CVE-2016-1360: Infoleak
First published: Sat Mar 12 2016(Updated: )
Cisco Prime LAN Management Solution (LMS) through 4.2.5 uses the same database decryption key across different customers' installations, which allows local users to obtain cleartext data by leveraging console connectivity, aka Bug ID CSCuw85390.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Prime LAN Management Solution | =4.1_base | |
| Cisco Prime LAN Management Solution | =4.2.1 | |
| Cisco Prime LAN Management Solution | =4.2.2 | |
| Cisco Prime LAN Management Solution | =4.2.3 | |
| Cisco Prime LAN Management Solution | =4.2.4 | |
| Cisco Prime LAN Management Solution | =4.2.5 | |
| Cisco Prime LAN Management Solution | =4.2_base |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/weakness
- agent/author
- agent/description
- agent/tags
- agent/first-publish-date
- agent/event
- vendor/cisco
- canonical/cisco prime lan management solution
- version/cisco prime lan management solution/4.1_base
- version/cisco prime lan management solution/4.2.1
- version/cisco prime lan management solution/4.2.2
- version/cisco prime lan management solution/4.2.3
- version/cisco prime lan management solution/4.2.4
- version/cisco prime lan management solution/4.2.5
- version/cisco prime lan management solution/4.2_base