exploitDog

CVE-2016-1322

Опубликовано: 12 фев. 2016

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

The REST interface in Cisco Spark 2015-07-04 allows remote attackers to bypass intended access restrictions and create arbitrary user accounts via unspecified web requests, aka Bug ID CSCuv72584.

Ссылки

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-sp1
Vendor Advisory
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-sp1
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:cisco:spark:2015-07-04_base:*:*:*:*:*:*:*

EPSS

Процентиль: 59%

0.00383

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

GHSA-r9hg-952w-h9jc

CVSS3: 7.5

github

больше 3 лет назад

The REST interface in Cisco Spark 2015-07-04 allows remote attackers to bypass intended access restrictions and create arbitrary user accounts via unspecified web requests, aka Bug ID CSCuv72584.

EPSS

Процентиль: 59%

0.00383

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-264