Lucene search

[email protected]CVE-2016-1316

HistoryFeb 09, 2016 - 3:59 a.m.

CVE-2016-1316

2016-02-0903:59:00

CWE-200

[email protected]

web.nvd.nist.gov

cisco

vcs

x8.1

x8.7

remote attackers

sensitive information

cve-2016-1316

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

51.2%

JSON

Cisco TelePresence Video Communication Server (VCS) X8.1 through X8.7, as used in conjunction with Jabber Guest, allows remote attackers to obtain sensitive call-statistics information via a direct request to an unspecified URL, aka Bug ID CSCux73362.

Affected configurations

NVD

Node

ciscotelepresence_video_communication_server_softwareMatchx8.1.1

ciscotelepresence_video_communication_server_softwareMatchx8.1.2

ciscotelepresence_video_communication_server_softwareMatchx8.1_base

ciscotelepresence_video_communication_server_softwareMatchx8.2.1

ciscotelepresence_video_communication_server_softwareMatchx8.2.2

ciscotelepresence_video_communication_server_softwareMatchx8.2_base

ciscotelepresence_video_communication_server_softwareMatchx8.5.0

ciscotelepresence_video_communication_server_softwareMatchx8.5.1

ciscotelepresence_video_communication_server_softwareMatchx8.5.2

ciscotelepresence_video_communication_server_softwareMatchx8.5.3

ciscotelepresence_video_communication_server_softwareMatchx8.6.0

ciscotelepresence_video_communication_server_softwareMatchx8.6.1

ciscotelepresence_video_communication_server_softwareMatchx8.7_base

CPENameOperatorVersion
cisco:telepresence_video_communication_server_softwarecisco telepresence video communication server softwareeqx8.1.1
cisco:telepresence_video_communication_server_softwarecisco telepresence video communication server softwareeqx8.1.2
cisco:telepresence_video_communication_server_softwarecisco telepresence video communication server softwareeqx8.1_base
cisco:telepresence_video_communication_server_softwarecisco telepresence video communication server softwareeqx8.2.1
cisco:telepresence_video_communication_server_softwarecisco telepresence video communication server softwareeqx8.2.2
cisco:telepresence_video_communication_server_softwarecisco telepresence video communication server softwareeqx8.2_base
cisco:telepresence_video_communication_server_softwarecisco telepresence video communication server softwareeqx8.5.0
cisco:telepresence_video_communication_server_softwarecisco telepresence video communication server softwareeqx8.5.1
cisco:telepresence_video_communication_server_softwarecisco telepresence video communication server softwareeqx8.5.2
cisco:telepresence_video_communication_server_softwarecisco telepresence video communication server softwareeqx8.5.3

CPE	Name	Operator	Version
cisco:telepresence_video_communication_server_software	cisco telepresence video communication server software	eq	x8.1.1
cisco:telepresence_video_communication_server_software	cisco telepresence video communication server software	eq	x8.1.2
cisco:telepresence_video_communication_server_software	cisco telepresence video communication server software	eq	x8.1_base
cisco:telepresence_video_communication_server_software	cisco telepresence video communication server software	eq	x8.2.1
cisco:telepresence_video_communication_server_software	cisco telepresence video communication server software	eq	x8.2.2
cisco:telepresence_video_communication_server_software	cisco telepresence video communication server software	eq	x8.2_base
cisco:telepresence_video_communication_server_software	cisco telepresence video communication server software	eq	x8.5.0
cisco:telepresence_video_communication_server_software	cisco telepresence video communication server software	eq	x8.5.1
cisco:telepresence_video_communication_server_software	cisco telepresence video communication server software	eq	x8.5.2
cisco:telepresence_video_communication_server_software	cisco telepresence video communication server software	eq	x8.5.3

Rows per page:

1-10 of 131

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160208-vcs

www.securitytracker.com/id/1034956

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

51.2%

JSON

Related for CVE-2016-1316

prion1 nvd1 cvelist1 openvas1 cisco1