CVE-2016-1302
NONE EPSS 80.0%
Published Feb 7, 201610y ago · Modified Jun 17, 20262w ago
Published Feb 7, 2016 10y ago
Last Modified Jun 17, 2026 2w ago
Description
Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.0(3h) and 1.1 before 1.1(1j) and Nexus 9000 ACI Mode switches with software before 11.0(3h) and 11.1 before 11.1(1j) allow remote authenticated users to bypass intended RBAC restrictions via crafted REST requests, aka Bug ID CSCut12998.
Threat Intelligence
EPSS Exploit Probability
80.0% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available
Weaknesses 1
CWE-284
Affected Products 25
| Vendor | Product | Version | Range |
|---|---|---|---|
| samsung | x14j_firmware | t-ms14jakucb-1102.5 | any |
| sun | opensolaris | snv_124 | any |
| zyxel | gs1900-10hp_firmware | * | <2.50\(aazi.0\)c0 |
| zzinc | keymouse_firmware | 3.08 | any |
| cisco | nexus_92160yc-x | * | any |
| cisco | nexus_92304qc | * | any |
| cisco | nexus_9236c | * | any |
| cisco | nexus_9272q | * | any |
| cisco | nexus_93108tc-ex | * | any |
| cisco | nexus_93120tx | * | any |
| cisco | nexus_93128tx | * | any |
| cisco | nexus_93180yc-ex | * | any |
| cisco | nexus_9332pq | * | any |
| cisco | nexus_9336pq_aci_spine | * | any |
| cisco | nexus_9372px | * | any |
| cisco | nexus_9372tx | * | any |
| cisco | nexus_9396px | * | any |
| cisco | nexus_9396tx | * | any |
| cisco | nexus_9504 | * | any |
| cisco | nexus_9508 | * | any |
| cisco | nexus_9516 | * | any |
| cisco | nx-os | base | any |
| sun | opensolaris | snv_124 | any |
| zyxel | gs1900-10hp_firmware | * | <2.50\(aazi.0\)c0 |
| zzinc | keymouse_firmware | 3.08 | any |
References 2
- tools.cisco.com http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-apic
- securitytracker.com http://www.securitytracker.com/id/1034925
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.