FKIE_CVE-2016-6397
Vulnerability from fkie_nvd - Published: 2016-10-28 10:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
A vulnerability in the interdevice communications interface of the Cisco IP Interoperability and Collaboration System (IPICS) Universal Media Services (UMS) could allow an unauthenticated, remote attacker to modify configuration parameters of the UMS and cause the system to become unavailable. Affected Products: This vulnerability affects Cisco IPICS releases 4.8(1) to 4.10(1). More Information: CSCva46644. Known Affected Releases: 4.10(1) 4.8(1) 4.8(2) 4.9(1) 4.9(2).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | ip_interoperability_and_collaboration_system | 4.8\(1\) | |
| cisco | ip_interoperability_and_collaboration_system | 4.8\(2\) | |
| cisco | ip_interoperability_and_collaboration_system | 4.9\(1\) | |
| cisco | ip_interoperability_and_collaboration_system | 4.9\(2\) | |
| cisco | ip_interoperability_and_collaboration_system | 4.10\(1\) |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:ip_interoperability_and_collaboration_system:4.8\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C71D093A-19DD-4E9A-98F2-38FD7782CC01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ip_interoperability_and_collaboration_system:4.8\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "08D3E0A1-16B2-4DD7-A4DA-809041E83DDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ip_interoperability_and_collaboration_system:4.9\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "45129EF0-B94E-48DA-AA63-0B2FC152FE48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ip_interoperability_and_collaboration_system:4.9\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "319FEEAF-8677-44C1-8FE1-1F046F2965E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ip_interoperability_and_collaboration_system:4.10\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FE63D6EC-3CB7-46D1-B8E4-F618FB9D7466",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the interdevice communications interface of the Cisco IP Interoperability and Collaboration System (IPICS) Universal Media Services (UMS) could allow an unauthenticated, remote attacker to modify configuration parameters of the UMS and cause the system to become unavailable. Affected Products: This vulnerability affects Cisco IPICS releases 4.8(1) to 4.10(1). More Information: CSCva46644. Known Affected Releases: 4.10(1) 4.8(1) 4.8(2) 4.9(1) 4.9(2)."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de comunicaciones interdispositivos del Cisco IP Interoperability and Collaboration System (IPICS) Universal Media Services (UMS) podr\u00eda permitir a un atacante remoto no autenticado modificar par\u00e1metros de configuraci\u00f3n del UMS y provocar que el sistema est\u00e9 no disponible. Productos afectados: Esta vulnerabilidad afecta a las versiones Cisco IPICS 4.8(1) a 4.10(1). M\u00e1s informaci\u00f3n: CSCva46644. Lanzamientos conocidos afectados: 4.10(1) 4.8(1) 4.8(2) 4.9(1) 4.9(2)."
}
],
"id": "CVE-2016-6397",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-28T10:59:12.433",
"references": [
{
"source": "psirt@cisco.com",
"url": "http://www.securityfocus.com/bid/93913"
},
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-ipics"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93913"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-ipics"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…