CVE-2016-1427
Summary
| CVE | CVE-2016-1427 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2016-06-18 01:59:00 UTC |
| Updated | 2016-11-30 03:04:00 UTC |
| Description | The System Configuration Protocol (SCP) core messaging interface in Cisco Prime Network Registrar 8.2 before 8.2.3.1 and 8.3 before 8.3.2 allows remote attackers to obtain sensitive information via crafted SCP messages, aka Bug ID CSCuv35694. |
Risk And Classification
Problem Types: CWE-287 | CWE-200
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Cisco | Prime Network Registrar | 8.2.0 | All | All | All |
| Application | Cisco | Prime Network Registrar | 8.2.0.1 | All | All | All |
| Application | Cisco | Prime Network Registrar | 8.2.0.2 | All | All | All |
| Application | Cisco | Prime Network Registrar | 8.2.1 | All | All | All |
| Application | Cisco | Prime Network Registrar | 8.2.1.1 | All | All | All |
| Application | Cisco | Prime Network Registrar | 8.2.2 | All | All | All |
| Application | Cisco | Prime Network Registrar | 8.2.2.1 | All | All | All |
| Application | Cisco | Prime Network Registrar | 8.2.3 | All | All | All |
| Application | Cisco | Prime Network Registrar | 8.3.0 | All | All | All |
| Application | Cisco | Prime Network Registrar | 8.3.1 | All | All | All |
| Application | Cisco | Prime Network Registrar | 8.2.0 | All | All | All |
| Application | Cisco | Prime Network Registrar | 8.2.0.1 | All | All | All |
| Application | Cisco | Prime Network Registrar | 8.2.0.2 | All | All | All |
| Application | Cisco | Prime Network Registrar | 8.2.1 | All | All | All |
| Application | Cisco | Prime Network Registrar | 8.2.1.1 | All | All | All |
| Application | Cisco | Prime Network Registrar | 8.2.2 | All | All | All |
| Application | Cisco | Prime Network Registrar | 8.2.2.1 | All | All | All |
| Application | Cisco | Prime Network Registrar | 8.2.3 | All | All | All |
| Application | Cisco | Prime Network Registrar | 8.3.0 | All | All | All |
| Application | Cisco | Prime Network Registrar | 8.3.1 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Cisco Prime Network Registrar System Configuration Protocol Information Disclosure Vulnerability | CISCO | tools.cisco.com | Vendor Advisory |
| Cisco Prime Network Registrar SCP Messaging Flaw Lets Remote Users Obtain Potentially Sensitive Information on the Target System - SecurityTracker | SECTRACK | www.securitytracker.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.