Cisco Prime LAN Management Solution (LMS) through 4.2.5 uses the same database decryption key across different customers' installations, which allows local users to obtain cleartext data by leveraging console connectivity, aka Bug ID CSCuw85390.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 02:46
Type | Values Removed | Values Added |
---|---|---|
References | () http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160310-prime-lms - Vendor Advisory | |
References | () http://www.securitytracker.com/id/1035313 - |
Information
Published : 2016-03-12 02:59
Updated : 2024-11-21 02:46
NVD link : CVE-2016-1360
Mitre link : CVE-2016-1360
CVE.ORG link : CVE-2016-1360
JSON object : View
Products Affected
cisco
- prime_lan_management_solution
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor