CVE-2015-0691
Severity Score
9.3
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A certain Cisco JAR file, as distributed in Cache Cleaner in Cisco Secure Desktop (CSD), allows remote attackers to execute arbitrary commands via a crafted web site, aka Bug ID CSCup83001.
Cierto fichero Cisco JAR, distribuido en Cache Cleaner en Cisco Secure Desktop (CSD), permite a atacantes remotos ejecutar comandos arbitrarios a través de un sitio web manipulado, también conocido como Bug ID CSCup83001.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2015-01-07 CVE Reserved
- 2015-04-17 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://www.securitytracker.com/id/1032140 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150415-csd | 2017-01-06 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Secure Desktop Search vendor "Cisco" for product "Secure Desktop" | 3.0_base Search vendor "Cisco" for product "Secure Desktop" and version "3.0_base" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Secure Desktop Search vendor "Cisco" for product "Secure Desktop" | 3.1.0.31 Search vendor "Cisco" for product "Secure Desktop" and version "3.1.0.31" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Secure Desktop Search vendor "Cisco" for product "Secure Desktop" | 3.1.1 Search vendor "Cisco" for product "Secure Desktop" and version "3.1.1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Secure Desktop Search vendor "Cisco" for product "Secure Desktop" | 3.1.1.45 Search vendor "Cisco" for product "Secure Desktop" and version "3.1.1.45" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Secure Desktop Search vendor "Cisco" for product "Secure Desktop" | 3.1_base Search vendor "Cisco" for product "Secure Desktop" and version "3.1_base" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Secure Desktop Search vendor "Cisco" for product "Secure Desktop" | 3.2.0.136 Search vendor "Cisco" for product "Secure Desktop" and version "3.2.0.136" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Secure Desktop Search vendor "Cisco" for product "Secure Desktop" | 3.2.1.103 Search vendor "Cisco" for product "Secure Desktop" and version "3.2.1.103" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Secure Desktop Search vendor "Cisco" for product "Secure Desktop" | 3.2.1.126 Search vendor "Cisco" for product "Secure Desktop" and version "3.2.1.126" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Secure Desktop Search vendor "Cisco" for product "Secure Desktop" | 3.2_base Search vendor "Cisco" for product "Secure Desktop" and version "3.2_base" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Secure Desktop Search vendor "Cisco" for product "Secure Desktop" | 3.3.0.118 Search vendor "Cisco" for product "Secure Desktop" and version "3.3.0.118" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Secure Desktop Search vendor "Cisco" for product "Secure Desktop" | 3.3.0.151 Search vendor "Cisco" for product "Secure Desktop" and version "3.3.0.151" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Secure Desktop Search vendor "Cisco" for product "Secure Desktop" | 3.3_base Search vendor "Cisco" for product "Secure Desktop" and version "3.3_base" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Secure Desktop Search vendor "Cisco" for product "Secure Desktop" | 3.4.0373 Search vendor "Cisco" for product "Secure Desktop" and version "3.4.0373" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Secure Desktop Search vendor "Cisco" for product "Secure Desktop" | 3.4.1108 Search vendor "Cisco" for product "Secure Desktop" and version "3.4.1108" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Secure Desktop Search vendor "Cisco" for product "Secure Desktop" | 3.4.2048 Search vendor "Cisco" for product "Secure Desktop" and version "3.4.2048" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Secure Desktop Search vendor "Cisco" for product "Secure Desktop" | 3.4_base Search vendor "Cisco" for product "Secure Desktop" and version "3.4_base" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Secure Desktop Search vendor "Cisco" for product "Secure Desktop" | 3.5.841 Search vendor "Cisco" for product "Secure Desktop" and version "3.5.841" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Secure Desktop Search vendor "Cisco" for product "Secure Desktop" | 3.5.1077 Search vendor "Cisco" for product "Secure Desktop" and version "3.5.1077" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Secure Desktop Search vendor "Cisco" for product "Secure Desktop" | 3.5.2001 Search vendor "Cisco" for product "Secure Desktop" and version "3.5.2001" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Secure Desktop Search vendor "Cisco" for product "Secure Desktop" | 3.5.2003 Search vendor "Cisco" for product "Secure Desktop" and version "3.5.2003" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Secure Desktop Search vendor "Cisco" for product "Secure Desktop" | 3.5.2008 Search vendor "Cisco" for product "Secure Desktop" and version "3.5.2008" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Secure Desktop Search vendor "Cisco" for product "Secure Desktop" | 3.5_base Search vendor "Cisco" for product "Secure Desktop" and version "3.5_base" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Secure Desktop Search vendor "Cisco" for product "Secure Desktop" | 3.6.181 Search vendor "Cisco" for product "Secure Desktop" and version "3.6.181" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Secure Desktop Search vendor "Cisco" for product "Secure Desktop" | 3.6.185 Search vendor "Cisco" for product "Secure Desktop" and version "3.6.185" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Secure Desktop Search vendor "Cisco" for product "Secure Desktop" | 3.6.1001 Search vendor "Cisco" for product "Secure Desktop" and version "3.6.1001" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Secure Desktop Search vendor "Cisco" for product "Secure Desktop" | 3.6.2002 Search vendor "Cisco" for product "Secure Desktop" and version "3.6.2002" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Secure Desktop Search vendor "Cisco" for product "Secure Desktop" | 3.6.3002 Search vendor "Cisco" for product "Secure Desktop" and version "3.6.3002" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Secure Desktop Search vendor "Cisco" for product "Secure Desktop" | 3.6.4021 Search vendor "Cisco" for product "Secure Desktop" and version "3.6.4021" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Secure Desktop Search vendor "Cisco" for product "Secure Desktop" | 3.6.5005 Search vendor "Cisco" for product "Secure Desktop" and version "3.6.5005" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Secure Desktop Search vendor "Cisco" for product "Secure Desktop" | 3.6.6020 Search vendor "Cisco" for product "Secure Desktop" and version "3.6.6020" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Secure Desktop Search vendor "Cisco" for product "Secure Desktop" | 3.6.6104 Search vendor "Cisco" for product "Secure Desktop" and version "3.6.6104" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Secure Desktop Search vendor "Cisco" for product "Secure Desktop" | 3.6.6203 Search vendor "Cisco" for product "Secure Desktop" and version "3.6.6203" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Secure Desktop Search vendor "Cisco" for product "Secure Desktop" | 3.6.6210 Search vendor "Cisco" for product "Secure Desktop" and version "3.6.6210" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Secure Desktop Search vendor "Cisco" for product "Secure Desktop" | 3.6.6228 Search vendor "Cisco" for product "Secure Desktop" and version "3.6.6228" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Secure Desktop Search vendor "Cisco" for product "Secure Desktop" | 3.6.6234 Search vendor "Cisco" for product "Secure Desktop" and version "3.6.6234" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Secure Desktop Search vendor "Cisco" for product "Secure Desktop" | 3.6.6249 Search vendor "Cisco" for product "Secure Desktop" and version "3.6.6249" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Secure Desktop Search vendor "Cisco" for product "Secure Desktop" | 3.6_base Search vendor "Cisco" for product "Secure Desktop" and version "3.6_base" | - |
Affected
| ||||||