CVE-2015-4202

2015-06-2014:59:01

CWE-200

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.3

Confidence

Low

EPSS

0.001

Percentile

50.4%

JSON

Cisco IOS 12.2SCH on uBR10000 router Cable Modem Termination Systems (CMTS) does not properly restrict access to the IP Detail Record (IPDR) service, which allows remote attackers to obtain potentially sensitive MAC address and network-utilization information via crafted IPDR packets, aka Bug ID CSCua39203.

Affected configurations

Nvd

Node

ciscoiosMatch12.2\(33\)sch

ciscoiosMatch12.2sch

AND

ciscoubr10000_cable_modem_termination_system

VendorProductVersionCPE
ciscoios12.2(33)schcpe:2.3:o:cisco:ios:12.2\(33\)sch:*:*:*:*:*:*:*
ciscoios12.2schcpe:2.3:o:cisco:ios:12.2sch:*:*:*:*:*:*:*
ciscoubr10000_cable_modem_termination_system*cpe:2.3:h:cisco:ubr10000_cable_modem_termination_system:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	ios	12.2(33)sch	cpe:2.3:o:cisco:ios:12.2\(33\)sch:::::::*
cisco	ios	12.2sch	cpe:2.3:o:cisco:ios:12.2sch:::::::*
cisco	ubr10000_cable_modem_termination_system	*	cpe:2.3:h:cisco:ubr10000_cable_modem_termination_system::::::::