8.1

CVE-2016-6377

EPSS 0.34%
Veröffentlicht 03.09.2016 20:59:08
Zuletzt bearbeitet 12.04.2025 10:46:40
Quelle psirt@cisco.com
CVE-Watchlists
Login
Unerledigt
Login

Media Origination System Suite Software 2.6 and earlier in Cisco Virtual Media Packager (VMP) allows remote attackers to bypass authentication and make arbitrary Platform and Applications Manager (PAM) API calls via unspecified vectors, aka Bug ID CSCuz52110.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Cisco ≫ Media Origination System Suite Version2.3_base

Cisco ≫ Media Origination System Suite Version2.4_base

Cisco ≫ Media Origination System Suite Version2.5_base

Cisco ≫ Media Origination System Suite Version2.6_base

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.34%	0.533

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	8.1	2.2	5.9	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P

CWE-287 Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160831-vmp

Vendor Advisory

http://www.securityfocus.com/bid/92715

https://nvd.nist.gov/vuln/detail/CVE-2016-6377

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2016-6377

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2016-6377

EUVD