Lucene search
HistoryFeb 12, 2015 - 1:59 a.m.
CVE-2015-0611
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
6.3
Confidence
Low
EPSS
0.003
Percentile
68.1%
The administrative web-management portal in Cisco IX 8 (.0.1) and earlier on Cisco TelePresence IX5000 devices does not properly restrict the device-recovery account’s access, which allows remote authenticated users to obtain HelpDesk-equivalent privileges by leveraging device-recovery authentication, aka Bug ID CSCus74174.
Affected configurations
Node
ciscotelepresence_system_software_ixMatch8.0.0
ORciscotelepresence_system_software_ixMatch8.0.1
ciscotelepresence_ix5000
ORciscotelepresence_ix5200
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | telepresence_system_software_ix | 8.0.0 | cpe:2.3:o:cisco:telepresence_system_software_ix:8.0.0:*:*:*:*:*:*:* |
| cisco | telepresence_system_software_ix | 8.0.1 | cpe:2.3:o:cisco:telepresence_system_software_ix:8.0.1:*:*:*:*:*:*:* |
| cisco | telepresence_ix5000 | * | cpe:2.3:h:cisco:telepresence_ix5000:*:*:*:*:*:*:*:* |
| cisco | telepresence_ix5200 | * | cpe:2.3:h:cisco:telepresence_ix5200:*:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2015-0611
2015-02-12 01:00:00
cisco
cisco
Cisco TelePresence IX5000 Series Web Management Vulnerability
2015-02-11 22:52:17
prion
prion
Authentication flaw
2015-02-12 01:59:00
cve
cve
CVE-2015-0611
2015-02-12 01:59:27
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
6.3
Confidence
Low
EPSS
0.003
Percentile
68.1%
Related for NVD:CVE-2015-0611