CVE-2016-1313
Severity Score
9.8
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Cisco UCS Invicta C3124SA Appliance 4.3.1 through 5.0.1, UCS Invicta Scaling System and Appliance, and Whiptail Racerunner improperly store a default SSH private key, which allows remote attackers to obtain root access via unspecified vectors, aka Bug ID CSCun71294.
Cisco UCS Invicta C3124SA Appliance 4.3.1 hasta la versión 5.0.1, UCS Invicta Scaling System and Appliance y Whiptail Racerunner almacenan de manera incorrecta una clave privada SSH por defecto, lo que permite a atacantes remotos obtener acceso root a través de vectores no especificados, también conocido como Bug ID CSCun71294.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2016-01-04 CVE Reserved
- 2016-04-06 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://www.securitytracker.com/id/1035496 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-ucs | 2016-12-03 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Ucs Invicta C3124sa Appliance Search vendor "Cisco" for product "Ucs Invicta C3124sa Appliance" | 4.3.1 Search vendor "Cisco" for product "Ucs Invicta C3124sa Appliance" and version "4.3.1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ucs Invicta C3124sa Appliance Search vendor "Cisco" for product "Ucs Invicta C3124sa Appliance" | 4.5.0 Search vendor "Cisco" for product "Ucs Invicta C3124sa Appliance" and version "4.5.0" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ucs Invicta C3124sa Appliance Search vendor "Cisco" for product "Ucs Invicta C3124sa Appliance" | 5.0.1 Search vendor "Cisco" for product "Ucs Invicta C3124sa Appliance" and version "5.0.1" | - |
Affected
| ||||||