CVE-2015-4202
Severity Score
5.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Cisco IOS 12.2SCH on uBR10000 router Cable Modem Termination Systems (CMTS) does not properly restrict access to the IP Detail Record (IPDR) service, which allows remote attackers to obtain potentially sensitive MAC address and network-utilization information via crafted IPDR packets, aka Bug ID CSCua39203.
Cisco IOS 12.2SCH en Cable Modem Termination Systems (CMTS) de los routers uBR10000 no restringe correctamente el acceso al servicio IP Detail Record (IPDR), lo que permite a atacantes remotos obtener información potencialmente sensible de direcciones MAC y utilización de red a través de paquetes IPDR manipulados, también conocido como Bug ID CSCua39203.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2015-06-04 CVE Reserved
- 2015-06-20 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/75321 | Third Party Advisory | |
| http://www.securitytracker.com/id/1032678 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://tools.cisco.com/security/center/viewAlert.x?alertId=39432 | 2016-12-28 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 12.2\(33\)sch Search vendor "Cisco" for product "Ios" and version "12.2\(33\)sch" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ubr10000 Cable Modem Termination System Search vendor "Cisco" for product "Ubr10000 Cable Modem Termination System" | * | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 12.2sch Search vendor "Cisco" for product "Ios" and version "12.2sch" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ubr10000 Cable Modem Termination System Search vendor "Cisco" for product "Ubr10000 Cable Modem Termination System" | * | - |
Safe
|