Lucene search
HistoryDec 03, 2015 - 3:59 a.m.
CVE-2015-6383
cisco
ios xe
asr 1000
license restrictions
root privileges
cve-2015-6383
nvd
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
6.6 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Cisco IOS XE 15.4(3)S on ASR 1000 devices improperly loads software packages, which allows local users to bypass license restrictions and obtain certain root privileges by using the CLI to enter crafted filenames, aka Bug ID CSCuv93130.
Affected configurations
Node
ciscoios_xeMatch15.4\(3\)s
| CPE | Name | Operator | Version |
|---|---|---|---|
| cisco:ios_xe | cisco ios xe | eq | 15.4\(3\)s |
Related
nvd
nvd
CVE-2015-6383
2015-12-03 03:59:00
seebug
seebug
Cisco ASR 1000 IOS XE安全绕过漏洞
2015-12-04 00:00:00
prion
prion
Code injection
2015-12-03 03:59:00
cvelist
cvelist
CVE-2015-6383
2015-12-03 02:00:00
openvas
openvas
Cisco ASR 1000 Series Root Shell License Bypass Vulnerability
2015-12-01 00:00:00
cisco
cisco
Cisco IOS XE 3S Platforms Series root Shell License Bypass Vulnerability
2015-11-30 00:00:00
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
6.6 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Related for CVE-2015-6383