8.8
CVE-2016-9217
- EPSS 0.58%
- Veröffentlicht 26.12.2016 08:59:00
- Zuletzt bearbeitet 12.04.2025 10:46:40
- Quelle psirt@cisco.com
- CVE-Watchlists
- Unerledigt
LoginA vulnerability in Cisco Intercloud Fabric for Business and Cisco Intercloud Fabric for Providers could allow an unauthenticated, remote attacker to connect to the database used by these products. More Information: CSCus99394. Known Affected Releases: 7.3(0)ZN(0.99).
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Cisco ≫ Intercloud Fabric Version2.2.1_base
Cisco ≫ Intercloud Fabric Version2.3.1_base
Cisco ≫ Intercloud Fabric Version3.1.1_base
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.58% | 0.662 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.8 | 2.8 | 5.9 |
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 6.5 | 8 | 6.4 |
AV:N/AC:L/Au:S/C:P/I:P/A:P
|
CWE-285 Improper Authorization
The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.