CVE-2016-6377

HIGH

Cisco VMP - Auth Bypass

Title source: llm

Description

Media Origination System Suite Software 2.6 and earlier in Cisco Virtual Media Packager (VMP) allows remote attackers to bypass authentication and make arbitrary Platform and Applications Manager (PAM) API calls via unspecified vectors, aka Bug ID CSCuz52110.

References (2)

[Vendor Advisory] http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160831-vmp

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/92715

Scores

CVSS v3 8.1

EPSS 0.0034

EPSS Percentile 55.9%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-287

Status draft

Affected Products (12)

cisco/media_origination_system_suite

Timeline

Published Sep 03, 2016

Tracked Since Feb 18, 2026