CVE-2016-1427
Published on: 06/17/2016 12:00:00 AM UTC
Last Modified on: 03/23/2021 11:27:04 PM UTC
Certain versions of Prime Network Registrar from Cisco contain the following vulnerability:
The System Configuration Protocol (SCP) core messaging interface in Cisco Prime Network Registrar 8.2 before 8.2.3.1 and 8.3 before 8.3.2 allows remote attackers to obtain sensitive information via crafted SCP messages, aka Bug ID CSCuv35694.
- CVE-2016-1427 has been assigned by
[email protected] to track the vulnerability - currently rated as HIGH severity.
CVSS3 Score: 7.5 - HIGH
Attack Vector ⓘ |
Attack Complexity |
Privileges Required |
User Interaction |
|
---|---|---|---|---|
NETWORK | LOW | NONE | NONE | |
Scope | Confidentiality Impact |
Integrity Impact |
Availability Impact |
|
UNCHANGED | HIGH | NONE | NONE |
CVSS2 Score: 5 - MEDIUM
Access Vector ⓘ |
Access Complexity |
Authentication |
---|---|---|
NETWORK | LOW | NONE |
Confidentiality Impact |
Integrity Impact |
Availability Impact |
PARTIAL | NONE | NONE |
CVE References
Description | Tags ⓘ | Link |
---|---|---|
Cisco Prime Network Registrar System Configuration Protocol Information Disclosure Vulnerability | Vendor Advisory tools.cisco.com text/html |
![]() |
Cisco Prime Network Registrar SCP Messaging Flaw Lets Remote Users Obtain Potentially Sensitive Information on the Target System - SecurityTracker | www.securitytracker.com text/html |
![]() |
There are currently no QIDs associated with this CVE
Known Affected Configurations (CPE V2.3)
Type | Vendor | Product | Version | Update | Edition | Language |
---|---|---|---|---|---|---|
Application | Cisco | Prime Network Registrar | 8.2.0 | All | All | All |
Application | Cisco | Prime Network Registrar | 8.2.0.1 | All | All | All |
Application | Cisco | Prime Network Registrar | 8.2.0.2 | All | All | All |
Application | Cisco | Prime Network Registrar | 8.2.1 | All | All | All |
Application | Cisco | Prime Network Registrar | 8.2.1.1 | All | All | All |
Application | Cisco | Prime Network Registrar | 8.2.2 | All | All | All |
Application | Cisco | Prime Network Registrar | 8.2.2.1 | All | All | All |
Application | Cisco | Prime Network Registrar | 8.2.3 | All | All | All |
Application | Cisco | Prime Network Registrar | 8.3.0 | All | All | All |
Application | Cisco | Prime Network Registrar | 8.3.1 | All | All | All |
Application | Cisco | Prime Network Registrar | 8.2.0 | All | All | All |
Application | Cisco | Prime Network Registrar | 8.2.0.1 | All | All | All |
Application | Cisco | Prime Network Registrar | 8.2.0.2 | All | All | All |
Application | Cisco | Prime Network Registrar | 8.2.1 | All | All | All |
Application | Cisco | Prime Network Registrar | 8.2.1.1 | All | All | All |
Application | Cisco | Prime Network Registrar | 8.2.2 | All | All | All |
Application | Cisco | Prime Network Registrar | 8.2.2.1 | All | All | All |
Application | Cisco | Prime Network Registrar | 8.2.3 | All | All | All |
Application | Cisco | Prime Network Registrar | 8.3.0 | All | All | All |
Application | Cisco | Prime Network Registrar | 8.3.1 | All | All | All |
- cpe:2.3:a:cisco:prime_network_registrar:8.2.0:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:prime_network_registrar:8.2.0.1:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:prime_network_registrar:8.2.0.2:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:prime_network_registrar:8.2.1:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:prime_network_registrar:8.2.1.1:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:prime_network_registrar:8.2.2:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:prime_network_registrar:8.2.2.1:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:prime_network_registrar:8.2.3:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:prime_network_registrar:8.3.0:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:prime_network_registrar:8.3.1:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:prime_network_registrar:8.2.0:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:prime_network_registrar:8.2.0.1:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:prime_network_registrar:8.2.0.2:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:prime_network_registrar:8.2.1:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:prime_network_registrar:8.2.1.1:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:prime_network_registrar:8.2.2:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:prime_network_registrar:8.2.2.1:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:prime_network_registrar:8.2.3:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:prime_network_registrar:8.3.0:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:prime_network_registrar:8.3.1:*:*:*:*:*:*:*:
No vendor comments have been submitted for this CVE