CVE-2016-9208: Path Traversal
First published: Wed Dec 14 2016(Updated: )
A vulnerability in the File Management Utility, the Download File form, and the Serviceability application of Cisco Emergency Responder could allow an authenticated, remote attacker to access files in arbitrary locations on the file system of an affected device. More Information: CSCva98951 CSCva98954 CSCvb57494. Known Affected Releases: 11.5(2.10000.5). Known Fixed Releases: 12.0(0.98000.14) 12.0(0.98000.16).
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Emergency Responder | =11.5\(2.10000.5\) |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2016-9208?
CVE-2016-9208 is classified as a high-severity vulnerability.
How do I fix CVE-2016-9208?
To mitigate CVE-2016-9208, upgrade to Cisco Emergency Responder 11.5(2.10000.6) or later.
What does CVE-2016-9208 affect?
CVE-2016-9208 affects the File Management Utility and Serviceability application of Cisco Emergency Responder.
Can CVE-2016-9208 be exploited remotely?
Yes, CVE-2016-9208 can be exploited by an authenticated remote attacker.
What type of access does CVE-2016-9208 provide?
CVE-2016-9208 allows access to files in arbitrary locations on the affected device's file system.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/author
- agent/references
- agent/event
- agent/first-publish-date
- agent/description
- agent/trending
- agent/tags
- agent/source
- vendor/cisco
- canonical/cisco emergency responder
- version/cisco emergency responder/11.5\(2.10000.5\)