Lucene search

[email protected]CVE-2015-6336

HistoryJan 15, 2016 - 3:59 a.m.

CVE-2015-6336

2016-01-1503:59:00

CWE-255

[email protected]

web.nvd.nist.gov

cisco

aironet 1800

default account

cve-2015-6336

nvd

vulnerability

security issue

7.3 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

7.1 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

54.0%

JSON

Cisco Aironet 1800 devices with software 7.2, 7.3, 7.4, 8.1(112.3), 8.1(112.4), and 8.1(15.14) have a default account, which makes it easier for remote attackers to obtain access via unspecified vectors, aka Bug ID CSCuw58062.

CPENameOperatorVersion
cisco:aironet_access_point_softwarecisco aironet access point softwareeq7.2_base
cisco:aironet_access_point_softwarecisco aironet access point softwareeq7.3_base
cisco:aironet_access_point_softwarecisco aironet access point softwareeq7.4_base
cisco:aironet_access_point_softwarecisco aironet access point softwareeq8.1\(15.14\)
cisco:aironet_access_point_softwarecisco aironet access point softwareeq8.1\(112.3\)
cisco:aironet_access_point_softwarecisco aironet access point softwareeq8.1\(112.4\)

CPE	Name	Operator	Version
cisco:aironet_access_point_software	cisco aironet access point software	eq	7.2_base
cisco:aironet_access_point_software	cisco aironet access point software	eq	7.3_base
cisco:aironet_access_point_software	cisco aironet access point software	eq	7.4_base
cisco:aironet_access_point_software	cisco aironet access point software	eq	8.1\(15.14\)
cisco:aironet_access_point_software	cisco aironet access point software	eq	8.1\(112.3\)
cisco:aironet_access_point_software	cisco aironet access point software	eq	8.1\(112.4\)

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-air

www.securitytracker.com/id/1034667

7.3 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

7.1 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

54.0%

JSON

Related for CVE-2015-6336

cvelist1 prion1 cisco1