CyberSec.Space Logo
CVEブラウザに戻る

CVE-2016-6452

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0860%
EPSS Percentile28.87th
Published2016年11月3日
Last Modified2026年5月6日

Vulnerability Description

A vulnerability in the web-based graphical user interface (GUI) of Cisco Prime Home could allow an unauthenticated, remote attacker to bypass authentication. The attacker could be granted full administrator privileges. Cisco Prime Home versions 5.1.1.6 and earlier and 5.2.2.2 and earlier have been confirmed to be vulnerable. Cisco Prime Home versions 6.0 and later are not vulnerable. More Information: CSCvb71732. Known Affected Releases: 5.0 5.0(1) 5.0(1.1) 5.0(1.2) 5.0(2) 5.15.1(0) 5.1(1) 5.1(1.3) 5.1(1.4) 5.1(1.5) 5.1(1.6) 5.1(2) 5.1(2.1) 5.1(2.3) 5.25.2(0.1) 5.2(1.0) 5.2(1.2) 5.2(2.0) 5.2(2.1) 5.2(2.2).

Affected Platforms (CPE)

📦
Cisco

Prime Home

= 5.0_base
📦
Cisco

Prime Home

= 5.1_base
📦
Cisco

Prime Home

= 5.2.0

References & Advisories

🔗 http://www.securityfocus.com/bid/94070
🔗 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-cph
🔗 http://www.securityfocus.com/bid/94070
🔗 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-cph

関連する脆弱性情報

CVE-2017-379110.0

A vulnerability in the web-based GUI of Cisco Prime Home could allow an unauthenticated, remote attacker to bypass authentication ...

CVE-2016-64087.5

Cisco Prime Home 5.2.0 allows remote attackers to read arbitrary files via an XML document containing an external entity declarati...

CVE-2016-198510.0

HPE Operations Manager 8.x and 9.0 on Windows allows remote attackers to execute arbitrary commands via a crafted serialized Java ...

CVE-2016-193110.0

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 allow remote attackers to cause a denial...