Arbitrary Download Vulnerability in Cisco Application-hosting Framework (CAF) (CSCuz84773)

CVE-2016-6412 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

The Cisco Application-hosting Framework (CAF) component in Cisco IOS 15.6(1)T1 and IOS XE, when the IOx feature set is enabled, allows man-in-the-middle attackers to trigger arbitrary downloads via crafted HTTP headers, aka Bug ID CSCuz84773.

Learn more about our Cis Benchmark Audit For Apple Ios.