CyberSec.Space Logo
Back to CVE Browser

CVE-2016-6374

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1230%
EPSS Percentile0.12th
PublishedSep 22, 2016
Last ModifiedMay 6, 2026

Vulnerability Description

Cisco Cloud Services Platform (CSP) 2100 2.0 allows remote attackers to execute arbitrary code via a crafted dnslookup command in an HTTP request, aka Bug ID CSCuz89093.

Affected Platforms (CPE)

πŸ“¦
Cisco

Cloud Services Platform 2100

= 2.0.0

References & Advisories

πŸ”— http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160921-csp2100-2
πŸ”— http://www.securityfocus.com/bid/93095
πŸ”— http://www.securitytracker.com/id/1036864
πŸ”— http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160921-csp2100-2
πŸ”— http://www.securityfocus.com/bid/93095
πŸ”— http://www.securitytracker.com/id/1036864

Related Vulnerabilities

CVE-2017-122519.9

A vulnerability in the web console of the Cisco Cloud Services Platform (CSP) 2100 could allow an authenticated, remote attacker t...

CVE-2018-03948.8

A vulnerability in the web upload function of Cisco Cloud Services Platform 2100 could allow an authenticated, remote attacker to ...

CVE-2018-04548.8

A vulnerability in the web-based management interface of Cisco Cloud Services Platform 2100 could allow an authenticated, remote a...

CVE-2016-63737.2

The web-based GUI in Cisco Cloud Services Platform (CSP) 2100 2.0 allows remote authenticated administrators to execute arbitrary ...