CVE-2015-4225
Severity Score
4.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Cisco Application Policy Infrastructure Controller (APIC) 1.0(1.110a) and 1.0(1e) on Nexus 9000 devices does not properly implement RBAC health scoring, which allows remote authenticated users to obtain sensitive information via unspecified vectors, aka Bug ID CSCuq77485.
Cisco Application Policy Infrastructure Controller (APIC) 1.0(1.110a) y 1.0(1e) en los dispositivos Nexus 9000 no implementa correctamente la puntuación de salud RBAC, lo que permite a usuarios remotos autenticados obtener información sensible a través de vectores no especificados, también conocido como Bug ID CSCuq77485.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2015-06-04 CVE Reserved
- 2015-06-27 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/75433 | Third Party Advisory | |
| http://www.securitytracker.com/id/1032735 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://tools.cisco.com/security/center/viewAlert.x?alertId=39529 | 2016-12-29 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 1.0\(1.110a\) Search vendor "Cisco" for product "Nx-os" and version "1.0\(1.110a\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 93120tx Search vendor "Cisco" for product "Nexus 93120tx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 1.0\(1.110a\) Search vendor "Cisco" for product "Nx-os" and version "1.0\(1.110a\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 93128tx Search vendor "Cisco" for product "Nexus 93128tx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 1.0\(1.110a\) Search vendor "Cisco" for product "Nx-os" and version "1.0\(1.110a\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9332pq Search vendor "Cisco" for product "Nexus 9332pq" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 1.0\(1.110a\) Search vendor "Cisco" for product "Nx-os" and version "1.0\(1.110a\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9336pq Aci Spine Search vendor "Cisco" for product "Nexus 9336pq Aci Spine" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 1.0\(1.110a\) Search vendor "Cisco" for product "Nx-os" and version "1.0\(1.110a\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9372px Search vendor "Cisco" for product "Nexus 9372px" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 1.0\(1.110a\) Search vendor "Cisco" for product "Nx-os" and version "1.0\(1.110a\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9372tx Search vendor "Cisco" for product "Nexus 9372tx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 1.0\(1.110a\) Search vendor "Cisco" for product "Nx-os" and version "1.0\(1.110a\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9396px Search vendor "Cisco" for product "Nexus 9396px" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 1.0\(1.110a\) Search vendor "Cisco" for product "Nx-os" and version "1.0\(1.110a\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9396tx Search vendor "Cisco" for product "Nexus 9396tx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 1.0\(1.110a\) Search vendor "Cisco" for product "Nx-os" and version "1.0\(1.110a\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9504 Search vendor "Cisco" for product "Nexus 9504" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 1.0\(1.110a\) Search vendor "Cisco" for product "Nx-os" and version "1.0\(1.110a\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9508 Search vendor "Cisco" for product "Nexus 9508" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 1.0\(1.110a\) Search vendor "Cisco" for product "Nx-os" and version "1.0\(1.110a\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9516 Search vendor "Cisco" for product "Nexus 9516" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 1.0\(1e\) Search vendor "Cisco" for product "Nx-os" and version "1.0\(1e\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 93120tx Search vendor "Cisco" for product "Nexus 93120tx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 1.0\(1e\) Search vendor "Cisco" for product "Nx-os" and version "1.0\(1e\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 93128tx Search vendor "Cisco" for product "Nexus 93128tx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 1.0\(1e\) Search vendor "Cisco" for product "Nx-os" and version "1.0\(1e\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9332pq Search vendor "Cisco" for product "Nexus 9332pq" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 1.0\(1e\) Search vendor "Cisco" for product "Nx-os" and version "1.0\(1e\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9336pq Aci Spine Search vendor "Cisco" for product "Nexus 9336pq Aci Spine" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 1.0\(1e\) Search vendor "Cisco" for product "Nx-os" and version "1.0\(1e\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9372px Search vendor "Cisco" for product "Nexus 9372px" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 1.0\(1e\) Search vendor "Cisco" for product "Nx-os" and version "1.0\(1e\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9372tx Search vendor "Cisco" for product "Nexus 9372tx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 1.0\(1e\) Search vendor "Cisco" for product "Nx-os" and version "1.0\(1e\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9396px Search vendor "Cisco" for product "Nexus 9396px" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 1.0\(1e\) Search vendor "Cisco" for product "Nx-os" and version "1.0\(1e\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9396tx Search vendor "Cisco" for product "Nexus 9396tx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 1.0\(1e\) Search vendor "Cisco" for product "Nx-os" and version "1.0\(1e\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9504 Search vendor "Cisco" for product "Nexus 9504" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 1.0\(1e\) Search vendor "Cisco" for product "Nx-os" and version "1.0\(1e\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9508 Search vendor "Cisco" for product "Nexus 9508" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 1.0\(1e\) Search vendor "Cisco" for product "Nx-os" and version "1.0\(1e\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9516 Search vendor "Cisco" for product "Nexus 9516" | - | - |
Safe
|