CVE-2016-1360

Sažetak

Cisco Prime LAN Management Solution (LMS) through 4.2.5 uses the same database decryption key across different customers' installations, which allows local users to obtain cleartext data by leveraging console connectivity, aka Bug ID CSCuw85390.

Reference

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160310-prime-lms
http://www.securitytracker.com/id/1035313

CVSS

Base:	3.0
Impact:	4.9
Exploitability:	2.7

Pristup

Vektor	Složenost	Autentikacija
LOCAL	MEDIUM	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	NONE

CVSS vektor

AV:L/AC:M/Au:S/C:P/I:P/A:N

Zadnje važnije ažuriranje

03-12-2016 - 03:20

Objavljeno

12-03-2016 - 02:59