cvelistv5 - cve-2015-6314

CVE-2015-6314 (GCVE-0-2015-6314)

Vulnerability from cvelistv5 – Published: 2016-01-15 02:00 – Updated: 2024-08-06 07:15

Summary

Severity ?

No CVSS data available.

CWE

Assigner

cisco

References

URL

Tags

	http://tools.cisco.com/security/center/content/Ci…	vendor-advisoryx_refsource_CISCO
	http://www.securitytracker.com/id/1034665	vdb-entryx_refsource_SECTRACK

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T07:15:13.312Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20160113 Cisco Wireless LAN Controller Unauthorized Access Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-wlc"
          },
          {
            "name": "1034665",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1034665"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-01-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cisco Wireless LAN Controller (WLC) devices with software 7.6.x, 8.0 before 8.0.121.0, and 8.1 before 8.1.131.0 allow remote attackers to change configuration settings via unspecified vectors, aka Bug ID CSCuw06153."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-05T14:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20160113 Cisco Wireless LAN Controller Unauthorized Access Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-wlc"
        },
        {
          "name": "1034665",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1034665"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2015-6314",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cisco Wireless LAN Controller (WLC) devices with software 7.6.x, 8.0 before 8.0.121.0, and 8.1 before 8.1.131.0 allow remote attackers to change configuration settings via unspecified vectors, aka Bug ID CSCuw06153."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20160113 Cisco Wireless LAN Controller Unauthorized Access Vulnerability",
              "refsource": "CISCO",
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-wlc"
            },
            {
              "name": "1034665",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1034665"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2015-6314",
    "datePublished": "2016-01-15T02:00:00",
    "dateReserved": "2015-08-17T00:00:00",
    "dateUpdated": "2024-08-06T07:15:13.312Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:wireless_lan_controller_software:8.0.72.140:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C7FFA694-78D1-48A6-BFAC-EB101A636AC3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:wireless_lan_controller_software:8.0_base:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C09ED8EE-585B-4F50-904E-80FCFE5C42FD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:wireless_lan_controller_software:8.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"25C3A2CC-0866-464E-A7EA-8D34F5546850\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:wireless_lan_controller_software:8.1.104.37:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"30BE3919-8BA7-479B-8029-C5E60D389DCF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:wireless_lan_controller_software:8.1.111.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1BF67858-F727-4B8A-98B4-96A20FD02022\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:wireless_lan_controller_software:8.1.122.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"66817152-8AB3-47A3-8803-FF1B5D8EDDE6\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Cisco Wireless LAN Controller (WLC) devices with software 7.6.x, 8.0 before 8.0.121.0, and 8.1 before 8.1.131.0 allow remote attackers to change configuration settings via unspecified vectors, aka Bug ID CSCuw06153.\"}, {\"lang\": \"es\", \"value\": \"Dispositivos Cisco Wireless LAN Controller (WLC) con software 7.6.x, 8.0 en versiones anteriores a 8.0.121.0 y 8.1 en versiones anteriores a 8.1.131.0 permiten a atacantes remotos cambiar los ajustes de configuraci\\u00f3n a trav\\u00e9s de vectores no especificados, tambi\\u00e9n conocido como Bug ID CSCuw06153.\"}]",
      "id": "CVE-2015-6314",
      "lastModified": "2024-11-21T02:34:45.787",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 10.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false}]}",
      "published": "2016-01-15T03:59:05.153",
      "references": "[{\"url\": \"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-wlc\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securitytracker.com/id/1034665\", \"source\": \"ykramarz@cisco.com\"}, {\"url\": \"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-wlc\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securitytracker.com/id/1034665\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "ykramarz@cisco.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-287\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2015-6314\",\"sourceIdentifier\":\"psirt@cisco.com\",\"published\":\"2016-01-15T03:59:05.153\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Cisco Wireless LAN Controller (WLC) devices with software 7.6.x, 8.0 before 8.0.121.0, and 8.1 before 8.1.131.0 allow remote attackers to change configuration settings via unspecified vectors, aka Bug ID CSCuw06153.\"},{\"lang\":\"es\",\"value\":\"Dispositivos Cisco Wireless LAN Controller (WLC) con software 7.6.x, 8.0 en versiones anteriores a 8.0.121.0 y 8.1 en versiones anteriores a 8.1.131.0 permiten a atacantes remotos cambiar los ajustes de configuraci\u00f3n a trav\u00e9s de vectores no especificados, tambi\u00e9n conocido como Bug ID CSCuw06153.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":10.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-287\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:wireless_lan_controller_software:8.0.72.140:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7FFA694-78D1-48A6-BFAC-EB101A636AC3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:wireless_lan_controller_software:8.0_base:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C09ED8EE-585B-4F50-904E-80FCFE5C42FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:wireless_lan_controller_software:8.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25C3A2CC-0866-464E-A7EA-8D34F5546850\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:wireless_lan_controller_software:8.1.104.37:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"30BE3919-8BA7-479B-8029-C5E60D389DCF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:wireless_lan_controller_software:8.1.111.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1BF67858-F727-4B8A-98B4-96A20FD02022\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:wireless_lan_controller_software:8.1.122.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"66817152-8AB3-47A3-8803-FF1B5D8EDDE6\"}]}]}],\"references\":[{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-wlc\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securitytracker.com/id/1034665\",\"source\":\"psirt@cisco.com\"},{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-wlc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securitytracker.com/id/1034665\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

GHSA-XG4P-HRWG-FQJ6

Vulnerability from github – Published: 2022-05-13 01:10 – Updated: 2022-05-13 01:10

Details

Severity ?

9.8 (Critical)


                  
                    CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2015-6314"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-287"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2016-01-15T03:59:00Z",
    "severity": "CRITICAL"
  },
  "details": "Cisco Wireless LAN Controller (WLC) devices with software 7.6.x, 8.0 before 8.0.121.0, and 8.1 before 8.1.131.0 allow remote attackers to change configuration settings via unspecified vectors, aka Bug ID CSCuw06153.",
  "id": "GHSA-xg4p-hrwg-fqj6",
  "modified": "2022-05-13T01:10:47Z",
  "published": "2022-05-13T01:10:47Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-6314"
    },
    {
      "type": "WEB",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-wlc"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1034665"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

FKIE_CVE-2015-6314

Vulnerability from fkie_nvd - Published: 2016-01-15 03:59 - Updated: 2025-04-12 10:46

Severity ?

9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
psirt@cisco.com	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-wlc	Vendor Advisory
psirt@cisco.com	http://www.securitytracker.com/id/1034665
af854a3a-2127-422b-91ae-364da2661108	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-wlc	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1034665

Impacted products

Vendor	Product	Version
cisco	wireless_lan_controller_software	8.0.72.140
cisco	wireless_lan_controller_software	8.0_base
cisco	wireless_lan_controller_software	8.1.0
cisco	wireless_lan_controller_software	8.1.104.37
cisco	wireless_lan_controller_software	8.1.111.0
cisco	wireless_lan_controller_software	8.1.122.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:wireless_lan_controller_software:8.0.72.140:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7FFA694-78D1-48A6-BFAC-EB101A636AC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:wireless_lan_controller_software:8.0_base:*:*:*:*:*:*:*",
              "matchCriteriaId": "C09ED8EE-585B-4F50-904E-80FCFE5C42FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:wireless_lan_controller_software:8.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "25C3A2CC-0866-464E-A7EA-8D34F5546850",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:wireless_lan_controller_software:8.1.104.37:*:*:*:*:*:*:*",
              "matchCriteriaId": "30BE3919-8BA7-479B-8029-C5E60D389DCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:wireless_lan_controller_software:8.1.111.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BF67858-F727-4B8A-98B4-96A20FD02022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:wireless_lan_controller_software:8.1.122.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "66817152-8AB3-47A3-8803-FF1B5D8EDDE6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cisco Wireless LAN Controller (WLC) devices with software 7.6.x, 8.0 before 8.0.121.0, and 8.1 before 8.1.131.0 allow remote attackers to change configuration settings via unspecified vectors, aka Bug ID CSCuw06153."
    },
    {
      "lang": "es",
      "value": "Dispositivos Cisco Wireless LAN Controller (WLC) con software 7.6.x, 8.0 en versiones anteriores a 8.0.121.0 y 8.1 en versiones anteriores a 8.1.131.0 permiten a atacantes remotos cambiar los ajustes de configuraci\u00f3n a trav\u00e9s de vectores no especificados, tambi\u00e9n conocido como Bug ID CSCuw06153."
    }
  ],
  "id": "CVE-2015-6314",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-01-15T03:59:05.153",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-wlc"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securitytracker.com/id/1034665"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-wlc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1034665"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CNVD-2016-00370

Vulnerability from cnvd - Published: 2016-01-20

Title

Cisco Wireless LAN Controller未授权访问漏洞

Description

Cisco WLC 负责全系统的无线LAN功能，例如安全策略、入侵保护、RF管理，服务质量和移动性。 Cisco Wireless LAN Controller (WLC)软件存在未授权访问漏洞，可使未经身份验证的远程攻击者利用此漏洞修改设备的配置。

Severity

高

Patch Name

Cisco Wireless LAN Controller未授权访问漏洞的补丁

Patch Description

Cisco WLC 负责全系统的无线LAN功能，例如安全策略、入侵保护、RF管理，服务质量和移动性。 Cisco Wireless LAN Controller (WLC)软件存在未授权访问漏洞，可使未经身份验证的远程攻击者利用此漏洞修改设备的配置。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已经发布升级补丁/版本以修复这个安全问题，请用户及时下载更新： http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-wlc

Reference

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6314

Impacted products

Name
['Cisco Wireless LAN Controller (WLC) 7.6.x', 'Cisco Wireless LAN Controller (WLC) 8.0(<8.0.121.0)', 'Cisco Wireless LAN Controller (WLC) 8.1(< 8.1.131.0)']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2015-6314"
    }
  },
  "description": "Cisco WLC \u8d1f\u8d23\u5168\u7cfb\u7edf\u7684\u65e0\u7ebfLAN\u529f\u80fd\uff0c\u4f8b\u5982\u5b89\u5168\u7b56\u7565\u3001\u5165\u4fb5\u4fdd\u62a4\u3001RF\u7ba1\u7406\uff0c\u670d\u52a1\u8d28\u91cf\u548c\u79fb\u52a8\u6027\u3002\r\n\r\nCisco Wireless LAN Controller (WLC)\u8f6f\u4ef6\u5b58\u5728\u672a\u6388\u6743\u8bbf\u95ee\u6f0f\u6d1e\uff0c\u53ef\u4f7f\u672a\u7ecf\u8eab\u4efd\u9a8c\u8bc1\u7684\u8fdc\u7a0b\u653b\u51fb\u8005\u5229\u7528\u6b64\u6f0f\u6d1e\u4fee\u6539\u8bbe\u5907\u7684\u914d\u7f6e\u3002",
  "discovererName": "Cisco",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u5347\u7ea7\u8865\u4e01/\u7248\u672c\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u7528\u6237\u53ca\u65f6\u4e0b\u8f7d\u66f4\u65b0\uff1a\r\nhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-wlc",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-00370",
  "openTime": "2016-01-20",
  "patchDescription": "Cisco WLC \u8d1f\u8d23\u5168\u7cfb\u7edf\u7684\u65e0\u7ebfLAN\u529f\u80fd\uff0c\u4f8b\u5982\u5b89\u5168\u7b56\u7565\u3001\u5165\u4fb5\u4fdd\u62a4\u3001RF\u7ba1\u7406\uff0c\u670d\u52a1\u8d28\u91cf\u548c\u79fb\u52a8\u6027\u3002\r\n\r\nCisco Wireless LAN Controller (WLC)\u8f6f\u4ef6\u5b58\u5728\u672a\u6388\u6743\u8bbf\u95ee\u6f0f\u6d1e\uff0c\u53ef\u4f7f\u672a\u7ecf\u8eab\u4efd\u9a8c\u8bc1\u7684\u8fdc\u7a0b\u653b\u51fb\u8005\u5229\u7528\u6b64\u6f0f\u6d1e\u4fee\u6539\u8bbe\u5907\u7684\u914d\u7f6e\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cisco Wireless LAN Controller\u672a\u6388\u6743\u8bbf\u95ee\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Cisco Wireless LAN Controller (WLC) 7.6.x",
      "Cisco Wireless LAN Controller (WLC) 8.0(\u003c8.0.121.0)",
      "Cisco Wireless LAN Controller (WLC) 8.1(\u003c 8.1.131.0)"
    ]
  },
  "referenceLink": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6314",
  "serverity": "\u9ad8",
  "submitTime": "2016-01-14",
  "title": "Cisco Wireless LAN Controller\u672a\u6388\u6743\u8bbf\u95ee\u6f0f\u6d1e"
}

VAR-201601-0001

Vulnerability from variot - Updated: 2023-12-18 13:24

Cisco Wireless LAN Controller (WLC) devices with software 7.6.x, 8.0 before 8.0.121.0, and 8.1 before 8.1.131.0 allow remote attackers to change configuration settings via unspecified vectors, aka Bug ID CSCuw06153. Vendors have confirmed this vulnerability Bug ID CSCuw06153 It is released as.The configuration settings may be changed by a third party. The Cisco WLC is responsible for system-wide wireless LAN functions such as security policy, intrusion protection, RF management, quality of service, and mobility. This may allow an attacker to take complete control of the device. This issue is being tracked by Cisco Bug ID CSCuw06153. The following versions are affected: Cisco WLC 7.6.120.0 and above, 8.0 and above, 8.1 and above

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201601-0001",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "wireless lan controller software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "8.1.104.37"
      },
      {
        "model": "wireless lan controller software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "8.1.111.0"
      },
      {
        "model": "wireless lan controller software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "8.0_base"
      },
      {
        "model": "wireless lan controller software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "8.1.0"
      },
      {
        "model": "wireless lan controller software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "8.0.72.140"
      },
      {
        "model": "wireless lan controller software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "8.1.122.0"
      },
      {
        "model": "wireless lan controller software",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "8.1"
      },
      {
        "model": "wireless lan controller software",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "8.0.121.0"
      },
      {
        "model": "wireless lan controller software",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "7.6.x"
      },
      {
        "model": "wireless lan controller software",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "8.0"
      },
      {
        "model": "wireless lan controller software",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "8.1.131.0"
      },
      {
        "model": "wireless lan controller",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "7.6.x"
      },
      {
        "model": "wireless lan controller",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "8.0(\u003c8.0.121.0)"
      },
      {
        "model": "wireless lan controller",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "8.1(\u003c8.1.131.0)"
      },
      {
        "model": "wireless lan controller software",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "7.6.120.0"
      },
      {
        "model": "wireless lan controller software",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "8.0.115.0"
      },
      {
        "model": "wireless lan controller software",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "8.0.120.0"
      },
      {
        "model": "wireless lan controller software",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "8.0.100"
      },
      {
        "model": "wireless lan controller software",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "7.6.130.0"
      },
      {
        "model": "wireless lan controller",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.0"
      },
      {
        "model": "wireless lan controller",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.1"
      },
      {
        "model": "wireless lan controller",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.6.120.0"
      },
      {
        "model": "wireless lan controller",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.1.131.0"
      },
      {
        "model": "wireless lan controller",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.0.121.0"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-00370"
      },
      {
        "db": "BID",
        "id": "80499"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006807"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-6314"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201601-261"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:cisco:wireless_lan_controller_software:8.0_base:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:wireless_lan_controller_software:8.1.104.37:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:wireless_lan_controller_software:8.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:wireless_lan_controller_software:8.1.122.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:wireless_lan_controller_software:8.1.111.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:wireless_lan_controller_software:8.0.72.140:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2015-6314"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco",
    "sources": [
      {
        "db": "BID",
        "id": "80499"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201601-261"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2015-6314",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 10.0,
            "confidentialityImpact": "Complete",
            "exploitabilityScore": null,
            "id": "CVE-2015-6314",
            "impactScore": null,
            "integrityImpact": "Complete",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.9,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2016-00370",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "VHN-84275",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2015-6314",
            "trust": 1.0,
            "value": "CRITICAL"
          },
          {
            "author": "NVD",
            "id": "CVE-2015-6314",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2016-00370",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201601-261",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "VULHUB",
            "id": "VHN-84275",
            "trust": 0.1,
            "value": "HIGH"
          },
          {
            "author": "VULMON",
            "id": "CVE-2015-6314",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-00370"
      },
      {
        "db": "VULHUB",
        "id": "VHN-84275"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-6314"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006807"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-6314"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201601-261"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco Wireless LAN Controller (WLC) devices with software 7.6.x, 8.0 before 8.0.121.0, and 8.1 before 8.1.131.0 allow remote attackers to change configuration settings via unspecified vectors, aka Bug ID CSCuw06153. Vendors have confirmed this vulnerability Bug ID CSCuw06153 It is released as.The configuration settings may be changed by a third party. The Cisco WLC is responsible for system-wide wireless LAN functions such as security policy, intrusion protection, RF management, quality of service, and mobility. This may allow an attacker to take complete control of the device. \nThis issue is being tracked by Cisco Bug ID CSCuw06153. The following versions are affected: Cisco WLC 7.6.120.0 and above, 8.0 and above, 8.1 and above",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2015-6314"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006807"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-00370"
      },
      {
        "db": "BID",
        "id": "80499"
      },
      {
        "db": "VULHUB",
        "id": "VHN-84275"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-6314"
      }
    ],
    "trust": 2.61
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2015-6314",
        "trust": 3.5
      },
      {
        "db": "SECTRACK",
        "id": "1034665",
        "trust": 1.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006807",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201601-261",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-00370",
        "trust": 0.6
      },
      {
        "db": "BID",
        "id": "80499",
        "trust": 0.5
      },
      {
        "db": "VULHUB",
        "id": "VHN-84275",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-6314",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-00370"
      },
      {
        "db": "VULHUB",
        "id": "VHN-84275"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-6314"
      },
      {
        "db": "BID",
        "id": "80499"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006807"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-6314"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201601-261"
      }
    ]
  },
  "id": "VAR-201601-0001",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-00370"
      },
      {
        "db": "VULHUB",
        "id": "VHN-84275"
      }
    ],
    "trust": 1.2126263
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-00370"
      }
    ]
  },
  "last_update_date": "2023-12-18T13:24:40.078000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "cisco-sa-20160113-wlc",
        "trust": 0.8,
        "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160113-wlc"
      },
      {
        "title": "CiscoWirelessLANController is not authorized to access the patch for the vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/70263"
      },
      {
        "title": "Cisco Wireless LAN Controller Remediation measures for authorization problem vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=59603"
      },
      {
        "title": "The Register",
        "trust": 0.2,
        "url": "https://www.theregister.co.uk/2016/01/13/cisco_admins_gear_up_for_a_late_night/"
      },
      {
        "title": "Cisco: Cisco Wireless LAN Controller Unauthorized Access Vulnerability",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20160113-wlc"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-00370"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-6314"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006807"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201601-261"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-287",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-84275"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006807"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-6314"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.2,
        "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160113-wlc"
      },
      {
        "trust": 1.8,
        "url": "http://www.securitytracker.com/id/1034665"
      },
      {
        "trust": 1.4,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6314"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6314"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com/"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/287.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://www.securityfocus.com/bid/80499"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-00370"
      },
      {
        "db": "VULHUB",
        "id": "VHN-84275"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-6314"
      },
      {
        "db": "BID",
        "id": "80499"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006807"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-6314"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201601-261"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-00370"
      },
      {
        "db": "VULHUB",
        "id": "VHN-84275"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-6314"
      },
      {
        "db": "BID",
        "id": "80499"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006807"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-6314"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201601-261"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-01-20T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2016-00370"
      },
      {
        "date": "2016-01-15T00:00:00",
        "db": "VULHUB",
        "id": "VHN-84275"
      },
      {
        "date": "2016-01-15T00:00:00",
        "db": "VULMON",
        "id": "CVE-2015-6314"
      },
      {
        "date": "2016-01-13T00:00:00",
        "db": "BID",
        "id": "80499"
      },
      {
        "date": "2016-01-21T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2015-006807"
      },
      {
        "date": "2016-01-15T03:59:05.153000",
        "db": "NVD",
        "id": "CVE-2015-6314"
      },
      {
        "date": "2016-01-15T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201601-261"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-01-20T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2016-00370"
      },
      {
        "date": "2016-12-07T00:00:00",
        "db": "VULHUB",
        "id": "VHN-84275"
      },
      {
        "date": "2021-04-16T00:00:00",
        "db": "VULMON",
        "id": "CVE-2015-6314"
      },
      {
        "date": "2016-01-13T00:00:00",
        "db": "BID",
        "id": "80499"
      },
      {
        "date": "2016-01-21T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2015-006807"
      },
      {
        "date": "2021-04-16T17:26:41.950000",
        "db": "NVD",
        "id": "CVE-2015-6314"
      },
      {
        "date": "2021-04-19T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201601-261"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201601-261"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco Wireless LAN Controller Vulnerability in changing configuration settings in device software",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006807"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "authorization issue",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201601-261"
      }
    ],
    "trust": 0.6
  }
}

CERTFR-2016-AVI-021

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans les produits Cisco. Elles permettent à un attaquant de provoquer un déni de service à distance, un contournement de la politique de sécurité et une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Cisco	N/A	Contrôleurs sans fil Cisco séries 2500
Cisco	N/A	Contrôleurs sans fil Cisco virtuels
Cisco	N/A	Contrôleurs sans fil Cisco Flex séries 7500
Cisco	N/A	points d'accès Cisco Aironet séries 1830i
Cisco	N/A	points d'accès Cisco Aironet séries 1850e
Cisco	N/A	Cisco ISE versions 1.3 antérieures au patch 5
Cisco	N/A	Contrôleurs sans fil Cisco séries 8500
Cisco	N/A	Cisco ISE versions 1.4 antérieures au patch 4
Cisco	N/A	Contrôleurs sans fil Cisco séries 5500
Cisco	N/A	points d'accès Cisco Aironet séries 1850i
Cisco	N/A	Cisco ISE versions 1.2 antérieures au patch 17
Cisco	N/A	Cisco ISE version 1.1
Cisco	N/A	Cisco ISE versions 1.2.1 antérieures au patch 8
Cisco	N/A	Cisco ISE antéreur à la version 2.0
Cisco	N/A	points d'accès Cisco Aironet séries 1830e

References

Title

Publication Time

Tags

Bulletin de sécurité Cisco cisco-sa-20160113-aironet du 13 janvier 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20160113-wlc du 13 janvier 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20160113-ise du 13 janvier 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20160113-ise2 du 13 janvier 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20160113-air du 13 janvier 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20160113-aironet du 13 janvier 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20160113-ise du 13 janvier 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20160113-wlc du 13 janvier 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20160113-air du 13 janvier 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20160113-ise2 du 13 janvier 2016	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Contr\u00f4leurs sans fil Cisco s\u00e9ries 2500",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Contr\u00f4leurs sans fil Cisco virtuels",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Contr\u00f4leurs sans fil Cisco Flex s\u00e9ries 7500",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "points d\u0027acc\u00e8s Cisco Aironet s\u00e9ries 1830i",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "points d\u0027acc\u00e8s Cisco Aironet s\u00e9ries 1850e",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco ISE versions 1.3 ant\u00e9rieures au patch 5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Contr\u00f4leurs sans fil Cisco s\u00e9ries 8500",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco ISE versions 1.4 ant\u00e9rieures au patch 4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Contr\u00f4leurs sans fil Cisco s\u00e9ries 5500",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "points d\u0027acc\u00e8s Cisco Aironet s\u00e9ries 1850i",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco ISE versions 1.2 ant\u00e9rieures au patch 17",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco ISE version 1.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco ISE versions 1.2.1 ant\u00e9rieures au patch 8",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco ISE ant\u00e9reur \u00e0 la version 2.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "points d\u0027acc\u00e8s Cisco Aironet s\u00e9ries 1830e",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2015-6317",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6317"
    },
    {
      "name": "CVE-2015-6314",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6314"
    },
    {
      "name": "CVE-2015-6320",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6320"
    },
    {
      "name": "CVE-2015-6323",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6323"
    },
    {
      "name": "CVE-2015-6336",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6336"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160113-aironet du 13    janvier 2016",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-aironet"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160113-ise du 13    janvier 2016",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-ise"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160113-wlc du 13    janvier 2016",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-wlc"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160113-air du 13    janvier 2016",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-air"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160113-ise2 du 13    janvier 2016",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-ise2"
    }
  ],
  "reference": "CERTFR-2016-AVI-021",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2016-01-14T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eles produits Cisco\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer un d\u00e9ni de service \u00e0 distance, un contournement\nde la politique de s\u00e9curit\u00e9 et une atteinte \u00e0 la confidentialit\u00e9 des\ndonn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Cisco",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160113-aironet du 13 janvier 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160113-wlc du 13 janvier 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160113-ise du 13 janvier 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160113-ise2 du 13 janvier 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160113-air du 13 janvier 2016",
      "url": null
    }
  ]
}

CERTFR-2016-AVI-021

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Cisco	N/A	Contrôleurs sans fil Cisco séries 2500
Cisco	N/A	Contrôleurs sans fil Cisco virtuels
Cisco	N/A	Contrôleurs sans fil Cisco Flex séries 7500
Cisco	N/A	points d'accès Cisco Aironet séries 1830i
Cisco	N/A	points d'accès Cisco Aironet séries 1850e
Cisco	N/A	Cisco ISE versions 1.3 antérieures au patch 5
Cisco	N/A	Contrôleurs sans fil Cisco séries 8500
Cisco	N/A	Cisco ISE versions 1.4 antérieures au patch 4
Cisco	N/A	Contrôleurs sans fil Cisco séries 5500
Cisco	N/A	points d'accès Cisco Aironet séries 1850i
Cisco	N/A	Cisco ISE versions 1.2 antérieures au patch 17
Cisco	N/A	Cisco ISE version 1.1
Cisco	N/A	Cisco ISE versions 1.2.1 antérieures au patch 8
Cisco	N/A	Cisco ISE antéreur à la version 2.0
Cisco	N/A	points d'accès Cisco Aironet séries 1830e

References

Title

Publication Time

Tags

Bulletin de sécurité Cisco cisco-sa-20160113-aironet du 13 janvier 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20160113-wlc du 13 janvier 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20160113-ise du 13 janvier 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20160113-ise2 du 13 janvier 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20160113-air du 13 janvier 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20160113-aironet du 13 janvier 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20160113-ise du 13 janvier 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20160113-wlc du 13 janvier 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20160113-air du 13 janvier 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20160113-ise2 du 13 janvier 2016	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Contr\u00f4leurs sans fil Cisco s\u00e9ries 2500",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Contr\u00f4leurs sans fil Cisco virtuels",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Contr\u00f4leurs sans fil Cisco Flex s\u00e9ries 7500",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "points d\u0027acc\u00e8s Cisco Aironet s\u00e9ries 1830i",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "points d\u0027acc\u00e8s Cisco Aironet s\u00e9ries 1850e",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco ISE versions 1.3 ant\u00e9rieures au patch 5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Contr\u00f4leurs sans fil Cisco s\u00e9ries 8500",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco ISE versions 1.4 ant\u00e9rieures au patch 4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Contr\u00f4leurs sans fil Cisco s\u00e9ries 5500",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "points d\u0027acc\u00e8s Cisco Aironet s\u00e9ries 1850i",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco ISE versions 1.2 ant\u00e9rieures au patch 17",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco ISE version 1.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco ISE versions 1.2.1 ant\u00e9rieures au patch 8",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco ISE ant\u00e9reur \u00e0 la version 2.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "points d\u0027acc\u00e8s Cisco Aironet s\u00e9ries 1830e",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2015-6317",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6317"
    },
    {
      "name": "CVE-2015-6314",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6314"
    },
    {
      "name": "CVE-2015-6320",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6320"
    },
    {
      "name": "CVE-2015-6323",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6323"
    },
    {
      "name": "CVE-2015-6336",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6336"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160113-aironet du 13    janvier 2016",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-aironet"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160113-ise du 13    janvier 2016",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-ise"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160113-wlc du 13    janvier 2016",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-wlc"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160113-air du 13    janvier 2016",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-air"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160113-ise2 du 13    janvier 2016",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-ise2"
    }
  ],
  "reference": "CERTFR-2016-AVI-021",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2016-01-14T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eles produits Cisco\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer un d\u00e9ni de service \u00e0 distance, un contournement\nde la politique de s\u00e9curit\u00e9 et une atteinte \u00e0 la confidentialit\u00e9 des\ndonn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Cisco",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160113-aironet du 13 janvier 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160113-wlc du 13 janvier 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160113-ise du 13 janvier 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160113-ise2 du 13 janvier 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160113-air du 13 janvier 2016",
      "url": null
    }
  ]
}

GSD-2015-6314

Vulnerability from gsd - Updated: 2023-12-13 01:20

Details

Aliases

CVE-2015-6314

Aliases

CVE-2015-6314

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2015-6314",
    "description": "Cisco Wireless LAN Controller (WLC) devices with software 7.6.x, 8.0 before 8.0.121.0, and 8.1 before 8.1.131.0 allow remote attackers to change configuration settings via unspecified vectors, aka Bug ID CSCuw06153.",
    "id": "GSD-2015-6314"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2015-6314"
      ],
      "details": "Cisco Wireless LAN Controller (WLC) devices with software 7.6.x, 8.0 before 8.0.121.0, and 8.1 before 8.1.131.0 allow remote attackers to change configuration settings via unspecified vectors, aka Bug ID CSCuw06153.",
      "id": "GSD-2015-6314",
      "modified": "2023-12-13T01:20:04.293531Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "ID": "CVE-2015-6314",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Cisco Wireless LAN Controller (WLC) devices with software 7.6.x, 8.0 before 8.0.121.0, and 8.1 before 8.1.131.0 allow remote attackers to change configuration settings via unspecified vectors, aka Bug ID CSCuw06153."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "20160113 Cisco Wireless LAN Controller Unauthorized Access Vulnerability",
            "refsource": "CISCO",
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-wlc"
          },
          {
            "name": "1034665",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1034665"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:cisco:wireless_lan_controller_software:8.0_base:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:wireless_lan_controller_software:8.1.104.37:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:wireless_lan_controller_software:8.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:wireless_lan_controller_software:8.1.122.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:wireless_lan_controller_software:8.1.111.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:wireless_lan_controller_software:8.0.72.140:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2015-6314"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Cisco Wireless LAN Controller (WLC) devices with software 7.6.x, 8.0 before 8.0.121.0, and 8.1 before 8.1.131.0 allow remote attackers to change configuration settings via unspecified vectors, aka Bug ID CSCuw06153."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-287"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20160113 Cisco Wireless LAN Controller Unauthorized Access Vulnerability",
              "refsource": "CISCO",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-wlc"
            },
            {
              "name": "1034665",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id/1034665"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH"
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2021-04-16T17:26Z",
      "publishedDate": "2016-01-15T03:59Z"
    }
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2015-6314 (GCVE-0-2015-6314)

GHSA-XG4P-HRWG-FQJ6

FKIE_CVE-2015-6314

CNVD-2016-00370

VAR-201601-0001

CERTFR-2016-AVI-021

Solution

CERTFR-2016-AVI-021

Solution

GSD-2015-6314

Tags

Sightings

Nomenclature