CVE-2016-1427

HIGH

Cisco Prime Network Registrar <8.2.3.1-8.3.2 - Info Disclosure

Title source: llm

Description

The System Configuration Protocol (SCP) core messaging interface in Cisco Prime Network Registrar 8.2 before 8.2.3.1 and 8.3 before 8.3.2 allows remote attackers to obtain sensitive information via crafted SCP messages, aka Bug ID CSCuv35694.

References (2)

[Vendor Advisory] http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160616-pnr

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1036128

Scores

CVSS v3 7.5

EPSS 0.0031

EPSS Percentile 53.4%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Classification

CWE

CWE-287 CWE-200

Status draft

Affected Products (10)

cisco/prime_network_registrar

Timeline

Published Jun 18, 2016

Tracked Since Feb 18, 2026