CyberSec.Space Logo
Back to CVE Browser

CVE-2016-1343

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1030%
EPSS Percentile44.25th
PublishedApr 30, 2016
Last ModifiedMay 6, 2026

Vulnerability Description

The XML parser in Cisco Information Server (CIS) 6.2 allows remote attackers to read arbitrary files or cause a denial of service (CPU and memory consumption) via an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka Bug ID CSCuy39059.

Affected Platforms (CPE)

📦
Cisco

Information Server

= 6.2_base

References & Advisories

🔗 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160428-cis
🔗 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160428-cis

Related Vulnerabilities

CVE-2020-696610.0

In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Ver...

CVE-2025-524310.0

Unrestricted Upload of File with Dangerous Type, Improper Neutralization of Special Elements used in an OS Command ('OS Command In...

CVE-2017-1290510.0

Server Side Request Forgery vulnerability in Vebto Pixie Image Editor 1.4 and 1.7 allows remote attackers to disclose information ...

CVE-2020-696110.0

In ApexPro Telemetry Server, Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Ve...