vulnerability

Cisco IOS: CVE-2016-6410: Cisco IOS and IOS XE Software Application-Hosting Framework Unauthorized File Access Vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:N/AC:L/Au:S/C:C/I:N/A:N)	Sep 23, 2016	Oct 20, 2016	Aug 21, 2023

Severity

CVSS

(AV:N/AC:L/Au:S/C:C/I:N/A:N)

Published

Sep 23, 2016

Added

Oct 20, 2016

Modified

Aug 21, 2023

Description

The Cisco Application-hosting Framework (CAF) component in Cisco IOS 15.6(1)T1 and IOS XE, when the IOx feature set is enabled, allows remote authenticated users to read arbitrary files via unspecified vectors, aka Bug ID CSCuy19856.

Solution

cisco-ios-upgrade-latest

References

BID-93090
CVE-2016-6410
https://attackerkb.com/topics/CVE-2016-6410
URL-https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160921-caf

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today