Lucene search
K

108 matches found

CVE
CVE
added 2016/09/24 1:0 a.m.45 views

CVE-2016-6412

The CVE-2016-6412 entry describes a vulnerability in Cisco IOS/IOS XE’s Application-hosting Framework (CAF) when the IOx feature set is enabled. The issue arises from insufficient input validation in CAF, allowing a remote attacker to induce a CAF user to download an attacker-controlled file by s...

6.5CVSS6.4AI score0.01105EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2016/09/24 1:0 a.m.41 views

CVE-2016-6410

CVE-2016-6410 relates to Cisco IOS/IOS XE CAF with the IOx feature enabled, where an authenticated remote attacker could read arbitrary files via unspecified vectors. The root cause is cited as insufficient input validation in CAF. Cisco has released software updates addressing this vulnerability...

6.8CVSS6.1AI score0.014EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2016/09/24 12:0 a.m.4 views

Cisco IOS and IOS XE Software Application-Hosting Framework Unauthorized File Access Vulnerability

Cisco IOS and IOS XE Software are operating systems developed by Cisco in the United States for its network devices. An unauthorized file access vulnerability exists in the Application-Hosting Framework component of Cisco IOS and IOS XE Software. When the Iox feature setting is enabled, a remote...

6.8CVSS6.8AI score0.014EPSS
Exploits0References1
CNVD
CNVD
added 2016/09/24 12:0 a.m.3 views

Cisco IOS and IOS XE Software Application-Hosting Framework HTTP Header Injection Vulnerability

Cisco IOS and IOS XE Software are operating systems developed by Cisco in the United States for its network devices. An HTTP header injection vulnerability exists in the Application-Hosting Framework component in Cisco IOS version 15.61T1 and IOS XE Software. When the Iox feature setting is...

6.5CVSS7.2AI score0.01105EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2016/09/22 12:0 a.m.20 views

Cisco IOS Software Cisco Application-Hosting Framework HTTP Header Injection Vulnerability (cisco-sa-20160921-caf1)

A vulnerability in the Cisco Application-hosting Framework CAF component for Cisco IOS Software with the IOx feature set could allow an unauthenticated, remote attacker to cause a CAF user to download a file controlled by the attacker. SPDX-FileCopyrightText: 2016 Greenbone AG Some text...

6.5CVSS6.5AI score0.01105EPSS
Exploits0References1
Cisco
Cisco
added 2016/09/21 4:0 p.m.22 views

Cisco Application-Hosting Framework HTTP Header Injection Vulnerability

A vulnerability in the Cisco Application-hosting Framework CAF component for Cisco IOS and IOS XE Software with the IOx feature set could allow an unauthenticated, remote attacker to cause a CAF user to download a file controlled by the attacker. The vulnerability is due to insufficient input...

4.3CVSS6.5AI score0.01105EPSS
Exploits0References1
Cisco
Cisco
added 2016/09/21 4:0 p.m.24 views

Cisco IOS and IOS XE Software Application-Hosting Framework Unauthorized File Access Vulnerability

A vulnerability in the Cisco application-hosting framework CAF for Cisco IOS and IOS XE Software with the IOx feature set could allow an authenticated, remote attacker to read arbitrary files on a targeted system. The vulnerability is due to insufficient input validation by the affected framework...

6.8CVSS6.4AI score0.014EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2011/03/01 12:0 a.m.40 views

CGI Generic XSS (persistent, 3rd Pass)

The remote web server hosts one or more CGI scripts that fail to adequately sanitize request strings containing malicious JavaScript. By leveraging this issue, an attacker may be able to cause arbitrary HTML and script code to be executed in a user's browser within the security context of the...

5.7AI score
Exploits0References2
Rows per page
Query Builder