Security Appliance Software Version 8.2.1
Cisco Adaptive Security Appliance Software Version 8.2.2.12
Cisco Adaptive Security Appliance Software Version 8.0.4.3
Cisco Adaptive Security Appliance Software Version 8.2.5.22
Cisco Adaptive Security Appliance Software Version 8.2.5.33
Cisco Adaptive Security Appliance Software Version 8.2.5.41
Cisco Adaptive Security Appliance Software Version 8.2.4.4
Cisco Adaptive Security Appliance Software Version 8.2.2.10
Cisco Adaptive Security Appliance Software Version 8.0.5.23
Cisco Adaptive Security Appliance Software Version 8.3.2.37
Cisco Adaptive Security Appliance Software Version 8.1.1
Cisco Adaptive Security Appliance Software Version 8.3.2.39
Cisco Adaptive Security Appliance Software Version 8.0.4.25
Cisco Adaptive Security Appliance Software Version 8.0.4.16
Cisco Adaptive Security Appliance Software Version 8.2.5.26
Cisco Adaptive Security Appliance Software Version 8.0.5.20
Cisco Adaptive Security Appliance Software Version 8.0.4.9
Cisco Adaptive Security Appliance Software Version 8.1.2
Cisco Adaptive Security Appliance Software Version 8.3.2
Cisco Adaptive Security Appliance Software Version 8.3.2.33
Cisco Adaptive Security Appliance Software Version 8.2.4
Cisco Adaptive Security Appliance Software Version 8.1.2.24
Cisco Adaptive Security Appliance Software Version 8.2.5.57
Cisco Adaptive Security Appliance Software Version 8.3.2.41
Cisco Adaptive Security Appliance Software Version 8.1.2.23
Cisco Adaptive Security Appliance Software Version 8.2.4.1
Cisco Adaptive Security Appliance Software Version 8.2.3
Cisco Adaptive Security Appliance Software Version 8.3.1.4
Cisco Adaptive Security Appliance Software Version 8.3.2.44
Cisco Adaptive Security Appliance Software Version 8.0.5.28
Cisco Adaptive Security Appliance Software Version 8.0.4.31
Cisco Adaptive Security Appliance Software Version 8.3.2.34
Cisco Adaptive Security Appliance Software Version 8.0.4.23
Cisco Adaptive Security Appliance Software Version 8.2.5.50
Cisco Adaptive Security Appliance Software Version 8.0.2
Cisco Adaptive Security Appliance Software Version 8.2.5
Cisco Adaptive Security Appliance Software Version 8.1.2.19
Cisco Adaptive Security Appliance Software Version 8.3.2.13
Cisco Adaptive Security Appliance Software Version 8.2.5.13
Cisco Adaptive Security Appliance Software Version 8.3.2.23
Cisco Adaptive Security Appliance Software Version 8.1.2.55
Cisco Adaptive Security Appliance Software Version 8.2.5.52
Cisco Adaptive Security Appliance Software Version 8.0.2.11
Cisco Adaptive Security Appliance Software Version 8.3.2.31
Cisco Adaptive Security Appliance Software Version 8.1.2.16
Cisco Adaptive Security Appliance Software Version 8.2.5.55
Cisco Adaptive Security Appliance Software Version 8.1.2.56
Cisco Adaptive Security Appliance Software Version 8.3.2.4
Cisco Adaptive Security Appliance Software Version 8.0.3.6
Cisco Adaptive Security Appliance Software Version 8.1.1.6
Cisco Adaptive Security Appliance Software Version 8.0.4.32
Cisco Adaptive Security Appliance Software Version 8.0.5.31
Cisco Adaptive Security Appliance Software Version 8.1.0.104
Cisco Adaptive Security Appliance Software Version 8.0.5
Cisco Adaptive Security Appliance Software Version 8.2.2.17
Cisco Adaptive Security Appliance Software Version 8.2.2.9
Cisco Adaptive Security Appliance Software Version 8.0.4
Cisco Adaptive Security Appliance Software Version 8.1.2.13
Cisco Adaptive Security Appliance Software Version 8.0.3.19
Cisco Adaptive Security Appliance Software Version 8.2.2.16
Cisco Adaptive Security Appliance Software Version 8.0.3
Cisco Adaptive Security Appliance Software Version 8.0.2.15
Cisco Adaptive Security Appliance Software Version 8.3.2.25
Cisco Adaptive Security Appliance Software Version 8.2.1.11
Cisco Adaptive Security Appliance Software Version 8.2.5.46
Cisco Adaptive Security Appliance Software Version 8.0.5.25
Cisco Adaptive Security Appliance Software Version 8.2.5.48
Cisco Adaptive Security Appliance Software Version 8.1.2.50
Cisco Adaptive Security Appliance Software Version 8.1.2.15
Cisco Adaptive Security Appliance Software Version 8.0.3.12
Cisco Adaptive Security Appliance Software Version 8.2.0.45

CVE-2016-6367 is a vulnerability in Cisco Adaptive Security Appliance SoftwarePublished on August 18, 2016

Known Exploited Vulnerability

Vulnerability Analysis

Products Associated with CVE-2016-6367

What versions of Adaptive Security Appliance Software are vulnerable to CVE-2016-6367?

CVE-2016-6367 is a vulnerability in Cisco Adaptive Security Appliance Software
Published on August 18, 2016