CVE-2016-1357

EUVD-2016-2456
The password-management administration component in Cisco Policy Suite (CPS) 7.0.1.3, 7.0.2, 7.0.2-att, 7.0.3-att, 7.0.4-att, and 7.5.0 allows remote attackers to bypass intended RBAC restrictions and read unspecified data via unknown vectors, aka Bug ID CSCut85211.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 37%
Affected Products (NVD)
VendorProductVersion
ciscocisco_policy_suite
7.0.1.3
ciscocisco_policy_suite
7.0.2
ciscocisco_policy_suite
7.0.2-att
ciscocisco_policy_suite
7.0.3-att
ciscocisco_policy_suite
7.0.4-att
ciscocisco_policy_suite
7.0.5
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-psc
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-psc