Home Unlabelled Cisco IOS and IOS XE Software Application-Hosting Framework Unauthorized File Access Vulnerability

Cisco IOS and IOS XE Software Application-Hosting Framework Unauthorized File Access Vulnerability

By
Wednesday, September 21, 2016
Read
Add Comment
A vulnerability in the Cisco application-hosting framework (CAF) for Cisco IOS and IOS XE Software with the IOx feature set could allow an authenticated, remote attacker to read arbitrary files on a targeted system.

The vulnerability is due to insufficient input validation by the affected framework. An attacker could exploit this vulnerability by submitting specific, crafted input to the affected framework. A successful exploit could allow the attacker to read arbitrary files on the targeted system.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
http://ift.tt/2cVd8kG A vulnerability in the Cisco application-hosting framework (CAF) for Cisco IOS and IOS XE Software with the IOx feature set could allow an authenticated, remote attacker to read arbitrary files on a targeted system.

The vulnerability is due to insufficient input validation by the affected framework. An attacker could exploit this vulnerability by submitting specific, crafted input to the affected framework. A successful exploit could allow the attacker to read arbitrary files on the targeted system.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
http://ift.tt/2cVd8kG
Security Impact Rating: Medium
CVE: CVE-2016-6410

from Cisco Security Advisory http://ift.tt/2cVd8kG
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us