CVE-2016-1358

Sažetak

Cisco Prime Infrastructure 2.2, 3.0, and 3.1(0.0) allows remote authenticated users to read arbitrary files or cause a denial of service via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka Bug ID CSCuw81497.

Reference

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-cpi
http://www.securitytracker.com/id/1035181

CVSS

Base:	5.5
Impact:	4.9
Exploitability:	8.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	PARTIAL

CVSS vektor

AV:N/AC:L/Au:S/C:P/I:N/A:P

Zadnje važnije ažuriranje

29-07-2019 - 17:46

Objavljeno

03-03-2016 - 22:59