CISCO : Cisco IOS Software Application-Hosting Framework Unauthorized File Access Vulnerability

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.106277

Categoría: CISCO

Título: Cisco IOS Software Application-Hosting Framework Unauthorized File Access Vulnerability

Resumen: A vulnerability in the Cisco application-hosting framework (CAF) for;Cisco IOS Software with the IOx feature set could allow an authenticated, remote attacker to read arbitrary;files on a targeted system.

Descripción: Summary:
A vulnerability in the Cisco application-hosting framework (CAF) for
Cisco IOS Software with the IOx feature set could allow an authenticated, remote attacker to read arbitrary
files on a targeted system.

Vulnerability Insight:
The vulnerability is due to insufficient input validation by the affected
framework. An attacker could exploit this vulnerability by submitting specific, crafted input to the affected
framework.

Vulnerability Impact:
A successful exploit could allow the attacker to read arbitrary files on
the targeted system.

Solution:
See the referenced vendor advisory for a solution.

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:L/Au:S/C:C/I:N/A:N

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2016-6410
BugTraq ID: 93090
http://www.securityfocus.com/bid/93090
Cisco Security Advisory: 20160921 Cisco IOS and IOS XE Software Application-Hosting Framework Unauthorized File Access Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160921-caf
http://www.securitytracker.com/id/1036873

Copyright Copyright (C) 2016 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.106277
Categoría:	CISCO
Título:	Cisco IOS Software Application-Hosting Framework Unauthorized File Access Vulnerability
Resumen:	A vulnerability in the Cisco application-hosting framework (CAF) for;Cisco IOS Software with the IOx feature set could allow an authenticated, remote attacker to read arbitrary;files on a targeted system.
Descripción:	Summary: A vulnerability in the Cisco application-hosting framework (CAF) for Cisco IOS Software with the IOx feature set could allow an authenticated, remote attacker to read arbitrary files on a targeted system. Vulnerability Insight: The vulnerability is due to insufficient input validation by the affected framework. An attacker could exploit this vulnerability by submitting specific, crafted input to the affected framework. Vulnerability Impact: A successful exploit could allow the attacker to read arbitrary files on the targeted system. Solution: See the referenced vendor advisory for a solution. CVSS Score: 6.8 CVSS Vector: AV:N/AC:L/Au:S/C:C/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-6410 BugTraq ID: 93090 http://www.securityfocus.com/bid/93090 Cisco Security Advisory: 20160921 Cisco IOS and IOS XE Software Application-Hosting Framework Unauthorized File Access Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160921-caf http://www.securitytracker.com/id/1036873
Copyright	Copyright (C) 2016 Greenbone AG