← Voltar para CVEs
CVE-2016-1366
N/ADescricao
The SCP and SFTP modules in Cisco IOS XR 5.0.0 through 5.2.5 on Network Convergence System 6000 devices use weak permissions for system files, which allows remote authenticated users to cause a denial of service (overwrite) via unspecified vectors, aka Bug ID CSCuw75848.
Detalhes CVE
Pontuacao CVSS v3.1N/A
Publicado3/24/2016
Ultima modificacao5/6/2026
Fontenvd
Avistamentos honeypot0
Produtos afetados
cisco:ios_xr
Fraquezas (CWE)
CWE-264
Referencias
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-ncs(psirt@cisco.com)
http://www.securitytracker.com/id/1035407(psirt@cisco.com)
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-ncs(af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1035407(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.