cvelistv5 - cve-2016-1451

CVE-2016-1451 (GCVE-0-2016-1451)

Vulnerability from cvelistv5 – Published: 2016-07-15 16:00 – Updated: 2024-08-05 22:55

Summary

Severity ?

No CVSS data available.

CWE

Assigner

cisco

References

URL

Tags

http://tools.cisco.com/security/center/content/Ci…

vendor-advisoryx_refsource_CISCO

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T22:55:14.554Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20160714 Cisco Meeting Server Persistent Cross-Site Scripting Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160714-ms"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-07-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in the web-based management interface in Cisco Meeting Server (formerly Acano Conferencing Server) 1.7 through 1.9 allows remote attackers to inject arbitrary web script or HTML via crafted parameters, aka Bug ID CSCva19922."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-07-15T16:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20160714 Cisco Meeting Server Persistent Cross-Site Scripting Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160714-ms"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2016-1451",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in the web-based management interface in Cisco Meeting Server (formerly Acano Conferencing Server) 1.7 through 1.9 allows remote attackers to inject arbitrary web script or HTML via crafted parameters, aka Bug ID CSCva19922."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20160714 Cisco Meeting Server Persistent Cross-Site Scripting Vulnerability",
              "refsource": "CISCO",
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160714-ms"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2016-1451",
    "datePublished": "2016-07-15T16:00:00",
    "dateReserved": "2016-01-04T00:00:00",
    "dateUpdated": "2024-08-05T22:55:14.554Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:meeting_server:1.7_base:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3CDCC8B2-4BD0-4053-9CC5-3208406EA658\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:meeting_server:1.8_base:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0CD09398-8DBF-4467-9BE3-A9297AE247AB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:meeting_server:1.9_base:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4B08B05F-1D47-401C-8938-8971DDD3DC52\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Cross-site scripting (XSS) vulnerability in the web-based management interface in Cisco Meeting Server (formerly Acano Conferencing Server) 1.7 through 1.9 allows remote attackers to inject arbitrary web script or HTML via crafted parameters, aka Bug ID CSCva19922.\"}, {\"lang\": \"es\", \"value\": \"Vulnerabilidad de XSS en la interfaz de administraci\\u00f3n basada en web en Cisco Meeting Server (anteriormente Acano Conferencing Server) 1.7 hasta la versi\\u00f3n 1.9 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a trav\\u00e9s de par\\u00e1metros manipulados, tambi\\u00e9n conocido como Bug ID CSCva19922.\"}]",
      "id": "CVE-2016-1451",
      "lastModified": "2024-11-21T02:46:28.073",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\", \"baseScore\": 6.1, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 2.7}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:N/I:P/A:N\", \"baseScore\": 4.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2016-07-15T16:59:05.207",
      "references": "[{\"url\": \"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160714-ms\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160714-ms\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "ykramarz@cisco.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-79\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2016-1451\",\"sourceIdentifier\":\"psirt@cisco.com\",\"published\":\"2016-07-15T16:59:05.207\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Cross-site scripting (XSS) vulnerability in the web-based management interface in Cisco Meeting Server (formerly Acano Conferencing Server) 1.7 through 1.9 allows remote attackers to inject arbitrary web script or HTML via crafted parameters, aka Bug ID CSCva19922.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de XSS en la interfaz de administraci\u00f3n basada en web en Cisco Meeting Server (anteriormente Acano Conferencing Server) 1.7 hasta la versi\u00f3n 1.9 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a trav\u00e9s de par\u00e1metros manipulados, tambi\u00e9n conocido como Bug ID CSCva19922.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.7}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:meeting_server:1.7_base:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3CDCC8B2-4BD0-4053-9CC5-3208406EA658\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:meeting_server:1.8_base:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0CD09398-8DBF-4467-9BE3-A9297AE247AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:meeting_server:1.9_base:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B08B05F-1D47-401C-8938-8971DDD3DC52\"}]}]}],\"references\":[{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160714-ms\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160714-ms\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

GSD-2016-1451

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2016-1451

Aliases

CVE-2016-1451

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2016-1451",
    "description": "Cross-site scripting (XSS) vulnerability in the web-based management interface in Cisco Meeting Server (formerly Acano Conferencing Server) 1.7 through 1.9 allows remote attackers to inject arbitrary web script or HTML via crafted parameters, aka Bug ID CSCva19922.",
    "id": "GSD-2016-1451"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2016-1451"
      ],
      "details": "Cross-site scripting (XSS) vulnerability in the web-based management interface in Cisco Meeting Server (formerly Acano Conferencing Server) 1.7 through 1.9 allows remote attackers to inject arbitrary web script or HTML via crafted parameters, aka Bug ID CSCva19922.",
      "id": "GSD-2016-1451",
      "modified": "2023-12-13T01:21:25.073525Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "ID": "CVE-2016-1451",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Cross-site scripting (XSS) vulnerability in the web-based management interface in Cisco Meeting Server (formerly Acano Conferencing Server) 1.7 through 1.9 allows remote attackers to inject arbitrary web script or HTML via crafted parameters, aka Bug ID CSCva19922."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "20160714 Cisco Meeting Server Persistent Cross-Site Scripting Vulnerability",
            "refsource": "CISCO",
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160714-ms"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:cisco:meeting_server:1.8_base:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:meeting_server:1.9_base:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:meeting_server:1.7_base:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2016-1451"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in the web-based management interface in Cisco Meeting Server (formerly Acano Conferencing Server) 1.7 through 1.9 allows remote attackers to inject arbitrary web script or HTML via crafted parameters, aka Bug ID CSCva19922."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-79"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20160714 Cisco Meeting Server Persistent Cross-Site Scripting Vulnerability",
              "refsource": "CISCO",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160714-ms"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 2.7
        }
      },
      "lastModifiedDate": "2016-07-18T15:08Z",
      "publishedDate": "2016-07-15T16:59Z"
    }
  }
}

CERTFR-2016-AVI-235

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans les produits Cisco. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une exécution de code arbitraire et un déni de service à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Cisco	N/A	Cisco WebEx Meetings Server version 2.6
Cisco	N/A	Cisco ASR 5000 Series versions antérieures à 20.1
Cisco	IOS XR	Cisco IOS XR Software Release 6.0.1.BASE
Cisco	IOS XR	Cisco IOS XR pour Cisco Network Convergence System 6000
Cisco	N/A	isco Meeting Server Software versions 1.7 à 1.9
Cisco	N/A	Cisco ASR 5000 Series versions antérieures à 19.4

References

Title

Publication Time

Tags

Bulletin de sécurité Cisco cisco-sa-20160714-wms3 du 14 juillet 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20160714-wms1 du 14 juillet 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20160714-wms du 14 juillet 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20160713-asr du 13 juillet 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20160713-ncs6k du 13 juillet 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20160714-ms du 14 juillet 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20160714-wms4 du 14 juillet 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20160714-ios-xr du 14 juillet 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20160714-ios-xr du 14 juillet 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20160714-wms du 14 juillet 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20160714-ms du 14 juillet 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20160714-wms3 du 14 juillet 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20160714-wms4 du 14 juillet 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20160714-wms1 du 14 juillet 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20160713-asr du 13 juillet 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20160713-ncs6k du 13 juillet 2016	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Cisco WebEx Meetings Server version 2.6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco ASR 5000 Series versions ant\u00e9rieures \u00e0 20.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco IOS XR Software Release 6.0.1.BASE",
      "product": {
        "name": "IOS XR",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco IOS XR pour Cisco Network Convergence System 6000",
      "product": {
        "name": "IOS XR",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "isco Meeting Server Software versions 1.7 \u00e0 1.9",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco ASR 5000 Series versions ant\u00e9rieures \u00e0 19.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2016-1451",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1451"
    },
    {
      "name": "CVE-2016-1446",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1446"
    },
    {
      "name": "CVE-2016-1456",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1456"
    },
    {
      "name": "CVE-2016-1452",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1452"
    },
    {
      "name": "CVE-2016-1450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1450"
    },
    {
      "name": "CVE-2016-1449",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1449"
    },
    {
      "name": "CVE-2016-1447",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1447"
    },
    {
      "name": "CVE-2016-1426",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1426"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160714-ios-xr du 14    juillet 2016",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160714-ios-xr"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160714-wms du 14    juillet 2016",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160714-wms"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160714-ms du 14    juillet 2016",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160714-ms"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160714-wms3 du 14    juillet 2016",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160714-wms3"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160714-wms4 du 14    juillet 2016",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160714-wms4"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160714-wms1 du 14    juillet 2016",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160714-wms1"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160713-asr du 13    juillet 2016",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160713-ncs6k"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160713-ncs6k du 13    juillet 2016",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160713-ncs6k"
    }
  ],
  "reference": "CERTFR-2016-AVI-235",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2016-07-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans les produits \u003cspan\nclass=\"textit\"\u003eCisco\u003c/span\u003e. Certaines d\u0027entre elles permettent \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une\nex\u00e9cution de code arbitraire et un d\u00e9ni de service \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Cisco",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160714-wms3 du 14 juillet 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160714-wms1 du 14 juillet 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160714-wms du 14 juillet 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160713-asr du 13 juillet 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160713-ncs6k du 13 juillet 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160714-ms du 14 juillet 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160714-wms4 du 14 juillet 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160714-ios-xr du 14 juillet 2016",
      "url": null
    }
  ]
}

CERTFR-2016-AVI-235

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Cisco	N/A	Cisco WebEx Meetings Server version 2.6
Cisco	N/A	Cisco ASR 5000 Series versions antérieures à 20.1
Cisco	IOS XR	Cisco IOS XR Software Release 6.0.1.BASE
Cisco	IOS XR	Cisco IOS XR pour Cisco Network Convergence System 6000
Cisco	N/A	isco Meeting Server Software versions 1.7 à 1.9
Cisco	N/A	Cisco ASR 5000 Series versions antérieures à 19.4

References

Title

Publication Time

Tags

Bulletin de sécurité Cisco cisco-sa-20160714-wms3 du 14 juillet 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20160714-wms1 du 14 juillet 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20160714-wms du 14 juillet 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20160713-asr du 13 juillet 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20160713-ncs6k du 13 juillet 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20160714-ms du 14 juillet 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20160714-wms4 du 14 juillet 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20160714-ios-xr du 14 juillet 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20160714-ios-xr du 14 juillet 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20160714-wms du 14 juillet 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20160714-ms du 14 juillet 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20160714-wms3 du 14 juillet 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20160714-wms4 du 14 juillet 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20160714-wms1 du 14 juillet 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20160713-asr du 13 juillet 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20160713-ncs6k du 13 juillet 2016	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Cisco WebEx Meetings Server version 2.6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco ASR 5000 Series versions ant\u00e9rieures \u00e0 20.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco IOS XR Software Release 6.0.1.BASE",
      "product": {
        "name": "IOS XR",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco IOS XR pour Cisco Network Convergence System 6000",
      "product": {
        "name": "IOS XR",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "isco Meeting Server Software versions 1.7 \u00e0 1.9",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco ASR 5000 Series versions ant\u00e9rieures \u00e0 19.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2016-1451",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1451"
    },
    {
      "name": "CVE-2016-1446",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1446"
    },
    {
      "name": "CVE-2016-1456",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1456"
    },
    {
      "name": "CVE-2016-1452",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1452"
    },
    {
      "name": "CVE-2016-1450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1450"
    },
    {
      "name": "CVE-2016-1449",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1449"
    },
    {
      "name": "CVE-2016-1447",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1447"
    },
    {
      "name": "CVE-2016-1426",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1426"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160714-ios-xr du 14    juillet 2016",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160714-ios-xr"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160714-wms du 14    juillet 2016",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160714-wms"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160714-ms du 14    juillet 2016",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160714-ms"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160714-wms3 du 14    juillet 2016",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160714-wms3"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160714-wms4 du 14    juillet 2016",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160714-wms4"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160714-wms1 du 14    juillet 2016",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160714-wms1"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160713-asr du 13    juillet 2016",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160713-ncs6k"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160713-ncs6k du 13    juillet 2016",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160713-ncs6k"
    }
  ],
  "reference": "CERTFR-2016-AVI-235",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2016-07-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans les produits \u003cspan\nclass=\"textit\"\u003eCisco\u003c/span\u003e. Certaines d\u0027entre elles permettent \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une\nex\u00e9cution de code arbitraire et un d\u00e9ni de service \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Cisco",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160714-wms3 du 14 juillet 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160714-wms1 du 14 juillet 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160714-wms du 14 juillet 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160713-asr du 13 juillet 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160713-ncs6k du 13 juillet 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160714-ms du 14 juillet 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160714-wms4 du 14 juillet 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160714-ios-xr du 14 juillet 2016",
      "url": null
    }
  ]
}

GHSA-FHPM-5RG9-F5R6

Vulnerability from github – Published: 2022-05-17 03:50 – Updated: 2022-05-17 03:50

Details

Severity ?

6.1 (Medium)


                  
                    CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2016-1451"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-79"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2016-07-15T16:59:00Z",
    "severity": "MODERATE"
  },
  "details": "Cross-site scripting (XSS) vulnerability in the web-based management interface in Cisco Meeting Server (formerly Acano Conferencing Server) 1.7 through 1.9 allows remote attackers to inject arbitrary web script or HTML via crafted parameters, aka Bug ID CSCva19922.",
  "id": "GHSA-fhpm-5rg9-f5r6",
  "modified": "2022-05-17T03:50:59Z",
  "published": "2022-05-17T03:50:59Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1451"
    },
    {
      "type": "WEB",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160714-ms"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

VAR-201607-0432

Vulnerability from variot - Updated: 2023-12-18 13:03

Cross-site scripting (XSS) vulnerability in the web-based management interface in Cisco Meeting Server (formerly Acano Conferencing Server) 1.7 through 1.9 allows remote attackers to inject arbitrary web script or HTML via crafted parameters, aka Bug ID CSCva19922. Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials or control how the site is rendered to the user. Other attacks are also possible. The issue is being tracked by Cisco Bug ID CSCva19922. Cisco Meeting Server 1.7 through 1.9 are vulnerable

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201607-0432",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "meeting server",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "1.7_base"
      },
      {
        "model": "meeting server",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "1.9_base"
      },
      {
        "model": "meeting server",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "1.8_base"
      },
      {
        "model": "meeting server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "1.7 to  1.9"
      },
      {
        "model": "meetings server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1.9"
      },
      {
        "model": "meetings server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1.8"
      },
      {
        "model": "meetings server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1.7"
      },
      {
        "model": "meetings server",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1.9.2"
      },
      {
        "model": "meetings server",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1.8.15"
      },
      {
        "model": "meetings server",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1.7.24"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "91784"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003783"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-1451"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-432"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:cisco:meeting_server:1.8_base:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:meeting_server:1.9_base:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:meeting_server:1.7_base:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2016-1451"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco",
    "sources": [
      {
        "db": "BID",
        "id": "91784"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2016-1451",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": true,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Medium",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 4.3,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2016-1451",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "VHN-90270",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "exploitabilityScore": 2.8,
            "impactScore": 2.7,
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "trust": 1.0,
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 6.1,
            "baseSeverity": "Medium",
            "confidentialityImpact": "Low",
            "exploitabilityScore": null,
            "id": "CVE-2016-1451",
            "impactScore": null,
            "integrityImpact": "Low",
            "privilegesRequired": "None",
            "scope": "Changed",
            "trust": 0.8,
            "userInteraction": "Required",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2016-1451",
            "trust": 1.8,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201607-432",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-90270",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-90270"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003783"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-1451"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-432"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cross-site scripting (XSS) vulnerability in the web-based management interface in Cisco Meeting Server (formerly Acano Conferencing Server) 1.7 through 1.9 allows remote attackers to inject arbitrary web script or HTML via crafted parameters, aka Bug ID CSCva19922. \nSuccessful exploits will allow attacker-supplied HTML and script code to run in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials or control how the site is rendered to the user. Other attacks are also possible. \nThe issue is being tracked by Cisco Bug ID CSCva19922. \nCisco Meeting Server 1.7 through 1.9 are vulnerable",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2016-1451"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003783"
      },
      {
        "db": "BID",
        "id": "91784"
      },
      {
        "db": "VULHUB",
        "id": "VHN-90270"
      }
    ],
    "trust": 1.98
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2016-1451",
        "trust": 2.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003783",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-432",
        "trust": 0.7
      },
      {
        "db": "BID",
        "id": "91784",
        "trust": 0.4
      },
      {
        "db": "VULHUB",
        "id": "VHN-90270",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-90270"
      },
      {
        "db": "BID",
        "id": "91784"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003783"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-1451"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-432"
      }
    ]
  },
  "id": "VAR-201607-0432",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-90270"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T13:03:17.761000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "cisco-sa-20160714-ms",
        "trust": 0.8,
        "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160714-ms"
      },
      {
        "title": "Cisco Meeting Server Fixes for cross-site scripting vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=62974"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003783"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-432"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-79",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-90270"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003783"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-1451"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.0,
        "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160714-ms"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1451"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1451"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-90270"
      },
      {
        "db": "BID",
        "id": "91784"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003783"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-1451"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-432"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-90270"
      },
      {
        "db": "BID",
        "id": "91784"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003783"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-1451"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-432"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-07-15T00:00:00",
        "db": "VULHUB",
        "id": "VHN-90270"
      },
      {
        "date": "2016-07-14T00:00:00",
        "db": "BID",
        "id": "91784"
      },
      {
        "date": "2016-07-21T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-003783"
      },
      {
        "date": "2016-07-15T16:59:05.207000",
        "db": "NVD",
        "id": "CVE-2016-1451"
      },
      {
        "date": "2016-07-18T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201607-432"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-07-18T00:00:00",
        "db": "VULHUB",
        "id": "VHN-90270"
      },
      {
        "date": "2016-08-08T12:00:00",
        "db": "BID",
        "id": "91784"
      },
      {
        "date": "2016-07-21T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-003783"
      },
      {
        "date": "2016-07-18T15:08:34.710000",
        "db": "NVD",
        "id": "CVE-2016-1451"
      },
      {
        "date": "2016-07-18T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201607-432"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-432"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco Meeting Server of  Web -Based scripting interface cross-site scripting vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003783"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "XSS",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-432"
      }
    ],
    "trust": 0.6
  }
}

CNVD-2016-04940

Vulnerability from cnvd - Published: 2016-07-19

Title

Cisco Meeting Server跨站脚本漏洞

Description

Cisco Meeting Server（前称Acano Conferencing Server）是美国思科（Cisco）公司的一套包含音频、视频的会议服务器软件。 Cisco Meeting Server 1.7至1.9版中基于Web的管理界面中存在跨站脚本漏洞。远程攻击者可借助特制的参数利用该漏洞注入任意Web脚本或HTML。

Severity

中

Patch Name

Cisco Meeting Server跨站脚本漏洞的补丁

Patch Description

Formal description

目前厂商已经发布了升级补丁以修复此安全问题，补丁获取链接： http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160714-ms

Reference

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1451

Impacted products

Name
Cisco Meeting Server >=1.7，<=1.9

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "91784"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-1451"
    }
  },
  "description": "Cisco Meeting Server\uff08\u524d\u79f0Acano Conferencing Server\uff09\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4e00\u5957\u5305\u542b\u97f3\u9891\u3001\u89c6\u9891\u7684\u4f1a\u8bae\u670d\u52a1\u5668\u8f6f\u4ef6\u3002\r\n\r\nCisco Meeting Server 1.7\u81f31.9\u7248\u4e2d\u57fa\u4e8eWeb\u7684\u7ba1\u7406\u754c\u9762\u4e2d\u5b58\u5728\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u501f\u52a9\u7279\u5236\u7684\u53c2\u6570\u5229\u7528\u8be5\u6f0f\u6d1e\u6ce8\u5165\u4efb\u610fWeb\u811a\u672c\u6216HTML\u3002",
  "discovererName": "Cisco",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160714-ms",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-04940",
  "openTime": "2016-07-19",
  "patchDescription": "Cisco Meeting Server\uff08\u524d\u79f0Acano Conferencing Server\uff09\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4e00\u5957\u5305\u542b\u97f3\u9891\u3001\u89c6\u9891\u7684\u4f1a\u8bae\u670d\u52a1\u5668\u8f6f\u4ef6\u3002\r\n\r\nCisco Meeting Server 1.7\u81f31.9\u7248\u4e2d\u57fa\u4e8eWeb\u7684\u7ba1\u7406\u754c\u9762\u4e2d\u5b58\u5728\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u501f\u52a9\u7279\u5236\u7684\u53c2\u6570\u5229\u7528\u8be5\u6f0f\u6d1e\u6ce8\u5165\u4efb\u610fWeb\u811a\u672c\u6216HTML\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cisco Meeting Server\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Cisco Meeting Server \u003e=1.7\uff0c\u003c=1.9"
  },
  "referenceLink": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1451",
  "serverity": "\u4e2d",
  "submitTime": "2016-07-18",
  "title": "Cisco Meeting Server\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e"
}

FKIE_CVE-2016-1451

Vulnerability from fkie_nvd - Published: 2016-07-15 16:59 - Updated: 2025-04-12 10:46

Severity ?

6.1 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Summary

References

	URL	Tags
	psirt@cisco.com	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160714-ms	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160714-ms	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	meeting_server	1.7_base
cisco	meeting_server	1.8_base
cisco	meeting_server	1.9_base

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:meeting_server:1.7_base:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CDCC8B2-4BD0-4053-9CC5-3208406EA658",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:meeting_server:1.8_base:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CD09398-8DBF-4467-9BE3-A9297AE247AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:meeting_server:1.9_base:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B08B05F-1D47-401C-8938-8971DDD3DC52",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-site scripting (XSS) vulnerability in the web-based management interface in Cisco Meeting Server (formerly Acano Conferencing Server) 1.7 through 1.9 allows remote attackers to inject arbitrary web script or HTML via crafted parameters, aka Bug ID CSCva19922."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de XSS en la interfaz de administraci\u00f3n basada en web en Cisco Meeting Server (anteriormente Acano Conferencing Server) 1.7 hasta la versi\u00f3n 1.9 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a trav\u00e9s de par\u00e1metros manipulados, tambi\u00e9n conocido como Bug ID CSCva19922."
    }
  ],
  "id": "CVE-2016-1451",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-07-15T16:59:05.207",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160714-ms"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160714-ms"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2016-1451 (GCVE-0-2016-1451)

GSD-2016-1451

CERTFR-2016-AVI-235

Solution

CERTFR-2016-AVI-235

Solution

GHSA-FHPM-5RG9-F5R6

VAR-201607-0432

CNVD-2016-04940

FKIE_CVE-2016-1451

Tags

Sightings

Nomenclature