{"api_version":"1","generated_at":"2026-04-23T14:01:30+00:00","cve":"CVE-2016-6366","urls":{"html":"https://cve.report/CVE-2016-6366","api":"https://cve.report/api/cve/CVE-2016-6366.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2016-6366","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2016-6366"},"summary":{"title":"CVE-2016-6366","description":"Buffer overflow in Cisco Adaptive Security Appliance (ASA) Software through 9.4.2.3 on ASA 5500, ASA 5500-X, ASA Services Module, ASA 1000V, ASAv, Firepower 9300 ASA Security Module, PIX, and FWSM devices allows remote authenticated users to execute arbitrary code via crafted IPv4 SNMP packets, aka Bug ID CSCva92151 or EXTRABACON.","state":"PUBLISHED","assigner":"cisco","published_at":"2016-08-18 18:59:00","updated_at":"2026-04-22 15:42:51"},"problem_types":["CWE-120","n/a","CWE-120 CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')"],"metrics":[{"version":"3.1","source":"nvd@nist.gov","type":"Primary","score":"8.8","severity":"HIGH","vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"}},{"version":"3.1","source":"ADP","type":"DECLARED","score":"8.8","severity":"HIGH","vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","data":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","version":"3.1"}},{"version":"3.1","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","score":"8.8","severity":"HIGH","vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"}},{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"8.5","severity":"","vector":"AV:N/AC:M/Au:S/C:C/I:C/A:C","data":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:C/I:C/A:C","baseScore":8.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"}}],"references":[{"url":"http://www.securitytracker.com/id/1036637","name":"http://www.securitytracker.com/id/1036637","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","Third Party Advisory","VDB Entry"],"title":"Cisco ASA SNMP Buffer Overflow Lets Remote Users Deny Service or Execute Arbitrary Code - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/92521","name":"http://www.securityfocus.com/bid/92521","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","Not Applicable","Third Party Advisory","VDB Entry"],"title":"Cisco Adaptive Security Appliance Products CVE-2016-6366 Buffer Overflow Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://www.exploit-db.com/exploits/40258/","name":"https://www.exploit-db.com/exploits/40258/","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"],"title":"Cisco ASA 8.x - 'EXTRABACON' Authentication Bypass - Hardware remote Exploit","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40258.zip","name":"https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40258.zip","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","Exploit"],"title":"Page not found · GitHub · GitHub","mime":"text/html","httpstatus":"404","archivestatus":"404"},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-6366","name":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-6366","refsource":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["US Government Resource"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://zerosum0x0.blogspot.com/2016/09/reverse-engineering-cisco-asa-for.html","name":"https://zerosum0x0.blogspot.com/2016/09/reverse-engineering-cisco-asa-for.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Technical Description"],"title":"zerosum0x0: Reverse Engineering Cisco ASA for EXTRABACON Offsets","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-asa-snmp","name":"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-asa-snmp","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Cisco Adaptive Security Appliance SNMP Remote Code Execution Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://blogs.cisco.com/security/shadow-brokers","name":"http://blogs.cisco.com/security/shadow-brokers","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Press/Media Coverage","Vendor Advisory"],"title":"The Shadow Brokers EPICBANANA and EXTRABACON Exploits","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://tools.cisco.com/security/center/viewErp.x?alertId=ERP-56516","name":"http://tools.cisco.com/security/center/viewErp.x?alertId=ERP-56516","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Cisco Event Response: Cisco ASA and IOS Vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2016-6366","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-6366","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2016","cve_id":"6366","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"cisco","cpe5":"adaptive_security_appliance_software","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2016","cve_id":"6366","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"cisco","cpe5":"pix_firewall_501","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2016","cve_id":"6366","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"cisco","cpe5":"pix_firewall_506","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2016","cve_id":"6366","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"cisco","cpe5":"pix_firewall_506e","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2016","cve_id":"6366","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"cisco","cpe5":"pix_firewall_515","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2016","cve_id":"6366","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"cisco","cpe5":"pix_firewall_515e","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2016","cve_id":"6366","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"cisco","cpe5":"pix_firewall_520","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2016","cve_id":"6366","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"cisco","cpe5":"pix_firewall_525","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2016","cve_id":"6366","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"cisco","cpe5":"pix_firewall_535","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2016","cve_id":"6366","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"cisco","cpe5":"pix_firewall_software","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":{"cve_year":"2016","cve_id":"6366","cve":"CVE-2016-6366","vendorProject":"Cisco","product":"Adaptive Security Appliance (ASA)","vulnerabilityName":"Cisco Adaptive Security Appliance (ASA) SNMP Buffer Overflow Vulnerability","dateAdded":"2022-05-24","shortDescription":"A buffer overflow vulnerability in the Simple Network Management Protocol (SNMP) code of Cisco ASA software could allow an attacker to cause a reload of the affected system or to remotely execute code.","requiredAction":"Apply updates per vendor instructions.","dueDate":"2022-06-14","knownRansomwareCampaignUse":"Unknown","notes":"https://nvd.nist.gov/vuln/detail/CVE-2016-6366","cwes":"CWE-119","catalogVersion":"2026.04.22","updated_at":"2026-04-22 20:03:10"},"epss":{"cve_year":"2016","cve_id":"6366","cve":"CVE-2016-6366","epss":"0.913890000","percentile":"0.996660000","score_date":"2026-04-22","updated_at":"2026-04-23 00:03:16"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-06T01:29:19.884Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"92521","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/92521"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40258.zip"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://blogs.cisco.com/security/shadow-brokers"},{"name":"20160817 Cisco Adaptive Security Appliance SNMP Remote Code Execution Vulnerability","tags":["vendor-advisory","x_refsource_CISCO","x_transferred"],"url":"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-asa-snmp"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://tools.cisco.com/security/center/viewErp.x?alertId=ERP-56516"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://zerosum0x0.blogspot.com/2016/09/reverse-engineering-cisco-asa-for.html"},{"name":"40258","tags":["exploit","x_refsource_EXPLOIT-DB","x_transferred"],"url":"https://www.exploit-db.com/exploits/40258/"},{"name":"1036637","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id/1036637"}],"title":"CVE Program Container"},{"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","version":"3.1"}},{"other":{"content":{"id":"CVE-2016-6366","options":[{"Exploitation":"active"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","timestamp":"2024-11-08T17:39:13.881330Z","version":"2.0.3"},"type":"ssvc"}},{"other":{"content":{"dateAdded":"2022-05-24","reference":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-6366"},"type":"kev"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-120","description":"CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2026-01-12T20:50:50.619Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"references":[{"tags":["government-resource"],"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-6366"}],"title":"CISA ADP Vulnrichment"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2016-08-17T00:00:00.000Z","descriptions":[{"lang":"en","value":"Buffer overflow in Cisco Adaptive Security Appliance (ASA) Software through 9.4.2.3 on ASA 5500, ASA 5500-X, ASA Services Module, ASA 1000V, ASAv, Firepower 9300 ASA Security Module, PIX, and FWSM devices allows remote authenticated users to execute arbitrary code via crafted IPv4 SNMP packets, aka Bug ID CSCva92151 or EXTRABACON."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2016-11-25T20:57:01.000Z","orgId":"d1c1063e-7a18-46af-9102-31f8928bc633","shortName":"cisco"},"references":[{"name":"92521","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/92521"},{"tags":["x_refsource_MISC"],"url":"https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40258.zip"},{"tags":["x_refsource_CONFIRM"],"url":"http://blogs.cisco.com/security/shadow-brokers"},{"name":"20160817 Cisco Adaptive Security Appliance SNMP Remote Code Execution Vulnerability","tags":["vendor-advisory","x_refsource_CISCO"],"url":"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-asa-snmp"},{"tags":["x_refsource_CONFIRM"],"url":"http://tools.cisco.com/security/center/viewErp.x?alertId=ERP-56516"},{"tags":["x_refsource_MISC"],"url":"https://zerosum0x0.blogspot.com/2016/09/reverse-engineering-cisco-asa-for.html"},{"name":"40258","tags":["exploit","x_refsource_EXPLOIT-DB"],"url":"https://www.exploit-db.com/exploits/40258/"},{"name":"1036637","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id/1036637"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"psirt@cisco.com","ID":"CVE-2016-6366","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Buffer overflow in Cisco Adaptive Security Appliance (ASA) Software through 9.4.2.3 on ASA 5500, ASA 5500-X, ASA Services Module, ASA 1000V, ASAv, Firepower 9300 ASA Security Module, PIX, and FWSM devices allows remote authenticated users to execute arbitrary code via crafted IPv4 SNMP packets, aka Bug ID CSCva92151 or EXTRABACON."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"92521","refsource":"BID","url":"http://www.securityfocus.com/bid/92521"},{"name":"https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40258.zip","refsource":"MISC","url":"https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40258.zip"},{"name":"http://blogs.cisco.com/security/shadow-brokers","refsource":"CONFIRM","url":"http://blogs.cisco.com/security/shadow-brokers"},{"name":"20160817 Cisco Adaptive Security Appliance SNMP Remote Code Execution Vulnerability","refsource":"CISCO","url":"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-asa-snmp"},{"name":"http://tools.cisco.com/security/center/viewErp.x?alertId=ERP-56516","refsource":"CONFIRM","url":"http://tools.cisco.com/security/center/viewErp.x?alertId=ERP-56516"},{"name":"https://zerosum0x0.blogspot.com/2016/09/reverse-engineering-cisco-asa-for.html","refsource":"MISC","url":"https://zerosum0x0.blogspot.com/2016/09/reverse-engineering-cisco-asa-for.html"},{"name":"40258","refsource":"EXPLOIT-DB","url":"https://www.exploit-db.com/exploits/40258/"},{"name":"1036637","refsource":"SECTRACK","url":"http://www.securitytracker.com/id/1036637"}]}}}},"cveMetadata":{"assignerOrgId":"d1c1063e-7a18-46af-9102-31f8928bc633","assignerShortName":"cisco","cveId":"CVE-2016-6366","datePublished":"2016-08-18T18:00:00.000Z","dateReserved":"2016-07-26T00:00:00.000Z","dateUpdated":"2026-01-12T20:50:50.619Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2016-08-18 18:59:00","lastModifiedDate":"2026-04-22 15:42:51","problem_types":["CWE-120","n/a","CWE-120 CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')"],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:C/I:C/A:C","baseScore":8.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":6.8,"impactScore":10,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:pix_firewall_software:-:*:*:*:*:*:*:*","matchCriteriaId":"9178BC88-B81B-4F0C-879D-31D9C204F7E8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:pix_firewall_501:-:*:*:*:*:*:*:*","matchCriteriaId":"93103865-C140-4C93-9A7F-6EEF25958736"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:pix_firewall_506:-:*:*:*:*:*:*:*","matchCriteriaId":"32283245-33A1-41E2-B8CD-CFC2459F840B"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:pix_firewall_506e:-:*:*:*:*:*:*:*","matchCriteriaId":"107A6891-05FF-4812-B113-96247EDE136F"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:pix_firewall_515:-:*:*:*:*:*:*:*","matchCriteriaId":"A35FF15C-5E02-4AD1-A4E6-E40E93A9F8F5"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:pix_firewall_515e:-:*:*:*:*:*:*:*","matchCriteriaId":"008185AD-BF4E-49ED-B3A8-FDA7F82D94E3"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:pix_firewall_520:-:*:*:*:*:*:*:*","matchCriteriaId":"D1D1DB6E-2C3C-4844-A76E-D679735BC150"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:pix_firewall_525:-:*:*:*:*:*:*:*","matchCriteriaId":"B7181264-0852-4637-A9C0-86CD3BB978AC"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:pix_firewall_535:-:*:*:*:*:*:*:*","matchCriteriaId":"488BE38C-6F9C-4652-92A5-F3626DBEE093"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*","versionStartIncluding":"7.2.1","versionEndExcluding":"9.0.4.40","matchCriteriaId":"F95FC8FC-52B2-4A7D-A0CB-2DDB2BE48F8B"},{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*","versionStartIncluding":"9.1.1","versionEndExcluding":"9.1.7\\(9\\)","matchCriteriaId":"1D7DE2BB-3ABB-49FB-8798-37A356839C6B"},{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*","versionStartIncluding":"9.2.0","versionEndExcluding":"9.2.4\\(14\\)","matchCriteriaId":"DB701E10-57D0-4C9A-8FB7-5A27A4C9D9F0"},{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*","versionStartIncluding":"9.3.0","versionEndExcluding":"9.3.3\\(10\\)","matchCriteriaId":"186B85FF-97E6-45C2-ABD0-DBB9C6981EEA"},{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*","versionStartIncluding":"9.4.0.115","versionEndExcluding":"9.4.3\\(8\\)","matchCriteriaId":"59EB3383-005B-443E-A65A-798497D3E750"},{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*","versionStartIncluding":"9.5.0","versionEndIncluding":"9.5\\(3\\)","matchCriteriaId":"1C69FA5A-EC00-4BAF-8EA4-AEE473DD299B"},{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*","versionStartIncluding":"9.6.0","versionEndExcluding":"9.6.1\\(11\\)","matchCriteriaId":"88B1C470-34BE-4D69-9DF1-0C30866B9498"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:7604:-:*:*:*:*:*:*:*","matchCriteriaId":"65973B50-2AA1-4B83-925A-8DB2D4720ADB"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:7606-s:-:*:*:*:*:*:*:*","matchCriteriaId":"25DD80A8-F664-4C30-A89F-C2299CCACB7E"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:7609-s:-:*:*:*:*:*:*:*","matchCriteriaId":"385DBA44-E84B-4752-8E8E-170EF13784D7"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:7613-s:-:*:*:*:*:*:*:*","matchCriteriaId":"A1E30F72-0218-496D-BFAD-CED0AAC5E58E"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asa_5500:-:*:*:*:*:*:*:*","matchCriteriaId":"7018906A-ACDF-4D7B-B816-ED9C235BF04E"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asa_5500-x:-:*:*:*:*:*:*:*","matchCriteriaId":"E10D97EB-51C4-4904-ABBA-5FCDC9B6D062"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asa_5500_csc-ssm:-:*:*:*:*:*:*:*","matchCriteriaId":"DD44DFA7-9D3E-4158-9551-A698344F9022"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*","matchCriteriaId":"8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asa_5506-x:-:*:*:*:*:*:*:*","matchCriteriaId":"763B801D-CA1E-4C56-8B06-3373EA307C7E"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asa_5506h-x:-:*:*:*:*:*:*:*","matchCriteriaId":"30AC6907-3091-409F-967D-64A82A0C5A8C"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asa_5506w-x:-:*:*:*:*:*:*:*","matchCriteriaId":"D11AF728-8EB0-45EB-A7DD-F2D52B3BB7B8"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asa_5508-x:-:*:*:*:*:*:*:*","matchCriteriaId":"92AE506A-E710-465B-B795-470FDE0E0ECA"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*","matchCriteriaId":"B091B9BA-D4CA-435B-8D66-602B45F0E0BD"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*","matchCriteriaId":"08F0F160-DAD2-48D4-B7B2-4818B2526F35"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*","matchCriteriaId":"977D597B-F6DE-4438-AB02-06BE64D71EBE"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asa_5516-x:-:*:*:*:*:*:*:*","matchCriteriaId":"1E07AF10-FFB2-4AC7-BBE7-199C3EFED81F"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asa_5520:-:*:*:*:*:*:*:*","matchCriteriaId":"2B387F62-6341-434D-903F-9B72E7F84ECB"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*","matchCriteriaId":"EB71EB29-0115-4307-A9F7-262394FD9FB0"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asa_5540:-:*:*:*:*:*:*:*","matchCriteriaId":"17C5A524-E1D9-480F-B655-0680AA5BF720"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*","matchCriteriaId":"57179F60-E330-4FF0-9664-B1E4637FF210"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asa_5550:-:*:*:*:*:*:*:*","matchCriteriaId":"E6287D95-F564-44B7-A0F9-91396D7C2C4E"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*","matchCriteriaId":"5535C936-391B-4619-AA03-B35265FC15D7"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*","matchCriteriaId":"D1E828B8-5ECC-4A09-B2AD-DEDC558713DE"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*","matchCriteriaId":"16AE20C2-C77E-4E04-BF13-A48696E52426"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:catalyst_6500:-:*:*:*:*:*:*:*","matchCriteriaId":"DEFBFA86-64F2-4CB0-99E1-FAEFCA690FF8"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:catalyst_6500-e:-:*:*:*:*:*:*:*","matchCriteriaId":"15B48565-92C7-4AE1-AE3A-6FF7DD010745"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:catalyst_6503-e:-:*:*:*:*:*:*:*","matchCriteriaId":"F202892E-2E58-4D77-B983-38AFA51CDBC6"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:catalyst_6504-e:-:*:*:*:*:*:*:*","matchCriteriaId":"7F57DF3E-4069-4EF0-917E-84CDDFCEBEEF"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:catalyst_6506-e:-:*:*:*:*:*:*:*","matchCriteriaId":"0BE25114-ABBC-47A0-9C20-E8D40D721313"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:catalyst_6509-e:-:*:*:*:*:*:*:*","matchCriteriaId":"FADD5F49-2817-40EC-861C-C922825708BD"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:catalyst_6509-neb-a:-:*:*:*:*:*:*:*","matchCriteriaId":"E628F9C4-98C6-4A95-AF81-F1E6A56E8648"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:catalyst_6509-v-e:-:*:*:*:*:*:*:*","matchCriteriaId":"4AFF899C-1EB3-46D8-9003-EA36A68C90B3"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:catalyst_6513:-:*:*:*:*:*:*:*","matchCriteriaId":"E6463491-F63E-44CB-A1D4-C029BE7D3D3D"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:catalyst_6513-e:-:*:*:*:*:*:*:*","matchCriteriaId":"D8668D34-096B-4FC3-B9B1-0ECFD6265778"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:asa_1000v_cloud_firewall_software:8.7.1:*:*:*:*:*:*:*","matchCriteriaId":"D04D15E5-EB98-4A87-AAD5-BC7E553E4EA1"},{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:asa_1000v_cloud_firewall_software:8.7.1.1:*:*:*:*:*:*:*","matchCriteriaId":"84BBCF6D-5529-4D7F-A32D-4C1C03139819"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2016","CveId":"6366","Ordinal":"1","Title":"CVE-2016-6366","CVE":"CVE-2016-6366","Year":"2016"},"notes":[{"CveYear":"2016","CveId":"6366","Ordinal":"1","NoteData":"Buffer overflow in Cisco Adaptive Security Appliance (ASA) Software through 9.4.2.3 on ASA 5500, ASA 5500-X, ASA Services Module, ASA 1000V, ASAv, Firepower 9300 ASA Security Module, PIX, and FWSM devices allows remote authenticated users to execute arbitrary code via crafted IPv4 SNMP packets, aka Bug ID CSCva92151 or EXTRABACON.","Type":"Description","Title":"CVE-2016-6366"},{"CveYear":"2016","CveId":"6366","Ordinal":"2","NoteData":"2016-08-18","Type":"Other","Title":"Published"},{"CveYear":"2016","CveId":"6366","Ordinal":"3","NoteData":"2016-11-25","Type":"Other","Title":"Modified"}]}}}