CVE-2016-6410

MEDIUM

Cisco IOS - Authenticated Arbitrary File Read via CAF Component

Title source: llm
STIX 2.1

Description

The Cisco Application-hosting Framework (CAF) component in Cisco IOS 15.6(1)T1 and IOS XE, when the IOx feature set is enabled, allows remote authenticated users to read arbitrary files via unspecified vectors, aka Bug ID CSCuy19856.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/93090
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1036873

Scores

CVSS v3 6.5
EPSS 0.0140
EPSS Percentile 69.2%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-20
Status published
Products (1)
cisco/ios 15.5\(2\)t
Published Sep 24, 2016
Tracked Since Feb 18, 2026