All the vulnerabilites related to cisco - meraki_mr_firmware
Vulnerability from fkie_nvd
Published
2014-12-24 00:59
Modified
2024-11-21 02:18
Severity ?
Summary
Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow physically proximate attackers to obtain shell access by opening a device's case and connecting a cable to a serial port, aka Cisco-Meraki defect ID 00302077.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | meraki_mx_firmware | * | |
| cisco | meraki_mx | - | |
| cisco | meraki_ms_firmware | * | |
| cisco | meraki_ms | - | |
| cisco | meraki_mr_firmware | * | |
| cisco | meraki_mr | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:meraki_mx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "79D2AAC3-76F0-435D-9AE4-0F46775C46BF",
"versionEndIncluding": "2014-09-24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43B23A83-E4ED-486F-8D7B-36A15C30564B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:meraki_ms_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8A040DC-DDDD-4408-A7E3-2D2E2EA140EE",
"versionEndIncluding": "2014-09-24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_ms:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06E18353-AF89-46C7-BE78-4F80D4992C30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:meraki_mr_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6576CBB7-4493-42CA-B2F1-1B3CC752454F",
"versionEndIncluding": "2014-09-24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "361C9901-DADE-4AA2-90F0-19A510164EB5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow physically proximate attackers to obtain shell access by opening a device\u0027s case and connecting a cable to a serial port, aka Cisco-Meraki defect ID 00302077."
},
{
"lang": "es",
"value": "Los dispositivos Cisco-Meraki MS, MR y MX con firmware anterior a 2014-09-24 permiten a atacantes f\u00edsicamente cercanos obtener acceso shell mediante la apertura de la caja y conexi\u00f3n a trav\u00e9s del puerto serial, tambi\u00e9n conocido como Cisco-Meraki defect ID 00302077."
}
],
"id": "CVE-2014-7995",
"lastModified": "2024-11-21T02:18:23.833",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-12-24T00:59:02.423",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=36799"
},
{
"source": "ykramarz@cisco.com",
"url": "https://dashboard.meraki.com/firmware_security"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=36799"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://dashboard.meraki.com/firmware_security"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-12-24 00:59
Modified
2024-11-21 02:18
Severity ?
Summary
Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow remote attackers to obtain sensitive credential information by leveraging unspecified HTTP handler access on the local network, aka Cisco-Meraki defect ID 00302012.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | meraki_mx_firmware | * | |
| cisco | meraki_mx | * | |
| cisco | meraki_mr_firmware | * | |
| cisco | meraki_mr | * | |
| cisco | meraki_ms_firmware | * | |
| cisco | meraki_ms | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:meraki_mx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "79D2AAC3-76F0-435D-9AE4-0F46775C46BF",
"versionEndIncluding": "2014-09-24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mx:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6FE0ADF6-6416-4672-A360-70E616322C62",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:meraki_mr_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6576CBB7-4493-42CA-B2F1-1B3CC752454F",
"versionEndIncluding": "2014-09-24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E31861FE-504A-4E7F-B2E4-3482E1E9387E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:meraki_ms_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8A040DC-DDDD-4408-A7E3-2D2E2EA140EE",
"versionEndIncluding": "2014-09-24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_ms:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9D4F6B8E-DD9F-433F-9A94-286E5E5361AF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow remote attackers to obtain sensitive credential information by leveraging unspecified HTTP handler access on the local network, aka Cisco-Meraki defect ID 00302012."
},
{
"lang": "es",
"value": "Los dispositivos Cisco-Meraki MS, MR y MX con firmware anrerior a 2014-09-24 permiten a atacantes remotos obtener informaci\u00f3n sensible de credenciales aprovechando un manejador de acceso HTTP no especificado em \u00f1a red local, tambi\u00e9n conocido como Cisco-Meraki defect ID 00302012."
}
],
"id": "CVE-2014-7993",
"lastModified": "2024-11-21T02:18:23.620",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-12-24T00:59:00.063",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=36797"
},
{
"source": "ykramarz@cisco.com",
"url": "https://dashboard.meraki.com/firmware_security"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=36797"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://dashboard.meraki.com/firmware_security"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-12-24 00:59
Modified
2024-11-21 02:18
Severity ?
Summary
Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow remote attackers to execute arbitrary commands by leveraging knowledge of a cross-device secret and a per-device secret, and sending a request to an unspecified HTTP handler on the local network, aka Cisco-Meraki defect ID 00301991.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | meraki_mr_firmware | * | |
| cisco | meraki_mr | - | |
| cisco | meraki_mx_firmware | * | |
| cisco | meraki_mx | - | |
| cisco | meraki_ms_firmware | * | |
| cisco | meraki_ms | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:meraki_mr_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6576CBB7-4493-42CA-B2F1-1B3CC752454F",
"versionEndIncluding": "2014-09-24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "361C9901-DADE-4AA2-90F0-19A510164EB5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:meraki_mx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "79D2AAC3-76F0-435D-9AE4-0F46775C46BF",
"versionEndIncluding": "2014-09-24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43B23A83-E4ED-486F-8D7B-36A15C30564B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:meraki_ms_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8A040DC-DDDD-4408-A7E3-2D2E2EA140EE",
"versionEndIncluding": "2014-09-24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_ms:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06E18353-AF89-46C7-BE78-4F80D4992C30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow remote attackers to execute arbitrary commands by leveraging knowledge of a cross-device secret and a per-device secret, and sending a request to an unspecified HTTP handler on the local network, aka Cisco-Meraki defect ID 00301991."
},
{
"lang": "es",
"value": "Los dispositivos Cisco-Meraki MS, MR y MX con firmware anterior a 2014-09-24 permiten a atacantes remotos ejecutar comandos arbitrarios mediante el aprovechamiento del conocimiento de un secreto del tipo entre dispositivos y por dispositivos, mandando una petici\u00f3n hacia un manejador HTTP no especificado en la red local, tambi\u00e9n conocido como Cisco-Meraki defect ID 00301991."
}
],
"id": "CVE-2014-7994",
"lastModified": "2024-11-21T02:18:23.730",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 5.5,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-12-24T00:59:01.547",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=36798"
},
{
"source": "ykramarz@cisco.com",
"url": "https://dashboard.meraki.com/firmware_security"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=36798"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://dashboard.meraki.com/firmware_security"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-12-24 00:59
Modified
2024-11-21 02:18
Severity ?
Summary
Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow remote authenticated users to install arbitrary firmware by leveraging unspecified HTTP handler access on the local network, aka Cisco-Meraki defect ID 00478565.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | meraki_mr_firmware | * | |
| cisco | meraki_mr | - | |
| cisco | meraki_ms_firmware | * | |
| cisco | meraki_ms | - | |
| cisco | meraki_mx_firmware | * | |
| cisco | meraki_mx | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:meraki_mr_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6576CBB7-4493-42CA-B2F1-1B3CC752454F",
"versionEndIncluding": "2014-09-24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "361C9901-DADE-4AA2-90F0-19A510164EB5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:meraki_ms_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8A040DC-DDDD-4408-A7E3-2D2E2EA140EE",
"versionEndIncluding": "2014-09-24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_ms:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06E18353-AF89-46C7-BE78-4F80D4992C30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:meraki_mx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "79D2AAC3-76F0-435D-9AE4-0F46775C46BF",
"versionEndIncluding": "2014-09-24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43B23A83-E4ED-486F-8D7B-36A15C30564B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow remote authenticated users to install arbitrary firmware by leveraging unspecified HTTP handler access on the local network, aka Cisco-Meraki defect ID 00478565."
},
{
"lang": "es",
"value": "Los dispositivos Cisco-Meraki MS, MR y MX con firmware anterior a 2014-09-24 permiten a usuarios remotos autenticados instalar firmware arbitrario aprovechando un un manejador HTTP no especificado para accediendo desde la red local, tambi\u00e9n conocido como aka Cisco-Meraki defect ID 004785"
}
],
"id": "CVE-2014-7999",
"lastModified": "2024-11-21T02:18:24.277",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.7,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:A/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 5.1,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-12-24T00:59:03.343",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=36800"
},
{
"source": "ykramarz@cisco.com",
"url": "https://dashboard.meraki.com/firmware_security"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=36800"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://dashboard.meraki.com/firmware_security"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2014-7999
Vulnerability from cvelistv5
Published
2014-12-24 00:00
Modified
2024-08-06 13:10
Severity ?
EPSS score ?
Summary
Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow remote authenticated users to install arbitrary firmware by leveraging unspecified HTTP handler access on the local network, aka Cisco-Meraki defect ID 00478565.
References
| ▼ | URL | Tags |
|---|---|---|
| https://dashboard.meraki.com/firmware_security | x_refsource_CONFIRM | |
| http://tools.cisco.com/security/center/viewAlert.x?alertId=36800 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:10:49.477Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://dashboard.meraki.com/firmware_security"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=36800"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-12-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow remote authenticated users to install arbitrary firmware by leveraging unspecified HTTP handler access on the local network, aka Cisco-Meraki defect ID 00478565."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-12-24T00:57:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://dashboard.meraki.com/firmware_security"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=36800"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2014-7999",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow remote authenticated users to install arbitrary firmware by leveraging unspecified HTTP handler access on the local network, aka Cisco-Meraki defect ID 00478565."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://dashboard.meraki.com/firmware_security",
"refsource": "CONFIRM",
"url": "https://dashboard.meraki.com/firmware_security"
},
{
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=36800",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=36800"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2014-7999",
"datePublished": "2014-12-24T00:00:00",
"dateReserved": "2014-10-08T00:00:00",
"dateUpdated": "2024-08-06T13:10:49.477Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-7995
Vulnerability from cvelistv5
Published
2014-12-24 00:00
Modified
2024-08-06 13:03
Severity ?
EPSS score ?
Summary
Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow physically proximate attackers to obtain shell access by opening a device's case and connecting a cable to a serial port, aka Cisco-Meraki defect ID 00302077.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/viewAlert.x?alertId=36799 | x_refsource_CONFIRM | |
| https://dashboard.meraki.com/firmware_security | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:03:27.969Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=36799"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://dashboard.meraki.com/firmware_security"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-12-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow physically proximate attackers to obtain shell access by opening a device\u0027s case and connecting a cable to a serial port, aka Cisco-Meraki defect ID 00302077."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-12-24T00:57:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=36799"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://dashboard.meraki.com/firmware_security"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2014-7995",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow physically proximate attackers to obtain shell access by opening a device\u0027s case and connecting a cable to a serial port, aka Cisco-Meraki defect ID 00302077."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=36799",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=36799"
},
{
"name": "https://dashboard.meraki.com/firmware_security",
"refsource": "CONFIRM",
"url": "https://dashboard.meraki.com/firmware_security"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2014-7995",
"datePublished": "2014-12-24T00:00:00",
"dateReserved": "2014-10-08T00:00:00",
"dateUpdated": "2024-08-06T13:03:27.969Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-7993
Vulnerability from cvelistv5
Published
2014-12-24 00:00
Modified
2024-08-06 13:03
Severity ?
EPSS score ?
Summary
Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow remote attackers to obtain sensitive credential information by leveraging unspecified HTTP handler access on the local network, aka Cisco-Meraki defect ID 00302012.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/viewAlert.x?alertId=36797 | x_refsource_CONFIRM | |
| https://dashboard.meraki.com/firmware_security | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:03:27.707Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=36797"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://dashboard.meraki.com/firmware_security"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-12-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow remote attackers to obtain sensitive credential information by leveraging unspecified HTTP handler access on the local network, aka Cisco-Meraki defect ID 00302012."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-12-24T00:57:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=36797"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://dashboard.meraki.com/firmware_security"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2014-7993",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow remote attackers to obtain sensitive credential information by leveraging unspecified HTTP handler access on the local network, aka Cisco-Meraki defect ID 00302012."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=36797",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=36797"
},
{
"name": "https://dashboard.meraki.com/firmware_security",
"refsource": "CONFIRM",
"url": "https://dashboard.meraki.com/firmware_security"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2014-7993",
"datePublished": "2014-12-24T00:00:00",
"dateReserved": "2014-10-08T00:00:00",
"dateUpdated": "2024-08-06T13:03:27.707Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-7994
Vulnerability from cvelistv5
Published
2014-12-24 00:00
Modified
2024-08-06 13:03
Severity ?
EPSS score ?
Summary
Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow remote attackers to execute arbitrary commands by leveraging knowledge of a cross-device secret and a per-device secret, and sending a request to an unspecified HTTP handler on the local network, aka Cisco-Meraki defect ID 00301991.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/viewAlert.x?alertId=36798 | x_refsource_CONFIRM | |
| https://dashboard.meraki.com/firmware_security | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:03:27.650Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=36798"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://dashboard.meraki.com/firmware_security"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-12-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow remote attackers to execute arbitrary commands by leveraging knowledge of a cross-device secret and a per-device secret, and sending a request to an unspecified HTTP handler on the local network, aka Cisco-Meraki defect ID 00301991."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-12-24T00:57:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=36798"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://dashboard.meraki.com/firmware_security"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2014-7994",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow remote attackers to execute arbitrary commands by leveraging knowledge of a cross-device secret and a per-device secret, and sending a request to an unspecified HTTP handler on the local network, aka Cisco-Meraki defect ID 00301991."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=36798",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=36798"
},
{
"name": "https://dashboard.meraki.com/firmware_security",
"refsource": "CONFIRM",
"url": "https://dashboard.meraki.com/firmware_security"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2014-7994",
"datePublished": "2014-12-24T00:00:00",
"dateReserved": "2014-10-08T00:00:00",
"dateUpdated": "2024-08-06T13:03:27.650Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}