Vulnerabilities > CVE-2016-9204 - Credentials Management vulnerability in Cisco Nexus 1000V Intercloud Firmware 2.2(1)

CVSS 6.4 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

cisco

CWE-255

NVD

Published: 2016-12-14

Updated: 2017-01-04

Summary

A vulnerability in the Cisco Intercloud Fabric (ICF) Director could allow an unauthenticated, remote attacker to connect to internal services with an internal account. Affected Products: Cisco Nexus 1000V InterCloud is affected. More Information: CSCus99379. Known Affected Releases: 2.2(1).

Vulnerable Configurations

Part	Description	Count
Application	Cisco Cisco Nexus 1000V Intercloud Firmware 2.2\(1\)	1
Hardware	Cisco Cisco Nexus 1000V -	1

Common Weakness Enumeration (CWE)

CWE-255 - Credentials Management

References

http://www.securityfocus.com/bid/94816
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-icf