var-201506-0312
Vulnerability from variot
Cisco Wireless LAN Controller (WLC) devices with software 7.0(240.0) allow local users to execute arbitrary OS commands in a privileged context via crafted CLI commands, aka Bug ID CSCuj39474. OS A command execution vulnerability exists. The product provides security policy, intrusion detection and other functions in the wireless LAN. A security vulnerability exists in Cisco WLC devices that use version 7.0 (240.0) software. Successful exploits may compromise the affected device. This issue being tracked by Cisco Bug ID CSCuj39474
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201506-0312",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wireless lan controller software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "7.0\\(240.0\\)"
},
{
"model": "wireless lan controller software",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "7.0(240.0)"
},
{
"model": "wireless lan controller devices with software",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.0(240.0)"
},
{
"model": "wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.0(240.0)"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-04193"
},
{
"db": "BID",
"id": "75415"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003289"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-576"
},
{
"db": "NVD",
"id": "CVE-2015-4224"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:cisco:wireless_lan_controller_software",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-003289"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco",
"sources": [
{
"db": "BID",
"id": "75415"
}
],
"trust": 0.3
},
"cve": "CVE-2015-4224",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CVE-2015-4224",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.1,
"id": "CNVD-2015-04193",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-82185",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-4224",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-4224",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2015-04193",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201506-576",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-82185",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-04193"
},
{
"db": "VULHUB",
"id": "VHN-82185"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003289"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-576"
},
{
"db": "NVD",
"id": "CVE-2015-4224"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Wireless LAN Controller (WLC) devices with software 7.0(240.0) allow local users to execute arbitrary OS commands in a privileged context via crafted CLI commands, aka Bug ID CSCuj39474. OS A command execution vulnerability exists. The product provides security policy, intrusion detection and other functions in the wireless LAN. A security vulnerability exists in Cisco WLC devices that use version 7.0 (240.0) software. Successful exploits may compromise the affected device. \nThis issue being tracked by Cisco Bug ID CSCuj39474",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-4224"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003289"
},
{
"db": "CNVD",
"id": "CNVD-2015-04193"
},
{
"db": "BID",
"id": "75415"
},
{
"db": "VULHUB",
"id": "VHN-82185"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-4224",
"trust": 3.4
},
{
"db": "BID",
"id": "75415",
"trust": 1.4
},
{
"db": "SECTRACK",
"id": "1032728",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003289",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201506-576",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2015-04193",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-82185",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-04193"
},
{
"db": "VULHUB",
"id": "VHN-82185"
},
{
"db": "BID",
"id": "75415"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003289"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-576"
},
{
"db": "NVD",
"id": "CVE-2015-4224"
}
]
},
"id": "VAR-201506-0312",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-04193"
},
{
"db": "VULHUB",
"id": "VHN-82185"
}
],
"trust": 1.46715547
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-04193"
}
]
},
"last_update_date": "2024-11-23T22:13:29.125000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "39517",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39517"
},
{
"title": "Cisco Wireless LAN Controller devices with software patch for any operating system command execution vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/60304"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-04193"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003289"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-82185"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003289"
},
{
"db": "NVD",
"id": "CVE-2015-4224"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=39517"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/75415"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1032728"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-4224"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-4224"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-04193"
},
{
"db": "VULHUB",
"id": "VHN-82185"
},
{
"db": "BID",
"id": "75415"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003289"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-576"
},
{
"db": "NVD",
"id": "CVE-2015-4224"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2015-04193"
},
{
"db": "VULHUB",
"id": "VHN-82185"
},
{
"db": "BID",
"id": "75415"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003289"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-576"
},
{
"db": "NVD",
"id": "CVE-2015-4224"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-07-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-04193"
},
{
"date": "2015-06-26T00:00:00",
"db": "VULHUB",
"id": "VHN-82185"
},
{
"date": "2015-06-25T00:00:00",
"db": "BID",
"id": "75415"
},
{
"date": "2015-06-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-003289"
},
{
"date": "2015-06-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201506-576"
},
{
"date": "2015-06-26T10:59:07.123000",
"db": "NVD",
"id": "CVE-2015-4224"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-07-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-04193"
},
{
"date": "2016-12-28T00:00:00",
"db": "VULHUB",
"id": "VHN-82185"
},
{
"date": "2015-06-25T00:00:00",
"db": "BID",
"id": "75415"
},
{
"date": "2015-06-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-003289"
},
{
"date": "2015-06-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201506-576"
},
{
"date": "2024-11-21T02:30:40.060000",
"db": "NVD",
"id": "CVE-2015-4224"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "75415"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-576"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Wireless LAN Controller Any within a privileged context in the device software OS Command execution vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-003289"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "operating system commend injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201506-576"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…