Lucene search
CiscoCVE-2015-0611HistoryFeb 12, 2015 - 1:59 a.m.
CVE-2015-0611
2015-02-1201:59:27
CWE-264
cisco
web.nvd.nist.gov
23
cisco
ix
telepresence
vulnerability
authentication
bug id
cscus74174
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
6.5
Confidence
Low
EPSS
0.003
Percentile
68.1%
The administrative web-management portal in Cisco IX 8 (.0.1) and earlier on Cisco TelePresence IX5000 devices does not properly restrict the device-recovery account’s access, which allows remote authenticated users to obtain HelpDesk-equivalent privileges by leveraging device-recovery authentication, aka Bug ID CSCus74174.
Affected configurations
Node
ciscotelepresence_system_software_ixMatch8.0.0
ORciscotelepresence_system_software_ixMatch8.0.1
ciscotelepresence_ix5000
ORciscotelepresence_ix5200
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | telepresence_system_software_ix | 8.0.0 | cpe:2.3:o:cisco:telepresence_system_software_ix:8.0.0:*:*:*:*:*:*:* |
| cisco | telepresence_system_software_ix | 8.0.1 | cpe:2.3:o:cisco:telepresence_system_software_ix:8.0.1:*:*:*:*:*:*:* |
| cisco | telepresence_ix5000 | * | cpe:2.3:h:cisco:telepresence_ix5000:*:*:*:*:*:*:*:* |
| cisco | telepresence_ix5200 | * | cpe:2.3:h:cisco:telepresence_ix5200:*:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2015-0611
2015-02-12 01:00:00
cisco
cisco
Cisco TelePresence IX5000 Series Web Management Vulnerability
2015-02-11 22:52:17
nvd
nvd
CVE-2015-0611
2015-02-12 01:59:27
prion
prion
Authentication flaw
2015-02-12 01:59:00
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
6.5
Confidence
Low
EPSS
0.003
Percentile
68.1%
Related for CVE-2015-0611