vulnerability

Cisco IOx Application-Hosting Framework Directory Traversal Vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:N/AC:L/Au:S/C:C/I:N/A:N)	Dec 7, 2016	Dec 9, 2016	Oct 30, 2017

Severity

CVSS

(AV:N/AC:L/Au:S/C:C/I:N/A:N)

Published

Dec 7, 2016

Added

Dec 9, 2016

Modified

Oct 30, 2017

Description

A vulnerability in the Cisco application-hosting framework (CAF) of Cisco IOx could allow an authenticated, remote attacker to read arbitrary files on a targeted system. Affected Products: This vulnerability affects specific releases of the Cisco IOx subsystem of Cisco IOS and IOS XE Software. More Information: CSCvb23331. Known Affected Releases: 15.2(6.0.57i)E CAF-1.1.0.0.

Solution

cisco-ios-upgrade-latest

References

BID-94788
CVE-2016-9199
https://attackerkb.com/topics/CVE-2016-9199

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today