CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-6276
https://notcve.org/view.php?id=CVE-2015-6276
05 Sep 2015 — Cisco TelePresence IX5000 8.0.3 stores a private key associated with an X.509 certificate under the web root with insufficient access control, which allows remote attackers to obtain cleartext versions of HTTPS traffic or spoof devices via a direct request to the certificate directory, aka Bug ID CSCuu63501. Vulnerabilidad en Cisco TelePresence IX5000 8.0.3, almacena una clave privada asociada con un certificado X.509 bajo la raíz web con control de acceso insuficiente, lo que permite a atacantes remotos ob... • http://tools.cisco.com/security/center/viewAlert.x?alertId=40727 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2015-0611
https://notcve.org/view.php?id=CVE-2015-0611
12 Feb 2015 — The administrative web-management portal in Cisco IX 8 (.0.1) and earlier on Cisco TelePresence IX5000 devices does not properly restrict the device-recovery account's access, which allows remote authenticated users to obtain HelpDesk-equivalent privileges by leveraging device-recovery authentication, aka Bug ID CSCus74174. El portal de la gestión del web administrativo en Cisco IX 8 (.0.1) y anteriores en los dispositivos Cisco TelePresence IX5000 no restringe correctamente el acceso a la cuenta de la recu... • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0611 • CWE-264: Permissions, Privileges, and Access Controls •