Penetration Testing UK

CVE-2016-1366

CVE-2016-1366

Severity Score

6.8

Access Vector

NETWORK

Complexity

LOW

Authentication

SINGLE_INSTANCE

Confidentiality Impact

NONE

Integrity Impact

COMPLETE

Availability Impact

NONE

Summary

The SCP and SFTP modules in Cisco IOS XR 5.0.0 through 5.2.5 on Network Convergence System 6000 devices use weak permissions for system files, which allows remote authenticated users to cause a denial of service (overwrite) via unspecified vectors, aka Bug ID CSCuw75848.

Learn more about our Penetration Testing services.