CVEブラウザに戻る

CVE-2016-6408

HIGH

7.5

CVSS Severity Score

EPSS Score0.1620%

EPSS Percentile24.35th

Published2016年9月24日

Last Modified2026年5月6日

Vulnerability Description

Cisco Prime Home 5.2.0 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka Bug ID CSCvb17814.

Affected Platforms (CPE)

📦

Cisco

Prime Home

= 5.2.0

References & Advisories

🔗 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160921-cph

🔗 http://www.securityfocus.com/bid/93092

🔗 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160921-cph

🔗 http://www.securityfocus.com/bid/93092

関連する脆弱性情報

CVE-2017-379110.0

A vulnerability in the web-based GUI of Cisco Prime Home could allow an unauthenticated, remote attacker to bypass authentication ...

CVE-2016-64529.8

A vulnerability in the web-based graphical user interface (GUI) of Cisco Prime Home could allow an unauthenticated, remote attacke...

CVE-2016-198510.0

HPE Operations Manager 8.x and 9.0 on Windows allows remote attackers to execute arbitrary commands via a crafted serialized Java ...

CVE-2016-193110.0

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 allow remote attackers to cause a denial...