// For flags

CVE-2015-6403

 

Severity Score

7.2
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The TFTP implementation on Cisco Small Business SPA30x, SPA50x, SPA51x phones 7.5.7 improperly validates firmware-image file integrity, which allows local users to load a Trojan horse image by leveraging shell access, aka Bug ID CSCut67400.

La implementación TFTP en teléfonos Cisco Small Business SPA30x, SPA50x, SPA51x 7.5.7 no valida adecuadamente la integridad del archivo de imagen de firmware, lo que permite a usuarios locales cargar una imagen de un Troyano mediante el aprovechamiento de acceso shell, también conocido como Bug ID CSCut67400.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2015-08-17 CVE Reserved
  • 2015-12-15 CVE Published
  • 2023-03-08 EPSS Updated
  • 2024-08-06 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-20: Improper Input Validation
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Cisco
Search vendor "Cisco"
Spa500 Firmware
Search vendor "Cisco" for product "Spa500 Firmware"
7.5.7
Search vendor "Cisco" for product "Spa500 Firmware" and version "7.5.7"
-
Affected
in Cisco
Search vendor "Cisco"
Spa 500ds
Search vendor "Cisco" for product "Spa 500ds"
--
Safe
Cisco
Search vendor "Cisco"
Spa500 Firmware
Search vendor "Cisco" for product "Spa500 Firmware"
7.5.7
Search vendor "Cisco" for product "Spa500 Firmware" and version "7.5.7"
-
Affected
in Cisco
Search vendor "Cisco"
Spa 500s
Search vendor "Cisco" for product "Spa 500s"
--
Safe
Cisco
Search vendor "Cisco"
Spa500 Firmware
Search vendor "Cisco" for product "Spa500 Firmware"
7.5.7
Search vendor "Cisco" for product "Spa500 Firmware" and version "7.5.7"
-
Affected
in Cisco
Search vendor "Cisco"
Spa 501g
Search vendor "Cisco" for product "Spa 501g"
--
Safe
Cisco
Search vendor "Cisco"
Spa500 Firmware
Search vendor "Cisco" for product "Spa500 Firmware"
7.5.7
Search vendor "Cisco" for product "Spa500 Firmware" and version "7.5.7"
-
Affected
in Cisco
Search vendor "Cisco"
Spa 502g
Search vendor "Cisco" for product "Spa 502g"
--
Safe
Cisco
Search vendor "Cisco"
Spa500 Firmware
Search vendor "Cisco" for product "Spa500 Firmware"
7.5.7
Search vendor "Cisco" for product "Spa500 Firmware" and version "7.5.7"
-
Affected
in Cisco
Search vendor "Cisco"
Spa 504g
Search vendor "Cisco" for product "Spa 504g"
--
Safe
Cisco
Search vendor "Cisco"
Spa500 Firmware
Search vendor "Cisco" for product "Spa500 Firmware"
7.5.7
Search vendor "Cisco" for product "Spa500 Firmware" and version "7.5.7"
-
Affected
in Cisco
Search vendor "Cisco"
Spa 508g
Search vendor "Cisco" for product "Spa 508g"
--
Safe
Cisco
Search vendor "Cisco"
Spa500 Firmware
Search vendor "Cisco" for product "Spa500 Firmware"
7.5.7
Search vendor "Cisco" for product "Spa500 Firmware" and version "7.5.7"
-
Affected
in Cisco
Search vendor "Cisco"
Spa 509g
Search vendor "Cisco" for product "Spa 509g"
--
Safe
Cisco
Search vendor "Cisco"
Spa500 Firmware
Search vendor "Cisco" for product "Spa500 Firmware"
7.5.7
Search vendor "Cisco" for product "Spa500 Firmware" and version "7.5.7"
-
Affected
in Cisco
Search vendor "Cisco"
Spa 512g
Search vendor "Cisco" for product "Spa 512g"
--
Safe
Cisco
Search vendor "Cisco"
Spa500 Firmware
Search vendor "Cisco" for product "Spa500 Firmware"
7.5.7
Search vendor "Cisco" for product "Spa500 Firmware" and version "7.5.7"
-
Affected
in Cisco
Search vendor "Cisco"
Spa 514g
Search vendor "Cisco" for product "Spa 514g"
--
Safe
Cisco
Search vendor "Cisco"
Spa500 Firmware
Search vendor "Cisco" for product "Spa500 Firmware"
7.5.7
Search vendor "Cisco" for product "Spa500 Firmware" and version "7.5.7"
-
Affected
in Cisco
Search vendor "Cisco"
Spa 525g2
Search vendor "Cisco" for product "Spa 525g2"
--
Safe
Cisco
Search vendor "Cisco"
Spa300 Firmware
Search vendor "Cisco" for product "Spa300 Firmware"
7.5.7
Search vendor "Cisco" for product "Spa300 Firmware" and version "7.5.7"
-
Affected
in Cisco
Search vendor "Cisco"
Spa 301
Search vendor "Cisco" for product "Spa 301"
--
Safe
Cisco
Search vendor "Cisco"
Spa300 Firmware
Search vendor "Cisco" for product "Spa300 Firmware"
7.5.7
Search vendor "Cisco" for product "Spa300 Firmware" and version "7.5.7"
-
Affected
in Cisco
Search vendor "Cisco"
Spa 303
Search vendor "Cisco" for product "Spa 303"
--
Safe