{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-06-16T00:00:00", "descriptions": [{"lang": "en", "value": "The System Configuration Protocol (SCP) core messaging interface in Cisco Prime Network Registrar 8.2 before 8.2.3.1 and 8.3 before 8.3.2 allows remote attackers to obtain sensitive information via crafted SCP messages, aka Bug ID CSCuv35694."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-11-28T20:57:01", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "1036128", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1036128"}, {"name": "20160616 Cisco Prime Network Registrar System Configuration Protocol Information Disclosure Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160616-pnr"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2016-1427", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The System Configuration Protocol (SCP) core messaging interface in Cisco Prime Network Registrar 8.2 before 8.2.3.1 and 8.3 before 8.3.2 allows remote attackers to obtain sensitive information via crafted SCP messages, aka Bug ID CSCuv35694."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "1036128", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036128"}, {"name": "20160616 Cisco Prime Network Registrar System Configuration Protocol Information Disclosure Vulnerability", "refsource": "CISCO", "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160616-pnr"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T22:55:14.319Z"}, "title": "CVE Program Container", "references": [{"name": "1036128", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1036128"}, {"name": "20160616 Cisco Prime Network Registrar System Configuration Protocol Information Disclosure Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160616-pnr"}]}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2016-1427", "datePublished": "2016-06-18T01:00:00", "dateReserved": "2016-01-04T00:00:00", "dateUpdated": "2024-08-05T22:55:14.319Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:prime_network_registrar:8.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "CA415878-1D93-45C0-BB2B-28F10577C0A6", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:prime_network_registrar:8.2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "66F9819C-FDC7-4A9E-A033-3759CE1CBB7E", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:prime_network_registrar:8.2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "6226486C-2DA7-4C57-9101-BF8D833B63C7", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:prime_network_registrar:8.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "FC435D7B-C0F3-4CF3-9ACD-D27DD97798B6", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:prime_network_registrar:8.2.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "2F6BAF22-ACAC-4F2C-BE51-88ABE49E1D06", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:prime_network_registrar:8.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "DF60F93F-49E8-4E90-8AAC-A72F0734EA19", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:prime_network_registrar:8.2.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "A71440BA-4558-44A7-9ABB-11CB19DD560F", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:prime_network_registrar:8.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "B08D4801-44C6-41D8-A610-8BACD7944121", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:prime_network_registrar:8.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "A2E60599-839A-460F-B8DE-E6F22C8ECF6C", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:prime_network_registrar:8.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "7BCB950B-9A49-4395-98E8-E0A5F425CDAE", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The System Configuration Protocol (SCP) core messaging interface in Cisco Prime Network Registrar 8.2 before 8.2.3.1 and 8.3 before 8.3.2 allows remote attackers to obtain sensitive information via crafted SCP messages, aka Bug ID CSCuv35694."}, {"lang": "es", "value": "La interfaz de mensajer\u00eda principal System Configuration Protocol (SCP) en Cisco Prime Network Registrar 8.2 en versiones anteriores a 8.2.3.1 y 8.3 en versiones anteriores a 8.3.2 permite a atacantes remotos obtener informaci\u00f3n sensible a trav\u00e9s de mensajes SCP manipulados, tambi\u00e9n conocido como Bug ID CSCuv35694."}], "id": "CVE-2016-1427", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-06-18T01:59:00.183", "references": [{"source": "psirt@cisco.com", "tags": ["Vendor Advisory"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160616-pnr"}, {"source": "psirt@cisco.com", "url": "http://www.securitytracker.com/id/1036128"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160616-pnr"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id/1036128"}], "sourceIdentifier": "psirt@cisco.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}, {"lang": "en", "value": "CWE-287"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}