CVE-2016-1307 — MEDIUM (5.4)

Q: How severe is CVE-2016-1307?

CVE-2016-1307 has been rated MEDIUM with a CVSS base score of 5.4/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2016-1307?

Check the references section above for vendor advisories and patch information. Affected products include: Zyxel Gs1900-10Hp Firmware, Zzinc Keymouse Firmware.

Vulnerability Description

The Openfire server in Cisco Finesse Desktop 10.5(1) and 11.0(1) and Unified Contact Center Express 10.6(1) has a hardcoded account, which makes it easier for remote attackers to obtain access via an XMPP session, aka Bug ID CSCuw79085.

CVSS Score

5.4

MEDIUM

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

LOW

Integrity

LOW

Availability

NONE

Affected Products

Vendor	Product	Versions
Zyxel	Gs1900-10Hp Firmware	< 2.50\(aazi.0\)c0
Zzinc	Keymouse Firmware	3.08

Related Weaknesses (CWE)

CWE-287 CWE-255

References

FAQ

What is CVE-2016-1307?

CVE-2016-1307 is a vulnerability with a CVSS score of 5.4 (MEDIUM). The Openfire server in Cisco Finesse Desktop 10.5(1) and 11.0(1) and Unified Contact Center Express 10.6(1) has a hardcoded account, which makes it easier for remote attackers to obtain access via an ...

How severe is CVE-2016-1307?

CVE-2016-1307 has been rated MEDIUM with a CVSS base score of 5.4/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2016-1307?

Check the references section above for vendor advisories and patch information. Affected products include: Zyxel Gs1900-10Hp Firmware, Zzinc Keymouse Firmware.