Critical severity9.8NVD Advisory· Published Nov 3, 2016· Updated May 6, 2026

CVE-2016-6452

Description

A vulnerability in the web-based graphical user interface (GUI) of Cisco Prime Home could allow an unauthenticated, remote attacker to bypass authentication. The attacker could be granted full administrator privileges. Cisco Prime Home versions 5.1.1.6 and earlier and 5.2.2.2 and earlier have been confirmed to be vulnerable. Cisco Prime Home versions 6.0 and later are not vulnerable. More Information: CSCvb71732. Known Affected Releases: 5.0 5.0(1) 5.0(1.1) 5.0(1.2) 5.0(2) 5.15.1(0) 5.1(1) 5.1(1.3) 5.1(1.4) 5.1(1.5) 5.1(1.6) 5.1(2) 5.1(2.1) 5.1(2.3) 5.25.2(0.1) 5.2(1.0) 5.2(1.2) 5.2(2.0) 5.2(2.1) 5.2(2.2).

Affected products

Cisco Systems, Inc./Prime Home3 versions
cpe:2.3:a:cisco:prime_home:5.0_base:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:cisco:prime_home:5.0_base:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:prime_home:5.1_base:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:prime_home:5.2.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-cphnvdVendor Advisory
www.securityfocus.com/bid/94070nvd

News mentions

No linked articles in our index yet.

cvss	0.637
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000