Vulnerability Details CVE-2016-1360
Cisco Prime LAN Management Solution (LMS) through 4.2.5 uses the same database decryption key across different customers' installations, which allows local users to obtain cleartext data by leveraging console connectivity, aka Bug ID CSCuw85390.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 41.3%
CVSS Severity
CVSS v3 Score 7.1
CVSS v2 Score 3.0
References
Products affected by CVE-2016-1360
-
cpe:2.3:a:cisco:prime_lan_management_solution:4.1_base
-
cpe:2.3:a:cisco:prime_lan_management_solution:4.2.1
-
cpe:2.3:a:cisco:prime_lan_management_solution:4.2.2
-
cpe:2.3:a:cisco:prime_lan_management_solution:4.2.3
-
cpe:2.3:a:cisco:prime_lan_management_solution:4.2.4
-
cpe:2.3:a:cisco:prime_lan_management_solution:4.2.5
-
cpe:2.3:a:cisco:prime_lan_management_solution:4.2_base