Vulnerability Database

296,746

Total vulnerabilities in the database

CVE-2016-6370

Directory traversal vulnerability in the web interface in Cisco Hosted Collaboration Mediation Fulfillment (HCM-F) 10.6(3) and earlier allows remote authenticated users to read arbitrary files via a crafted pathname in an HTTP request, aka Bug ID CSCuz27255.

  • Published: Sep 12, 2016
  • Updated: Apr 13, 2023
  • CVE: CVE-2016-6370
  • Severity: Low
  • Exploit:

CVSS v3:

  • Severity: Low
  • Score: 4.3
  • AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CVSS v2:

  • Severity: Low
  • Score: 4
  • AV:N/AC:L/Au:S/C:P/I:N/A:N

CWEs:

OWASP TOP 10:

Software From Fixed in
cisco / hosted_collaboration_mediation_fulfillment 10.6(2)_base 10.6(2)_base.x
cisco / hosted_collaboration_mediation_fulfillment 10.6(3)_base 10.6(3)_base.x
cisco / hosted_collaboration_mediation_fulfillment 10.6(1)_base 10.6(1)_base.x