Lucene search
CiscoCVE-2015-6383HistoryDec 03, 2015 - 3:59 a.m.
CVE-2015-6383
2015-12-0303:59:00
CWE-264
cisco
web.nvd.nist.gov
32
cisco
ios xe
asr 1000
license restrictions
root privileges
cve-2015-6383
nvd
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.6
Confidence
Low
EPSS
0
Percentile
5.1%
Cisco IOS XE 15.4(3)S on ASR 1000 devices improperly loads software packages, which allows local users to bypass license restrictions and obtain certain root privileges by using the CLI to enter crafted filenames, aka Bug ID CSCuv93130.
Affected configurations
Node
ciscoios_xeMatch15.4\(3\)s
Related
prion
prion
Code injection
2015-12-03 03:59:00
seebug
seebug
Cisco ASR 1000 IOS XE安全绕过漏洞
2015-12-04 00:00:00
cvelist
cvelist
CVE-2015-6383
2015-12-03 02:00:00
nvd
nvd
CVE-2015-6383
2015-12-03 03:59:00
openvas
openvas
Cisco ASR 1000 Series Root Shell License Bypass Vulnerability
2015-12-01 00:00:00
cisco
cisco
Cisco IOS XE 3S Platforms Series root Shell License Bypass Vulnerability
2015-11-30 00:00:00
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.6
Confidence
Low
EPSS
0
Percentile
5.1%
Related for CVE-2015-6383