8.1
CVE-2016-1290
- EPSS 0.17%
- Veröffentlicht 06.04.2016 23:59:10
- Zuletzt bearbeitet 12.04.2025 10:46:40
- Quelle psirt@cisco.com
- Teams Watchlist Login
- Unerledigt Login
The web API in Cisco Prime Infrastructure 1.2.0 through 2.2(2) and Cisco Evolved Programmable Network Manager (EPNM) 1.2 allows remote authenticated users to bypass intended RBAC restrictions and gain privileges via an HTTP request that is inconsistent with a pattern filter, aka Bug ID CSCuy10227.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Cisco ≫ Evolved Programmable Network Manager Version1.2.0
Cisco ≫ Prime Infrastructure Version1.2
Cisco ≫ Prime Infrastructure Version1.2.0.103
Cisco ≫ Prime Infrastructure Version1.2.1
Cisco ≫ Prime Infrastructure Version1.3
Cisco ≫ Prime Infrastructure Version1.3.0.20
Cisco ≫ Prime Infrastructure Version1.4
Cisco ≫ Prime Infrastructure Version1.4.0.45
Cisco ≫ Prime Infrastructure Version1.4.1
Cisco ≫ Prime Infrastructure Version1.4.2
Cisco ≫ Prime Infrastructure Version2.0
Cisco ≫ Prime Infrastructure Version2.1.0
Cisco ≫ Prime Infrastructure Version2.2
Sun ≫ Opensolaris Versionsnv_124 Editionsparc
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.17% | 0.381 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.1 | 2.8 | 5.2 |
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
|
| nvd@nist.gov | 5.5 | 8 | 4.9 |
AV:N/AC:L/Au:S/C:P/I:P/A:N
|