CVE-2016-6413

CWE-2644 documents4 sources
Severity
7.8HIGH
EPSS
0.1%
top 76.77%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Application Policy Infrastructure Controller
Timeline
PublishedSep 24
Latest updateMay 17

Description

The installation procedure on Cisco Application Policy Infrastructure Controller (APIC) devices 1.3(2f) mishandles binary files, which allows local users to obtain root access via unspecified vectors, aka Bug ID CSCva50496.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-pp32-w8f4-9cw6: The installation procedure on Cisco Application Policy Infrastructure Controller (APIC) devices 12022-05-17
CVEList
CVE-2016-6413: The installation procedure on Cisco Application Policy Infrastructure Controller (APIC) devices 12016-09-24

📋Vendor Advisories

1
Cisco
Cisco Application Policy Infrastructure Controller Binary Privilege Escalation Vulnerability2016-09-21
CVE-2016-6413 (HIGH CVSS 7.8) | The installation procedure on Cisco | cvebase.io