CVE-2016-1427
HIGHCisco Prime Network Registrar <8.2.3.1-8.3.2 - Info Disclosure
Title source: llmDescription
The System Configuration Protocol (SCP) core messaging interface in Cisco Prime Network Registrar 8.2 before 8.2.3.1 and 8.3 before 8.3.2 allows remote attackers to obtain sensitive information via crafted SCP messages, aka Bug ID CSCuv35694.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1036128
Vendor Advisory vendor-advisory
x_refsource_cisco
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160616-pnr
Scores
CVSS v3
7.5
EPSS
0.0180
EPSS Percentile
75.7%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-200
CWE-287
Status
published
Products (10)
cisco/prime_network_registrar
8.2.0
cisco/prime_network_registrar
8.2.0.1
cisco/prime_network_registrar
8.2.0.2
cisco/prime_network_registrar
8.2.1
cisco/prime_network_registrar
8.2.1.1
cisco/prime_network_registrar
8.2.2
cisco/prime_network_registrar
8.2.2.1
cisco/prime_network_registrar
8.2.3
cisco/prime_network_registrar
8.3.0
cisco/prime_network_registrar
8.3.1
Published
Jun 18, 2016
Tracked Since
Feb 18, 2026