CVE-2016-1360

Loading...

General

Score:3.0/10.0
Severity:Low
Category:Information Leak / Disclosure

Impact Metrics

Confidentiality:Partial
Integrity:Partial
Availability:None

Exploitability Metrics

Access Vector:Local
Access Complexity:Medium
Authentication:Single

Published on 12/03/16 - Updated on 03/12/16

Description

Cisco Prime LAN Management Solution (LMS) through 4.2.5 uses the same database decryption key across different customers' installations, which allows local users to obtain cleartext data by leveraging console connectivity, aka Bug ID CSCuw85390.

Category: Information Leak / Disclosure

CWE-200 (Information Exposure)
An information exposure is the intentional or unintentional disclosure of information to an actor that is not explicitly authorized to have access to that information.

Security Notices

US National Vulnerability DatabaseCVE-2016-1360
Agence Nationale de la Sécurité des Systèmes d'Information CERTFR-2016-AVI-093

Exploits

No exploits available for this CVE in our database.

Relative technologies

VendorProduct
ciscoprime_lan_management_solution

Share this vulnerability with:

Twitter Facebook LinkedIn Mail