CVE-2015-4689

Published Sep 11, 2017

Last updated 6 years ago

CVSS critical 9.8

Overview

Description: Ellucian (formerly SunGard) Banner Student 8.5.1.2 through 8.7 allows remote attackers to reset arbitrary passwords via unspecified vectors, aka "Weak Password Reset."
Source: cve@mitre.org
NVD status: Analyzed

Risk scores

CVSS 3.0

Type: Primary
Base score: 9.8
Impact score: 5.9
Exploitability score: 3.9
Vector string: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: CRITICAL

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-640

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ellucian:banner_student:8.5.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A5FE786C-DB21-49D0-BC41-C9581109EB28"
          },
          {
            "criteria": "cpe:2.3:a:ellucian:banner_student:8.6.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "66E260EE-09DF-4AC7-BBA6-AC2D4C1DB5DF"
          },
          {
            "criteria": "cpe:2.3:a:ellucian:banner_student:8.6.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9D5ED9D0-B74E-4B37-9C39-E1BF3D4F8CEC"
          },
          {
            "criteria": "cpe:2.3:a:ellucian:banner_student:8.6.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ADCBA3CD-D466-44F5-8C55-6E502D7A0556"
          },
          {
            "criteria": "cpe:2.3:a:ellucian:banner_student:8.6.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0D68A309-B710-4871-B1B6-7997BD271D3C"
          },
          {
            "criteria": "cpe:2.3:a:ellucian:banner_student:8.6.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "237CDFDF-272E-47A8-B721-D4CD2E9BB830"
          },
          {
            "criteria": "cpe:2.3:a:ellucian:banner_student:8.6.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5D211CD4-3144-4B35-995A-C2570DBD6103"
          },
          {
            "criteria": "cpe:2.3:a:ellucian:banner_student:8.6.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1AE8C92C-A8C8-44DD-B4A0-06F93420F81A"
          },
          {
            "criteria": "cpe:2.3:a:ellucian:banner_student:8.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "51982C4B-E669-4C5D-BAD1-9C3772D90AC0"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References