CVE-2016-1452

CWE-200 — Information Exposure CWE-2544 documents4 sources

Severity

6.5MEDIUM

EPSS

0.3%

top 50.03%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco ASR 5000 Software

Timeline

PublishedJul 15

Latest updateMay 17

Description

Cisco ASR 5000 devices with software 18.3 through 20.0.0 allow remote attackers to make configuration changes over SNMP by leveraging knowledge of the read-write community, aka Bug ID CSCuz29526.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:NExploitability: 3.9 | Impact: 2.5

Affected Packages1 packages

▶NVDcisco/asr_5000_software11 versions+10

🔴Vulnerability Details

GHSA

GHSA-54mh-qp5h-jfpv: Cisco ASR 5000 devices with software 18↗2022-05-17

▶

CVEList

CVE-2016-1452: Cisco ASR 5000 devices with software 18↗2016-07-15

▶

📋Vendor Advisories

Cisco

Cisco ASR 5000 Series SNMP Community String Disclosure Vulnerability↗2016-07-13

▶