cbcvebase.
CVE-2016-6452
published 2016-11-03

CVE-2016-6452: A vulnerability in the web-based graphical user interface (GUI) of Cisco Prime Home could allow an unauthenticated, remote attacker to bypass authentication…

PriorityP265critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
2.70%
84.1th percentile
A vulnerability in the web-based graphical user interface (GUI) of Cisco Prime Home could allow an unauthenticated, remote attacker to bypass authentication. The attacker could be granted full administrator privileges. Cisco Prime Home versions 5.1.1.6 and earlier and 5.2.2.2 and earlier have been confirmed to be vulnerable. Cisco Prime Home versions 6.0 and later are not vulnerable. More Information: CSCvb71732. Known Affected Releases: 5.0 5.0(1) 5.0(1.1) 5.0(1.2) 5.0(2) 5.15.1(0) 5.1(1) 5.1(1.3) 5.1(1.4) 5.1(1.5) 5.1(1.6) 5.1(2) 5.1(2.1) 5.1(2.3) 5.25.2(0.1) 5.2(1.0) 5.2(1.2) 5.2(2.0) 5.2(2.1) 5.2(2.2).

Affected

4 ranges
VendorProductVersion rangeFixed in
ciscoprime_home
ciscoprime_home
ciscoprime_home
ciscoprime_home

Detection & IOCsextracted from sources · hover to see the quote

  • The vulnerability is triggered by sending a crafted HTTP request to a particular URL in the Cisco Prime Home web GUI, exploiting a processing error in RBAC URL handling to obtain a valid session identifier for an arbitrary user.
  • The root cause is a processing error in role-based access control (RBAC) of URLs; detection should focus on unauthenticated requests to privileged/admin URLs in Cisco Prime Home that result in valid session token issuance.
  • The vulnerability allows unauthenticated remote attackers to gain full administrator privileges; monitor for session identifiers being issued to unauthenticated or anonymous HTTP requests against Cisco Prime Home.
  • ·Affected versions are Cisco Prime Home 5.1.1.6 and earlier and 5.2.2.2 and earlier; version 6.0 and later are NOT vulnerable. Ensure patching to 6.0+ to remediate.
  • ·No workarounds are available for this vulnerability; software update is the only mitigation.
  • ·Cisco internal bug tracker reference for this vulnerability is CSCvb71732.

CVSS provenance

nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
vendor_cisco10.0CRITICAL
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.