Lucene search

[email protected]CVE-2015-6424

HistoryDec 18, 2015 - 11:59 a.m.

CVE-2015-6424

2015-12-1811:59:00

CWE-255

[email protected]

web.nvd.nist.gov

cisco

apic

boot manager

access restrictions

cve-2015-6424

nvd

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.5 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

The boot manager in Cisco Application Policy Infrastructure Controller (APIC) 1.1(0.920a) allows local users to bypass intended access restrictions and obtain single-user-mode root access via unspecified vectors, aka Bug ID CSCuu83985.

Affected configurations

NVD

Node

ciscoapplication_policy_infrastructure_controllerMatch1.1\(0.920a\)

CPENameOperatorVersion
cisco:application_policy_infrastructure_controllercisco application policy infrastructure controllereq1.1\(0.920a\)

CPE	Name	Operator	Version
cisco:application_policy_infrastructure_controller	cisco application policy infrastructure controller	eq	1.1\(0.920a\)

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151216-apic

www.securityfocus.com/bid/79410

www.securitytracker.com/id/1034468

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.5 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2015-6424

openvas1 prion1 nvd1 cisco1 cvelist1