var-201510-0015
Vulnerability from variot
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076. Cisco Application Policy Infrastructure Controller (APIC) Contains a privileged vulnerability. A local attacker may exploit this issue to gain elevated privileges on the affected system. This issue is being tracked by Cisco Bug ID CSCuw46076
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0015",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "application policy infrastructure controller",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "1.1\\(1j\\)"
},
{
"model": "application policy infrastructure controller 1.1j",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": "application policy infrastructure controller software",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "1.1j"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-06705"
},
{
"db": "BID",
"id": "77111"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005329"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-289"
},
{
"db": "NVD",
"id": "CVE-2015-6333"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:cisco:application_policy_infrastructure_controller_%28apic%29",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005329"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco",
"sources": [
{
"db": "BID",
"id": "77111"
}
],
"trust": 0.3
},
"cve": "CVE-2015-6333",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2015-6333",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2015-06705",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-84294",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6333",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-6333",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2015-06705",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-289",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-84294",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-06705"
},
{
"db": "VULHUB",
"id": "VHN-84294"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005329"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-289"
},
{
"db": "NVD",
"id": "CVE-2015-6333"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076. Cisco Application Policy Infrastructure Controller (APIC) Contains a privileged vulnerability. \nA local attacker may exploit this issue to gain elevated privileges on the affected system. \nThis issue is being tracked by Cisco Bug ID CSCuw46076",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6333"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005329"
},
{
"db": "CNVD",
"id": "CNVD-2015-06705"
},
{
"db": "BID",
"id": "77111"
},
{
"db": "VULHUB",
"id": "VHN-84294"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6333",
"trust": 3.4
},
{
"db": "SECTRACK",
"id": "1033793",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005329",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201510-289",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2015-06705",
"trust": 0.6
},
{
"db": "BID",
"id": "77111",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-84294",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-06705"
},
{
"db": "VULHUB",
"id": "VHN-84294"
},
{
"db": "BID",
"id": "77111"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005329"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-289"
},
{
"db": "NVD",
"id": "CVE-2015-6333"
}
]
},
"id": "VAR-201510-0015",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-06705"
},
{
"db": "VULHUB",
"id": "VHN-84294"
}
],
"trust": 0.06999999999999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-06705"
}
]
},
"last_update_date": "2024-11-23T21:54:50.487000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20151012-apic",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151012-apic"
},
{
"title": "Patch for Cisco Application Policy Infrastructure Controller Privilege Escalation Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/65529"
},
{
"title": "Cisco Application Policy Infrastructure Controller Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58137"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-06705"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005329"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-289"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84294"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005329"
},
{
"db": "NVD",
"id": "CVE-2015-6333"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20151012-apic"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1033793"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6333"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6333"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-06705"
},
{
"db": "VULHUB",
"id": "VHN-84294"
},
{
"db": "BID",
"id": "77111"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005329"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-289"
},
{
"db": "NVD",
"id": "CVE-2015-6333"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2015-06705"
},
{
"db": "VULHUB",
"id": "VHN-84294"
},
{
"db": "BID",
"id": "77111"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005329"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-289"
},
{
"db": "NVD",
"id": "CVE-2015-6333"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-06705"
},
{
"date": "2015-10-16T00:00:00",
"db": "VULHUB",
"id": "VHN-84294"
},
{
"date": "2015-10-12T00:00:00",
"db": "BID",
"id": "77111"
},
{
"date": "2015-10-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005329"
},
{
"date": "2015-10-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-289"
},
{
"date": "2015-10-16T01:59:05.857000",
"db": "NVD",
"id": "CVE-2015-6333"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-06705"
},
{
"date": "2016-12-09T00:00:00",
"db": "VULHUB",
"id": "VHN-84294"
},
{
"date": "2015-10-12T00:00:00",
"db": "BID",
"id": "77111"
},
{
"date": "2015-10-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005329"
},
{
"date": "2015-10-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-289"
},
{
"date": "2024-11-21T02:34:48.447000",
"db": "NVD",
"id": "CVE-2015-6333"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "77111"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-289"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Application Policy Infrastructure Controller Vulnerability gained in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005329"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-289"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.