1. Home
  2. CVE Database
  3. CVE-2016-6452
CRITICAL · 9.8

CVE-2016-6452

A vulnerability in the web-based graphical user interface (GUI) of Cisco Prime Home could allow an unauthenticated, remote attacker to bypass authentication. The attacker could be granted full adminis...

Vulnerability Description

A vulnerability in the web-based graphical user interface (GUI) of Cisco Prime Home could allow an unauthenticated, remote attacker to bypass authentication. The attacker could be granted full administrator privileges. Cisco Prime Home versions 5.1.1.6 and earlier and 5.2.2.2 and earlier have been confirmed to be vulnerable. Cisco Prime Home versions 6.0 and later are not vulnerable. More Information: CSCvb71732. Known Affected Releases: 5.0 5.0(1) 5.0(1.1) 5.0(1.2) 5.0(2) 5.15.1(0) 5.1(1) 5.1(1.3) 5.1(1.4) 5.1(1.5) 5.1(1.6) 5.1(2) 5.1(2.1) 5.1(2.3) 5.25.2(0.1) 5.2(1.0) 5.2(1.2) 5.2(2.0) 5.2(2.1) 5.2(2.2).

CVSS Score

9.8

CRITICAL

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
CiscoPrime Home5.0_base

Related Weaknesses (CWE)

CWE-287

References

FAQ

What is CVE-2016-6452?

CVE-2016-6452 is a vulnerability with a CVSS score of 9.8 (CRITICAL). A vulnerability in the web-based graphical user interface (GUI) of Cisco Prime Home could allow an unauthenticated, remote attacker to bypass authentication. The attacker could be granted full adminis...

How severe is CVE-2016-6452?

CVE-2016-6452 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2016-6452?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Prime Home.