Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2016-6362

Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.110.0, 8.2.12x before 8.2.121.0, and 8.3.x before 8.3.102.0 allow local users to gain privileges via crafted CLI parameters, aka Bug ID CSCuz24725.

Published

2016-08-22T10:59:11.120

Last Modified

2025-04-12T10:46:40.837

Status

Deferred

Source

[email protected]

Severity

CVSSv3.0: 7.8 (HIGH)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

3.9

Impact Score

10.0

Weaknesses

Type: Primary
CWE-264

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	cisco	aironet_access_point_software	8.1\(15.14\)	Yes
Application	cisco	aironet_access_point_software	8.1\(112.3\)	Yes
Application	cisco	aironet_access_point_software	8.1\(112.4\)	Yes
Application	cisco	aironet_access_point_software	8.1\(131.0\)	Yes
Application	cisco	aironet_access_point_software	8.2\(100.0\)	Yes
Application	cisco	aironet_access_point_software	8.2\(102.43\)	Yes
Application	cisco	aironet_access_point_software	8.3.0	Yes

References

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-aap1 Vendor Advisory ([email protected])
http://www.securityfocus.com/bid/92513 Third Party Advisory, VDB Entry ([email protected])
http://www.securitytracker.com/id/1036644 Third Party Advisory, VDB Entry ([email protected])
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-aap1 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/92513 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1036644 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)