CVE-2016-9208

CWE-22Path Traversal4 documents4 sources
Severity
6.5MEDIUM
EPSS
1.0%
top 22.95%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Emergency Responder
Timeline
PublishedDec 14
Latest updateMay 17

Description

A vulnerability in the File Management Utility, the Download File form, and the Serviceability application of Cisco Emergency Responder could allow an authenticated, remote attacker to access files in arbitrary locations on the file system of an affected device. More Information: CSCva98951 CSCva98954 CSCvb57494. Known Affected Releases: 11.5(2.10000.5). Known Fixed Releases: 12.0(0.98000.14) 12.0(0.98000.16).

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

CVEListV5cisco_emergency_responderCisco Emergency Responder
NVDcisco/emergency_responder11.5\(2.10000.5\)

🔴Vulnerability Details

2
GHSA
GHSA-552p-g3pp-2xvh: A vulnerability in the File Management Utility, the Download File form, and the Serviceability application of Cisco Emergency Responder could allow an2022-05-17
CVEList
CVE-2016-9208: A vulnerability in the File Management Utility, the Download File form, and the Serviceability application of Cisco Emergency Responder could allow an2016-12-14

📋Vendor Advisories

1
Cisco
Cisco Emergency Responder Directory Traversal Vulnerability2016-12-07
CVE-2016-9208 (MEDIUM CVSS 6.5) | A vulnerability in the File Managem | cvebase.io