CVE-2015-6401

2015-12-1403:59:01

CWE-287

[email protected]

web.nvd.nist.gov

cve-2015-6401

cisco

epc3928

edva

bug id cscux24941

remote code execution

authentication bypass

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

68.7%

JSON

Cisco EPC3928 devices with EDVA 5.5.10, 5.5.11, and 5.7.1 allow remote attackers to bypass an intended authentication requirement and execute unspecified administrative functions via a crafted HTTP request, aka Bug ID CSCux24941.

Affected configurations

NVD

Node

ciscoepc3928_docsis_3.0_8x4_wireless_residential_gateway_with_embedded_digital_voice_adapterMatch5.5.10

ciscoepc3928_docsis_3.0_8x4_wireless_residential_gateway_with_embedded_digital_voice_adapterMatch5.5.11

ciscoepc3928_docsis_3.0_8x4_wireless_residential_gateway_with_embedded_digital_voice_adapterMatch5.7.1

CPENameOperatorVersion
cisco:epc3928_docsis_3.0_8x4_wireless_residential_gateway_with_embedded_digital_voice_adaptercisco epc3928 docsis 3.0 8x4 wireless residential gateway with embedded digital voice adaptereq5.5.10
cisco:epc3928_docsis_3.0_8x4_wireless_residential_gateway_with_embedded_digital_voice_adaptercisco epc3928 docsis 3.0 8x4 wireless residential gateway with embedded digital voice adaptereq5.5.11
cisco:epc3928_docsis_3.0_8x4_wireless_residential_gateway_with_embedded_digital_voice_adaptercisco epc3928 docsis 3.0 8x4 wireless residential gateway with embedded digital voice adaptereq5.7.1

CPE	Name	Operator	Version
cisco:epc3928_docsis_3.0_8x4_wireless_residential_gateway_with_embedded_digital_voice_adapter	cisco epc3928 docsis 3.0 8x4 wireless residential gateway with embedded digital voice adapter	eq	5.5.10
cisco:epc3928_docsis_3.0_8x4_wireless_residential_gateway_with_embedded_digital_voice_adapter	cisco epc3928 docsis 3.0 8x4 wireless residential gateway with embedded digital voice adapter	eq	5.5.11
cisco:epc3928_docsis_3.0_8x4_wireless_residential_gateway_with_embedded_digital_voice_adapter	cisco epc3928 docsis 3.0 8x4 wireless residential gateway with embedded digital voice adapter	eq	5.7.1