VYPR
← All advisories
Medium severity5.8NVD Advisory· Published Feb 15, 2016· Updated May 6, 2026

CVE-2016-1321

CVE-2016-1321

Description

Cisco Universal Small Cell devices with firmware R2.12 through R3.5 contain an image-decryption key in flash memory, which allows remote attackers to bypass a certain certificate-validation feature and obtain sensitive firmware-image and IP address data via a request to an unspecified Cisco server, aka Bug ID CSCut98082.

Affected products

13
  • Cisco Systems, Inc./Universal Small Cell Firmware13 versions
    cpe:2.3:o:cisco:universal_small_cell_firmware:r2.12_base:*:*:*:*:*:*:*+ 12 more
    • cpe:2.3:o:cisco:universal_small_cell_firmware:r2.12_base:*:*:*:*:*:*:*
    • cpe:2.3:o:cisco:universal_small_cell_firmware:r2.13_base:*:*:*:*:*:*:*
    • cpe:2.3:o:cisco:universal_small_cell_firmware:r2.14_base:*:*:*:*:*:*:*
    • cpe:2.3:o:cisco:universal_small_cell_firmware:r2.15_base:*:*:*:*:*:*:*
    • cpe:2.3:o:cisco:universal_small_cell_firmware:r2.16_base:*:*:*:*:*:*:*
    • cpe:2.3:o:cisco:universal_small_cell_firmware:r2.17_base:*:*:*:*:*:*:*
    • cpe:2.3:o:cisco:universal_small_cell_firmware:r3.2_base:*:*:*:*:*:*:*
    • cpe:2.3:o:cisco:universal_small_cell_firmware:r3.3_base:*:*:*:*:*:*:*
    • cpe:2.3:o:cisco:universal_small_cell_firmware:r3.4_1.1:*:*:*:*:*:*:*
    • cpe:2.3:o:cisco:universal_small_cell_firmware:r3.4_2.1:*:*:*:*:*:*:*
    • cpe:2.3:o:cisco:universal_small_cell_firmware:r3.4_2.17:*:*:*:*:*:*:*
    • cpe:2.3:o:cisco:universal_small_cell_firmware:r3.4_base:*:*:*:*:*:*:*
    • cpe:2.3:o:cisco:universal_small_cell_firmware:r3.5_base:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

2

News mentions

0

No linked articles in our index yet.