CVE-2016-6377
HIGHCisco Media Origination System Suite <= 2.6 - Authentication Bypass via PAM API
Title source: llmDescription
Media Origination System Suite Software 2.6 and earlier in Cisco Virtual Media Packager (VMP) allows remote attackers to bypass authentication and make arbitrary Platform and Applications Manager (PAM) API calls via unspecified vectors, aka Bug ID CSCuz52110.
References (2)
Core 2
Core References
Vendor Advisory vendor-advisory
x_refsource_cisco
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160831-vmp
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/92715
Scores
CVSS v3
8.1
EPSS
0.0127
EPSS Percentile
66.1%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-287
Status
published
Products (12)
cisco/media_origination_system_suite
2.3\(1\)
cisco/media_origination_system_suite
2.3\(2\)
cisco/media_origination_system_suite
2.3\(6\)
cisco/media_origination_system_suite
2.3\(7\)
cisco/media_origination_system_suite
2.3\(8\)
cisco/media_origination_system_suite
2.3_base
cisco/media_origination_system_suite
2.4\(1\)
cisco/media_origination_system_suite
2.4_base
cisco/media_origination_system_suite
2.5\(0\)
cisco/media_origination_system_suite
2.5\(1\)
... and 2 more
Published
Sep 03, 2016
Tracked Since
Feb 18, 2026