CVE-2016-1340
Severity Score
8.4
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Heap-based buffer overflow in Cisco Unified Computing System (UCS) Platform Emulator 2.5(2)TS4, 3.0(2c)A, and 3.0(2c)TS9 allows local users to gain privileges via crafted libclimeta.so filename arguments, aka Bug ID CSCux68837.
Desbordamiento de buffer basado en memoria dinámica en Cisco Unified Computing System (UCS) Platform Emulator 2.5(2)TS4, 3.0(2c)A y 3.0(2c)TS9 permite a usuarios locales obtener privilegios a través de argumentos de nombre de archivo libclimeta.so manipulados, también conocida como Bug ID CSCux68837.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2016-01-04 CVE Reserved
- 2016-04-16 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://www.securitytracker.com/id/1035582 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160414-ucspe2 | 2016-07-29 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Unified Computing System Platform Emulator Search vendor "Cisco" for product "Unified Computing System Platform Emulator" | 2.5\(2\)ts4 Search vendor "Cisco" for product "Unified Computing System Platform Emulator" and version "2.5\(2\)ts4" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Unified Computing System Platform Emulator Search vendor "Cisco" for product "Unified Computing System Platform Emulator" | 3.0\(2c\)a Search vendor "Cisco" for product "Unified Computing System Platform Emulator" and version "3.0\(2c\)a" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Unified Computing System Platform Emulator Search vendor "Cisco" for product "Unified Computing System Platform Emulator" | 3.0\(2c\)ts9 Search vendor "Cisco" for product "Unified Computing System Platform Emulator" and version "3.0\(2c\)ts9" | - |
Affected
| ||||||