CVE-2016-1366
MEDIUMCisco IOS XR <5.2.5 - DoS
Title source: llmDescription
The SCP and SFTP modules in Cisco IOS XR 5.0.0 through 5.2.5 on Network Convergence System 6000 devices use weak permissions for system files, which allows remote authenticated users to cause a denial of service (overwrite) via unspecified vectors, aka Bug ID CSCuw75848.
Scores
CVSS v3
6.5
EPSS
0.0016
EPSS Percentile
36.2%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Classification
CWE
CWE-264
Status
draft
Affected Products (6)
cisco/ios_xr
cisco/ios_xr
cisco/ios_xr
cisco/ios_xr
cisco/ios_xr
cisco/ios_xr
Timeline
Published
Mar 24, 2016
Tracked Since
Feb 18, 2026