VDB
CVE-2016-1474
CVE-2016-1474
PUBLISHED
CVSS 4.300000190734863 MEDIUM
Cisco Prime Infrastructure 2.2(2) does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks and unspecified other attacks via a crafted web site, related to a "cross-frame scripting (XFS)" issue, aka Bug ID CSCuw65846, a different vulnerability than CVE-2015-6434.
EPSS 0.24% · 47.1th percentile
Risk Scores
CVSS 2.0
4.300000190734863
EPSS Score
0.24%
47.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| cisco | prime_infrastructure | 2.2\(2\) |
Exploit Intelligence
- 1036530 (circl)
- 92278 (circl)
- 20160803 Cisco Prime Infrastructure Cross-Frame Scripting Vulnerability (circl)
Timeline
- Aug 3, 2016 CVE Published
- Aug 5, 2016 CVE Updated
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
References
- 1036530 vdb
- 92278 vdb
- 20160803 Cisco Prime Infrastructure Cross-Frame Scripting Vulnerability vendor-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2016-1474 advisory