CVE-2015-6336

Published Jan 15, 2016

Last updated 8 years ago

CVSS high 7.3

Overview

Description: Cisco Aironet 1800 devices with software 7.2, 7.3, 7.4, 8.1(112.3), 8.1(112.4), and 8.1(15.14) have a default account, which makes it easier for remote attackers to obtain access via unspecified vectors, aka Bug ID CSCuw58062.
Source: ykramarz@cisco.com
NVD status: Modified

Risk scores

CVSS 3.0

Type: Primary
Base score: 7.3
Impact score: 3.4
Exploitability score: 3.9
Vector string: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-255

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:aironet_access_point_software:7.2_base:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AD33ED02-6760-4BD5-9639-BA2F9CCBA01F"
          },
          {
            "criteria": "cpe:2.3:o:cisco:aironet_access_point_software:7.3_base:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "568B926E-483A-4318-BC50-841668C6B3C3"
          },
          {
            "criteria": "cpe:2.3:o:cisco:aironet_access_point_software:7.4_base:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D6A4259C-C436-4831-9764-6C7079F51A93"
          },
          {
            "criteria": "cpe:2.3:o:cisco:aironet_access_point_software:8.1\\(15.14\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "88453D71-DAF5-4813-9776-5391C31B1006"
          },
          {
            "criteria": "cpe:2.3:o:cisco:aironet_access_point_software:8.1\\(112.3\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A187F61E-D4A4-4DF9-93B4-981C4B86F284"
          },
          {
            "criteria": "cpe:2.3:o:cisco:aironet_access_point_software:8.1\\(112.4\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A92A6EC5-E47A-4001-A25C-A1043B346EDE"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:aironet_1830e:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D0FCB522-C9CB-4EEA-9C0C-42A3ED2523C5"
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_1830i:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "25D42448-AE53-4832-9D56-5C6172BC2872"
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_1850e:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0A9CB0ED-8596-4576-8243-B3B97A19CEFB"
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_1850i:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4C6AD90E-0906-4169-A2C9-10D2BF353FB2"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References