What is CVE-2016-9208?

CVE-2016-9208 is a medium-severity vulnerability in Cisco Emergency_responder, classified under Path Traversal. CVSS score: 6.5/10. Published 2016-12-14.

How severe is CVE-2016-9208?

Medium severity. CVSS v3 base score is 6.5 out of 10.

Path Traversal in Cisco Emergency_responder

CVE-2016-9208

A vulnerability in the File Management Utility, the Download File form, and the Serviceability application of Cisco Emergency Responder could allow an authenticated, remote attacker to access files in arbitrary locations on the file system…

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.010 (77.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N.

Affected products

Cisco Emergency_responder — versions 11.5\(2.10000.5\)
N/a Cisco Emergency Responder — versions Cisco Emergency Responder

Weakness classification (CWE)

CWE-22 — Path Traversal

References

psirt@cisco.com (x_refsource_CONFIRM, Vendor Advisory)
94800 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_BID)
1037426 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_SECTRACK)

Frequently asked questions

What is CVE-2016-9208?: CVE-2016-9208 is a medium-severity vulnerability in Cisco Emergency_responder, classified under Path Traversal. CVSS score: 6.5/10. Published 2016-12-14.
How severe is CVE-2016-9208?: Medium severity. CVSS v3 base score is 6.5 out of 10.