CVE-2016-1302

NONE EPSS 80.0%
Published Feb 7, 201610y ago · Modified Jun 17, 20262w ago
Find Similar
Published Feb 7, 2016 10y ago
Last Modified Jun 17, 2026 2w ago

Description

Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.0(3h) and 1.1 before 1.1(1j) and Nexus 9000 ACI Mode switches with software before 11.0(3h) and 11.1 before 11.1(1j) allow remote authenticated users to bypass intended RBAC restrictions via crafted REST requests, aka Bug ID CSCut12998.

Threat Intelligence

EPSS Exploit Probability
80.0% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-284

Affected Products 25

VendorProductVersionRange
samsungx14j_firmwaret-ms14jakucb-1102.5any
sunopensolarissnv_124any
zyxelgs1900-10hp_firmware* <2.50\(aazi.0\)c0
zzinckeymouse_firmware3.08any
cisconexus_92160yc-x*any
cisconexus_92304qc*any
cisconexus_9236c*any
cisconexus_9272q*any
cisconexus_93108tc-ex*any
cisconexus_93120tx*any
cisconexus_93128tx*any
cisconexus_93180yc-ex*any
cisconexus_9332pq*any
cisconexus_9336pq_aci_spine*any
cisconexus_9372px*any
cisconexus_9372tx*any
cisconexus_9396px*any
cisconexus_9396tx*any
cisconexus_9504*any
cisconexus_9508*any
cisconexus_9516*any
cisconx-osbaseany
sunopensolarissnv_124any
zyxelgs1900-10hp_firmware* <2.50\(aazi.0\)c0
zzinckeymouse_firmware3.08any

References 2

  • tools.cisco.com http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-apic
    Vendor Advisory
  • securitytracker.com http://www.securitytracker.com/id/1034925

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.