Lucene search

[email protected]CVE-2015-6319

HistoryJan 27, 2016 - 10:59 p.m.

CVE-2015-6319

2016-01-2722:59:00

CWE-89

[email protected]

web.nvd.nist.gov

cve-2015-6319

sql injection

cisco rv220w

vulnerability

nvd

bug id cscuv29574

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

48.1%

JSON

SQL injection vulnerability in the web-based management interface on Cisco RV220W devices allows remote attackers to execute arbitrary SQL commands via a crafted header in an HTTP request, aka Bug ID CSCuv29574.

Affected configurations

NVD

Node

ciscorv016_multi-wan_vpn_router

ciscorv042_dual_wan_vpn_router

ciscorv042g_dual_gigabit_wan_vpn_router

ciscorv082_dual_wan_vpn_router

ciscorv110w_wireless-n_vpn_firewall

ciscorv120w_wireless-n_vpn_firewall

ciscorv130_vpn_router

ciscorv130w_wireless-n_multifunction_vpn_router

ciscorv180_vpn_router

ciscorv180w_wireless-n_multifunction_vpn_router

ciscorv215w_wireless-n_vpn_router

ciscorv220w_wireless_network_security_firewall

ciscorv320_dual_gigabit_wan_vpn_router

ciscorv320_dual_gigabit_wan_wf_vpn_router

ciscorv325_dual_gigabit_wan_wf_vpn_router

ciscorv325_dual_wan_gigabit_vpn_router

ciscorvl200_4-port_ssl_ipsec_vpn_router

ciscorvs4000_4-port_gigabit_security_router_-_vpn

ciscowrv200_wireless-g_vpn_router_-_rangebooster

ciscowrv210_wireless-g_vpn_router_-_rangebooster

ciscowrvs4400n_wireless-n_gigabit_security_router_-_vpn_v2.0

AND

ciscorv_series_router_firmwareMatch1.0.0.2

ciscorv_series_router_firmwareMatch1.0.0.30

ciscorv_series_router_firmwareMatch1.0.1.9

ciscorv_series_router_firmwareMatch1.0.2.6

ciscorv_series_router_firmwareMatch1.0.3.10

ciscorv_series_router_firmwareMatch1.0.4.10

ciscorv_series_router_firmwareMatch1.0.4.14

ciscorv_series_router_firmwareMatch1.0.5.6

ciscorv_series_router_firmwareMatch1.0.5.8

ciscorv_series_router_firmwareMatch1.0.6.6

ciscorv_series_router_firmwareMatch1.1.0.9

ciscorv_series_router_firmwareMatch1.2.0.2

sunopensolarisMatchsnv_124sparc

CPENameOperatorVersion
cisco:rv_series_router_firmwarecisco rv series router firmwareeq1.0.0.2
cisco:rv_series_router_firmwarecisco rv series router firmwareeq1.0.0.30
cisco:rv_series_router_firmwarecisco rv series router firmwareeq1.0.1.9
cisco:rv_series_router_firmwarecisco rv series router firmwareeq1.0.2.6
cisco:rv_series_router_firmwarecisco rv series router firmwareeq1.0.3.10
cisco:rv_series_router_firmwarecisco rv series router firmwareeq1.0.4.10
cisco:rv_series_router_firmwarecisco rv series router firmwareeq1.0.4.14
cisco:rv_series_router_firmwarecisco rv series router firmwareeq1.0.5.6
cisco:rv_series_router_firmwarecisco rv series router firmwareeq1.0.5.8
cisco:rv_series_router_firmwarecisco rv series router firmwareeq1.0.6.6

CPE	Name	Operator	Version
cisco:rv_series_router_firmware	cisco rv series router firmware	eq	1.0.0.2
cisco:rv_series_router_firmware	cisco rv series router firmware	eq	1.0.0.30
cisco:rv_series_router_firmware	cisco rv series router firmware	eq	1.0.1.9
cisco:rv_series_router_firmware	cisco rv series router firmware	eq	1.0.2.6
cisco:rv_series_router_firmware	cisco rv series router firmware	eq	1.0.3.10
cisco:rv_series_router_firmware	cisco rv series router firmware	eq	1.0.4.10
cisco:rv_series_router_firmware	cisco rv series router firmware	eq	1.0.4.14
cisco:rv_series_router_firmware	cisco rv series router firmware	eq	1.0.5.6
cisco:rv_series_router_firmware	cisco rv series router firmware	eq	1.0.5.8
cisco:rv_series_router_firmware	cisco rv series router firmware	eq	1.0.6.6

Rows per page:

1-10 of 131

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-rv220

www.securitytracker.com/id/1034830

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

48.1%

JSON

Related for CVE-2015-6319

cisco1 cvelist1 openvas1 prion1 nvd1