Vulnerability Details CVE-2016-1321
Cisco Universal Small Cell devices with firmware R2.12 through R3.5 contain an image-decryption key in flash memory, which allows remote attackers to bypass a certain certificate-validation feature and obtain sensitive firmware-image and IP address data via a request to an unspecified Cisco server, aka Bug ID CSCut98082.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 23.1%
CVSS Severity
CVSS v3 Score 5.8
CVSS v2 Score 5.0
References
Products affected by CVE-2016-1321
-
cpe:2.3:o:cisco:universal_small_cell_firmware:r2.12_base
-
cpe:2.3:o:cisco:universal_small_cell_firmware:r2.13_base
-
cpe:2.3:o:cisco:universal_small_cell_firmware:r2.14_base
-
cpe:2.3:o:cisco:universal_small_cell_firmware:r2.15_base
-
cpe:2.3:o:cisco:universal_small_cell_firmware:r2.16_base
-
cpe:2.3:o:cisco:universal_small_cell_firmware:r2.17_base
-
cpe:2.3:o:cisco:universal_small_cell_firmware:r3.2_base
-
cpe:2.3:o:cisco:universal_small_cell_firmware:r3.3_base
-
cpe:2.3:o:cisco:universal_small_cell_firmware:r3.4_1.1
-
cpe:2.3:o:cisco:universal_small_cell_firmware:r3.4_2.1
-
cpe:2.3:o:cisco:universal_small_cell_firmware:r3.4_2.17
-
cpe:2.3:o:cisco:universal_small_cell_firmware:r3.4_base
-
cpe:2.3:o:cisco:universal_small_cell_firmware:r3.5_base