CVE-2015-6296

Published Sep 18, 2015

Last updated 8 years ago

Overview

Description: Cisco Prime Network Registrar (CPNR) 8.1(3.3), 8.2(3), and 8.3(2) has a default account, which allows local users to obtain root access by leveraging knowledge of the credentials, aka Bug ID CSCuw21825.
Source: ykramarz@cisco.com
NVD status: Analyzed

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.2
Impact score: 10
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-264

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cisco:prime_network_registrar:8.1.3.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D8644D7B-7AC1-4C31-95BA-0B3C83ACDF07"
          },
          {
            "criteria": "cpe:2.3:a:cisco:prime_network_registrar:8.2.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B08D4801-44C6-41D8-A610-8BACD7944121"
          },
          {
            "criteria": "cpe:2.3:a:cisco:prime_network_registrar:8.3.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6249E955-68F8-486C-9C40-7D4DF5F2F456"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References