CVE-2016-1301

Sažetak

The RBAC implementation in Cisco ASA-CX Content-Aware Security software before 9.3.1.1(112) and Cisco Prime Security Manager (PRSM) software before 9.3.1.1(112) allows remote authenticated users to change arbitrary passwords via a crafted HTTP request, aka Bug ID CSCuo94842.

Reference

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-prsm
http://www.securitytracker.com/id/1034926
http://www.securitytracker.com/id/1034927

CVSS

Base:	8.5
Impact:	10.0
Exploitability:	6.8

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:M/Au:S/C:C/I:C/A:C

Zadnje važnije ažuriranje

06-12-2016 - 03:06

Objavljeno

07-02-2016 - 11:59