CVE-2016-6371Path Traversal in Cisco Hosted Collaboration Mediation Fulfillment

CWE-22Path Traversal4 documents4 sources
Severity
7.5HIGHNVD
EPSS
7.3%
top 8.31%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Hosted Collaboration Mediation Fulfillment
Timeline
PublishedSep 12
Latest updateMay 17

Description

Directory traversal vulnerability in the web interface in Cisco Hosted Collaboration Mediation Fulfillment (HCM-F) 10.6(3) and earlier allows remote attackers to write to arbitrary files via a crafted URL, aka Bug ID CSCuz64717.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages1 packages

NVDcisco/hosted_collaboration_mediation_fulfillment10.6\(1\)_base, 10.6\(2\)_base, 10.6\(3\)_base+2

🔴Vulnerability Details

2
GHSA
GHSA-5v82-px86-qrw9: Directory traversal vulnerability in the web interface in Cisco Hosted Collaboration Mediation Fulfillment (HCM-F) 102022-05-17
CVEList
CVE-2016-6371: Directory traversal vulnerability in the web interface in Cisco Hosted Collaboration Mediation Fulfillment (HCM-F) 102016-09-12

📋Vendor Advisories

1
Cisco
Cisco Hosted Collaboration Mediation Fulfillment Directory Traversal File System Vulnerability2016-08-31
CVE-2016-6371 — Path Traversal in Cisco | cvebase