Lucene search
HistoryDec 01, 2015 - 11:59 a.m.
CVE-2015-6385
cisco
ios
vulnerability
cloud services router
cve-2015-6385
nvd
7.5 High
AI Score
Confidence
Low
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
5.3%
The publish-event event-manager feature in Cisco IOS 15.5(2)S and 15.5(3)S on Cloud Services Router 1000V devices allows local users to execute arbitrary commands with root privileges by leveraging administrative access to enter crafted environment variables, aka Bug ID CSCux14943.
| CPE | Name | Operator | Version |
|---|---|---|---|
| cisco:ios | cisco ios | eq | 15.5\(2\)s |
| cisco:ios | cisco ios | eq | 15.5\(3\)s |
Related
prion
prion
Design/Logic Flaw
2015-12-01 11:59:00
cisco
cisco
Cisco Cloud Services Router 1000V Command Injection Vulnerability
2015-11-30 22:30:00
openvas
openvas
Cisco Cloud Services Router 1000V Command Injection Vulnerability
2015-12-01 00:00:00
7.5 High
AI Score
Confidence
Low
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
5.3%
Related for CVE-2015-6385