CVE-2016-5410 : firewalld.py in firewalld before 0.4.3.3 allows local users to bypass authentica

firewalld.py in firewalld before 0.4.3.3 allows local users to bypass authentication and modify firewall configurations via the (1) addPassthrough, (2) removePassthrough, (3) addEntry, (4) removeEntry, or (5) setEntries D-Bus API method.

Published 2017-04-19 14:59:00

Updated 2017-04-25 14:59:10

Source Red Hat, Inc.

View at NVD, CVE.org

Vulnerability category: BypassGain privilege

Products affected by CVE-2016-5410

Redhat » Enterprise Linux Desktop » Version: 7.0
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Server » Version: 7.0
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Workstation » Version: 7.0
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Hpc Node » Version: 7.0
cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*
Matching versions
Firewalld » Firewalld
Versions up to, including, (<=) 0.4.3.2
cpe:2.3:a:firewalld:firewalld:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2016-5410

EPSS FAQ

0.06%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 16 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2016-5410

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
2.1	LOW	AV:L/AC:L/Au:N/C:N/I:P/A:N	3.9	2.9	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: Partial Availability Impact: None
5.5	MEDIUM	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N	1.8	3.6	NIST
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: None Integrity: High Availability: None

CWE ids for CVE-2016-5410

CWE-287 Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2016-5410

https://bugzilla.redhat.com/show_bug.cgi?id=1360135

1360135 – (CVE-2016-5410) CVE-2016-5410 firewalld: Firewall configuration can be modified by any logged in user
Issue Tracking;Patch
http://www.firewalld.org/2016/08/firewalld-0-4-3-3-release

firewalld 0.4.3.3 release | firewalld
Patch;Vendor Advisory
http://www.openwall.com/lists/oss-security/2016/08/16/3

oss-security - firewalld: Firewall configuration can be modified by any logged in user
Mailing List
http://rhn.redhat.com/errata/RHSA-2016-2597.html

RHSA-2016:2597 - Security Advisory - Red Hat Customer Portal
Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZBJMYLGRVKIPJEI3VZJ4WQZT7FBQ5BKO/

[SECURITY] Fedora 25 Update: firewalld-0.4.3.3-1.fc25 - package-announce - Fedora Mailing-Lists
Third Party Advisory
http://www.securityfocus.com/bid/92481

FirewallD CVE-2016-5410 Security Bypass Vulnerability
Third Party Advisory;VDB Entry
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DPM3GUQRU2KPRXDEQLAMCDQEAIARJSBT/

[SECURITY] Fedora 24 Update: firewalld-0.4.3.3-1.fc24 - package-announce - Fedora Mailing-Lists
Third Party Advisory
https://security.gentoo.org/glsa/201701-70

Firewalld: Improper authentication methods (GLSA 201701-70) — Gentoo security
Third Party Advisory

Jump to

Vulnerability Details : CVE-2016-5410

Products affected by CVE-2016-5410

Exploit prediction scoring system (EPSS) score for CVE-2016-5410

CVSS scores for CVE-2016-5410

CWE ids for CVE-2016-5410

References for CVE-2016-5410