1. Home
  2. CVE Database
  3. CVE-2016-1427
HIGH · 7.5

CVE-2016-1427

The System Configuration Protocol (SCP) core messaging interface in Cisco Prime Network Registrar 8.2 before 8.2.3.1 and 8.3 before 8.3.2 allows remote attackers to obtain sensitive information via cr...

Vulnerability Description

The System Configuration Protocol (SCP) core messaging interface in Cisco Prime Network Registrar 8.2 before 8.2.3.1 and 8.3 before 8.3.2 allows remote attackers to obtain sensitive information via crafted SCP messages, aka Bug ID CSCuv35694.

CVSS Score

7.5

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
CiscoPrime Network Registrar8.2.0

Related Weaknesses (CWE)

CWE-287CWE-200

References

FAQ

What is CVE-2016-1427?

CVE-2016-1427 is a vulnerability with a CVSS score of 7.5 (HIGH). The System Configuration Protocol (SCP) core messaging interface in Cisco Prime Network Registrar 8.2 before 8.2.3.1 and 8.3 before 8.3.2 allows remote attackers to obtain sensitive information via cr...

How severe is CVE-2016-1427?

CVE-2016-1427 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2016-1427?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Prime Network Registrar.