CVE-2015-6316
Published Nov 6, 2015
Last updated 8 years ago
Overview
- Description
- The default configuration of sshd_config in Cisco Mobility Services Engine (MSE) through 8.0.120.7 allows logins by the oracle account, which makes it easier for remote attackers to obtain access by entering this account's hardcoded password in an SSH session, aka Bug ID CSCuv40501.
- Source
- ykramarz@cisco.com
- NVD status
- Analyzed
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 6.5
- Impact score
- 6.4
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-255
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:mobility_services_engine:5.1_base:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A26E1426-1345-49ED-95AB-DA0F2FF36C9D"
},
{
"criteria": "cpe:2.3:a:cisco:mobility_services_engine:5.2_base:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F9403633-6299-4FBD-A945-17339034F2DF"
},
{
"criteria": "cpe:2.3:a:cisco:mobility_services_engine:6.0_base:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "189A0B7E-1042-4C08-BF2F-B80AE2227E0C"
},
{
"criteria": "cpe:2.3:a:cisco:mobility_services_engine:7.0_base:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EEE771FF-9D5A-4EE9-A7A5-DADCE0D3FA5B"
},
{
"criteria": "cpe:2.3:a:cisco:mobility_services_engine:7.4.100.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ADA25694-139F-40C4-AE22-A4AF696E4472"
},
{
"criteria": "cpe:2.3:a:cisco:mobility_services_engine:7.4.110.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "24240518-287C-4660-85C4-739659348E71"
},
{
"criteria": "cpe:2.3:a:cisco:mobility_services_engine:7.4.121.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E7B3E19E-38EB-488B-9C86-CFF71E1DB705"
},
{
"criteria": "cpe:2.3:a:cisco:mobility_services_engine:7.4_base:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7733AF02-FFE6-4AFF-9F83-5A51EA247467"
},
{
"criteria": "cpe:2.3:a:cisco:mobility_services_engine:7.5.102.101:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "137CEA79-692B-4607-A69E-D8284DD320CB"
},
{
"criteria": "cpe:2.3:a:cisco:mobility_services_engine:7.6.100.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FB805389-DA84-48B9-9EB3-A0E3FC420A83"
},
{
"criteria": "cpe:2.3:a:cisco:mobility_services_engine:7.6.120.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0A6698F9-7333-49C3-B7B6-3D938C1B2368"
},
{
"criteria": "cpe:2.3:a:cisco:mobility_services_engine:7.6.132.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EA6F1EB9-D354-436C-A93D-18A69495E6AE"
},
{
"criteria": "cpe:2.3:a:cisco:mobility_services_engine:8.0\\(110.0\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E59BCB1F-A4A7-443C-BB49-4B189820B326"
},
{
"criteria": "cpe:2.3:a:cisco:mobility_services_engine:8.0_base:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B656F50D-6EF5-44C8-A67F-BB5631908400"
}
],
"operator": "OR"
}
]
}
]