CVE-2016-5410
firewalld: Firewall configuration can be modified by any logged in user
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
firewalld.py in firewalld before 0.4.3.3 allows local users to bypass authentication and modify firewall configurations via the (1) addPassthrough, (2) removePassthrough, (3) addEntry, (4) removeEntry, or (5) setEntries D-Bus API method.
firewalld.py en firewalld en versiones anteriores a 0.4.3.3 permite a usuarios locales eludir la autenticación y modificar las configuraciones del firewall a través de (1) addPassthrough, (2) removePassthrough, (3) addEntry, (4) removeEntry o (5) setEntries D-Bus API method.
A flaw was found in the way firewalld allowed certain firewall configurations to be modified by unauthenticated users. Any locally logged in user could use this flaw to tamper or change firewall settings.
firewalld is a firewall service daemon that provides a dynamic customizable firewall with a D-Bus interface. The following packages have been upgraded to a newer upstream version: firewalld. Security Fix: A flaw was found in the way firewalld allowed certain firewall configurations to be modified by unauthenticated users. Any locally logged in user could use this flaw to tamper or change firewall settings.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2016-06-10 CVE Reserved
- 2016-11-04 CVE Published
- 2024-08-06 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-287: Improper Authentication
- CWE-306: Missing Authentication for Critical Function
CAPEC
References (9)
| URL | Tag | Source |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2016/08/16/3 | Mailing List |
|
| http://www.securityfocus.com/bid/92481 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.firewalld.org/2016/08/firewalld-0-4-3-3-release | 2023-11-07 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1360135 | 2016-11-03 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Firewalld Search vendor "Firewalld" | Firewalld Search vendor "Firewalld" for product "Firewalld" | <= 0.4.3.2 Search vendor "Firewalld" for product "Firewalld" and version " <= 0.4.3.2" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Desktop Search vendor "Redhat" for product "Enterprise Linux Desktop" | 7.0 Search vendor "Redhat" for product "Enterprise Linux Desktop" and version "7.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Hpc Node Search vendor "Redhat" for product "Enterprise Linux Hpc Node" | 7.0 Search vendor "Redhat" for product "Enterprise Linux Hpc Node" and version "7.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Server Search vendor "Redhat" for product "Enterprise Linux Server" | 7.0 Search vendor "Redhat" for product "Enterprise Linux Server" and version "7.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Workstation Search vendor "Redhat" for product "Enterprise Linux Workstation" | 7.0 Search vendor "Redhat" for product "Enterprise Linux Workstation" and version "7.0" | - |
Affected
| ||||||