CVE-2016-6413

high

Description

The installation procedure on Cisco Application Policy Infrastructure Controller (APIC) devices 1.3(2f) mishandles binary files, which allows local users to obtain root access via unspecified vectors, aka Bug ID CSCva50496.

References

http://www.securitytracker.com/id/1036872

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160921-apic

Details

Source: Mitre, NVD

Published: 2016-09-24

Updated: 2026-06-17

Risk Information

CVSS v2

Base Score: 6.8

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

Severity: Medium

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.00078