What is CVE-2016-1373?

CVE-2016-1373 is a high-severity vulnerability in Cisco Finesse. CVSS score: 8.6/10. Published 2016-05-05.

How severe is CVE-2016-1373?

High severity. CVSS v3 base score is 8.6 out of 10.

Vulnerability in Cisco Finesse

CVE-2016-1373

The gadgets-integration API in Cisco Finesse 8.5(1) through 8.5(5), 8.6(1), 9.0(1), 9.0(2), 9.1(1), 9.1(1)SU1, 9.1(1)SU1.1, 9.1(1)ES1 through 9.1(1)ES5, 10.0(1), 10.0(1)SU1, 10.0(1)SU1.1, 10.5(1), 10.5(1)ES1 through 10.5(1)ES4, 10.5(1)SU1…

EPSS: 0.002 (46.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.6 (High). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N.

Affected products

Cisco Finesse — versions 8.5\(1\)_base, 8.5\(2\)_base, 8.5\(3\)_base
N/a — versions n/a

References

1035756 (vdb-entry, x_refsource_SECTRACK)
20160504 Cisco Finesse HTTP Request Processing Server-Side Request Forgery Vulnerability (x_refsource_CISCO, vendor-advisory, Vendor Advisory)

Frequently asked questions

What is CVE-2016-1373?: CVE-2016-1373 is a high-severity vulnerability in Cisco Finesse. CVSS score: 8.6/10. Published 2016-05-05.
How severe is CVE-2016-1373?: High severity. CVSS v3 base score is 8.6 out of 10.