CVE-2016-1392

Open redirect vulnerability in Cisco Prime Collaboration Assurance Software 10.5 through 11.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka Bug ID CSCuu34121.

Published: May 5, 2016
Updated: Apr 13, 2023
CVE: CVE-2016-1392
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.4
AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N

CVSS v2:

Severity: Medium
Score: 5.8
AV:N/AC:M/Au:N/C:P/I:P/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
cisco / prime_collaboration_assurance	10.5.1	10.5.1.x
cisco / prime_collaboration_assurance	11.0.0	11.0.0.x
cisco / prime_collaboration_assurance	10.6.0	10.6.0.x
cisco / prime_collaboration_assurance	10.5.0	10.5.0.x

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160503-pca
http://www.securitytracker.com/id/1035736

Vulnerability Database

289,697

CVE-2016-1392