CVE-2016-1477

medium

Published 2016-08-23 · Modified 2026-05-06

CVSS v3

6.5

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVSS v2

4.0

VIR risk

6.5

Description

Cisco Connected Streaming Analytics 1.1.1 allows remote authenticated users to discover a notification service password by reading administrative pages, aka Bug ID CSCuz92891.

Predictions

Exploit likelihood

75%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: psirt@cisco.com — http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160810-csa

Application impact

Vendor	Product	Versions	Fixed
cisco	connected_streaming_analytics	`1.1.1_base`

References

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160810-csa
http://www.securityfocus.com/bid/92398
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160810-csa
http://www.securityfocus.com/bid/92398

CWEs

CWE-200

Verify integrity in audit chain (admin only). AS-IS.