CyberSec.Space Logo
Back to CVE Browser

CVE-2016-6408

HIGH
7.5
CVSS Severity Score
EPSS Score0.1620%
EPSS Percentile24.35th
PublishedSep 24, 2016
Last ModifiedMay 6, 2026

Vulnerability Description

Cisco Prime Home 5.2.0 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka Bug ID CSCvb17814.

Affected Platforms (CPE)

πŸ“¦
Cisco

Prime Home

= 5.2.0

References & Advisories

πŸ”— http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160921-cph
πŸ”— http://www.securityfocus.com/bid/93092
πŸ”— http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160921-cph
πŸ”— http://www.securityfocus.com/bid/93092

Related Vulnerabilities

CVE-2017-379110.0

A vulnerability in the web-based GUI of Cisco Prime Home could allow an unauthenticated, remote attacker to bypass authentication ...

CVE-2016-64529.8

A vulnerability in the web-based graphical user interface (GUI) of Cisco Prime Home could allow an unauthenticated, remote attacke...

CVE-2016-045110.0

Unspecified vulnerability in the Oracle GoldenGate component in Oracle GoldenGate 11.2 and 12.1.2 allows remote attackers to affec...

CVE-2016-045210.0

Unspecified vulnerability in the Oracle GoldenGate component in Oracle GoldenGate 11.2 and 12.1.2 allows remote attackers to affec...