CVE-2016-1452

MEDIUM

Cisco ASR 5000 <20.0.0 - Privilege Escalation

Title source: llm
STIX 2.1

Description

Cisco ASR 5000 devices with software 18.3 through 20.0.0 allow remote attackers to make configuration changes over SNMP by leveraging knowledge of the read-write community, aka Bug ID CSCuz29526.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1036298
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/91756

Scores

CVSS v3 6.5
EPSS 0.0109
EPSS Percentile 61.4%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Details

CWE
CWE-200 CWE-254
Status published
Products (12)
cisco/asr_5000
cisco/asr_5000_software 18.3.0
cisco/asr_5000_software 18.3_base
cisco/asr_5000_software 19.0.1
cisco/asr_5000_software 19.0.m0.60737
cisco/asr_5000_software 19.0.m0.60828
cisco/asr_5000_software 19.0.m0.61045
cisco/asr_5000_software 19.1.0
cisco/asr_5000_software 19.1.0.61559
cisco/asr_5000_software 19.2.0
... and 2 more
Published Jul 15, 2016
Tracked Since Feb 18, 2026