Strix
26.1K

CVE-2016-1357

UnknownEPSS 1.11%

Last modified

CVE-2016-1357 is a vulnerability of currently unknown severity. The password-management administration component in Cisco Policy Suite (CPS) 7.0.1.3, 7.0.2, 7.0.2-att, 7.0.3-att, 7.0.4-att, and 7.5.0 allows remote attackers to bypass intended RBAC restrictions and read unspecified data via unknown vectors, aka Bug ID CSCut85211.. EPSS estimates a 1.11% chance of exploitation in the next 30 days.

Description

The password-management administration component in Cisco Policy Suite (CPS) 7.0.1.3, 7.0.2, 7.0.2-att, 7.0.3-att, 7.0.4-att, and 7.5.0 allows remote attackers to bypass intended RBAC restrictions and read unspecified data via unknown vectors, aka Bug ID CSCut85211.

Metrics

EPSS Probability
1.11%

61.8th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
CiscoCisco Policy Suite7.0.1.3
CiscoCisco Policy Suite7.0.2
CiscoCisco Policy Suite7.0.2-att
CiscoCisco Policy Suite7.0.3-att
CiscoCisco Policy Suite7.0.4-att
CiscoCisco Policy Suite7.0.5

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2016-1357?
The password-management administration component in Cisco Policy Suite (CPS) 7.0.1.3, 7.0.2, 7.0.2-att, 7.0.3-att, 7.0.4-att, and 7.5.0 allows remote attackers to bypass intended RBAC restrictions and read unspecified data via unknown vectors, aka Bug ID CSCut85211.
How severe is CVE-2016-1357?
Severity scoring for CVE-2016-1357 is pending analysis. The EPSS model estimates a 1.11% probability of exploitation in the next 30 days.
How do I fix CVE-2016-1357?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2016-1357?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST