Lucene search

CiscoCVE-2015-6361

HistoryDec 13, 2015 - 3:59 a.m.

CVE-2015-6361

2015-12-1303:59:00

CWE-20

cisco

web.nvd.nist.gov

cve-2015-6361

cisco

dpc3939

xb3

firmware

remote execution

authenticated users

bug id cscuw86170

nvd

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

AI Score

7.7

Confidence

Low

EPSS

0.004

Percentile

75.0%

JSON

The administrative web interface on Cisco DPC3939 (XB3) devices with firmware 121109aCMCST allows remote authenticated users to execute arbitrary commands via unspecified fields, aka Bug ID CSCuw86170.

Affected configurations

Nvd

Node

ciscodpc3939_wireless_residential_voice_gateway_firmwareMatch121109acmcst_base

AND

ciscodpc3939_wireless_residential_voice_gateway

VendorProductVersionCPE
ciscodpc3939_wireless_residential_voice_gateway_firmware121109acmcst_basecpe:2.3:o:cisco:dpc3939_wireless_residential_voice_gateway_firmware:121109acmcst_base:*:*:*:*:*:*:*
ciscodpc3939_wireless_residential_voice_gateway*cpe:2.3:h:cisco:dpc3939_wireless_residential_voice_gateway:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	dpc3939_wireless_residential_voice_gateway_firmware	121109acmcst_base	cpe:2.3:o:cisco:dpc3939_wireless_residential_voice_gateway_firmware:121109acmcst_base:::::::*
cisco	dpc3939_wireless_residential_voice_gateway	*	cpe:2.3:h:cisco:dpc3939_wireless_residential_voice_gateway::::::::

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151208-xb3

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

AI Score

7.7

Confidence

Low

EPSS

0.004

Percentile

75.0%

JSON

Related for CVE-2015-6361