mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 01:02:25 +00:00
279 lines
11 KiB
JSON
279 lines
11 KiB
JSON
{
|
|
"id": "CVE-2015-6319",
|
|
"sourceIdentifier": "ykramarz@cisco.com",
|
|
"published": "2016-01-27T22:59:00.100",
|
|
"lastModified": "2016-12-07T18:19:27.077",
|
|
"vulnStatus": "Modified",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "SQL injection vulnerability in the web-based management interface on Cisco RV220W devices allows remote attackers to execute arbitrary SQL commands via a crafted header in an HTTP request, aka Bug ID CSCuv29574."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Vulnerabilidad de inyecci\u00f3n SQL en la interfaz de gesti\u00f3n basada en web en dispositivos Cisco RV220W permite a atacantes remotos ejecutar comandos SQL arbitrarios a trav\u00e9s de una cabecera manipulada en una petici\u00f3n HTTP, tambi\u00e9n conocida como Bug ID CSCuv29574."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV30": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "3.0",
|
|
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
|
"attackVector": "NETWORK",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "NONE",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "HIGH",
|
|
"integrityImpact": "HIGH",
|
|
"availabilityImpact": "HIGH",
|
|
"baseScore": 9.8,
|
|
"baseSeverity": "CRITICAL"
|
|
},
|
|
"exploitabilityScore": 3.9,
|
|
"impactScore": 5.9
|
|
}
|
|
],
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "COMPLETE",
|
|
"integrityImpact": "COMPLETE",
|
|
"availabilityImpact": "COMPLETE",
|
|
"baseScore": 10.0
|
|
},
|
|
"baseSeverity": "HIGH",
|
|
"exploitabilityScore": 10.0,
|
|
"impactScore": 10.0,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": true,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-89"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:cisco:rv016_multi-wan_vpn_router:*:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "217831DB-FC07-443B-B969-2513ACE0C0AA"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:cisco:rv042_dual_wan_vpn_router:*:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "87905EBD-2C32-41C7-933E-168B1A5941F2"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:cisco:rv042g_dual_gigabit_wan_vpn_router:*:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "0008DDD6-A6A5-46A2-B9A0-1DC807E29E02"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:cisco:rv082_dual_wan_vpn_router:*:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "37F1D3C2-8CD6-416D-80C2-3ECBB941DA55"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:cisco:rv110w_wireless-n_vpn_firewall:*:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F95AABA7-ADCF-474B-A1AD-E55EFC09CF2A"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:cisco:rv120w_wireless-n_vpn_firewall:*:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B3562EAC-7DD9-4D7E-8A54-577FAEDFD42B"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:cisco:rv130_vpn_router:*:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "0A7C79FC-EC93-4832-85EC-E7D5672A7DF4"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:cisco:rv130w_wireless-n_multifunction_vpn_router:*:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "4993AC7B-5E6F-4DB5-90D8-3181148BC7B0"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:cisco:rv180_vpn_router:*:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8C656EE6-510D-4530-947E-6C1DE46EBC68"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:cisco:rv180w_wireless-n_multifunction_vpn_router:*:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8A68C4AD-0FB1-45FE-BD04-C3DC8A716F3F"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:cisco:rv215w_wireless-n_vpn_router:*:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "175F8546-DBBB-4C34-9B9A-A39A6E70F2AF"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:cisco:rv220w_wireless_network_security_firewall:*:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "5DD07AB5-E9DA-463F-B017-7A10FD8C2878"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:cisco:rv320_dual_gigabit_wan_vpn_router:*:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "40BE4E08-761E-44B1-923C-8CAF3EA1B812"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:cisco:rv320_dual_gigabit_wan_wf_vpn_router:*:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "22E350F7-5E72-4749-BBFE-021A3B838105"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:cisco:rv325_dual_gigabit_wan_wf_vpn_router:*:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "DE38F76A-20EB-4A00-A84D-F5F262E7A1AD"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:cisco:rv325_dual_wan_gigabit_vpn_router:*:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "57228295-609D-4939-9FEF-71EFE6FFEAB6"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:cisco:rvl200_4-port_ssl_ipsec_vpn_router:*:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F4558947-E413-4283-959A-B7C854BCECE6"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:cisco:rvs4000_4-port_gigabit_security_router_-_vpn:*:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "54D7930A-EC68-4518-BA88-529A3D4F0919"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:cisco:wrv200_wireless-g_vpn_router_-_rangebooster:*:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D22C7E67-0F47-416F-80A5-D218C655D275"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:cisco:wrv210_wireless-g_vpn_router_-_rangebooster:*:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "7618CAE2-22D2-44B1-8FE8-F29101B62D57"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:cisco:wrvs4400n_wireless-n_gigabit_security_router_-_vpn_v2.0:*:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D0954EAD-6830-499E-BCE7-4F0FE1DDFE24"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:rv_series_router_firmware:1.0.0.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "82E9DB28-1575-415C-BE18-9ADFD6BA66D5"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:rv_series_router_firmware:1.0.0.30:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1AE98C62-84E0-435F-A376-984B1819B94C"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:rv_series_router_firmware:1.0.1.9:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "EBC77F08-1A4A-46AC-8359-5B20BAA9989B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:rv_series_router_firmware:1.0.2.6:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "FE637ED7-943B-45A3-A0B3-EEAE02A96693"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:rv_series_router_firmware:1.0.3.10:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "AA64F9F9-6843-4A74-8DC4-692B8A7E8394"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:rv_series_router_firmware:1.0.4.10:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "95D5F5BE-8A32-415A-A686-5221C42EFD8B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:rv_series_router_firmware:1.0.4.14:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "DCCDA0D3-AF8C-4EC2-8DC8-64322452C697"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:rv_series_router_firmware:1.0.5.6:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "CF064F34-25A3-474E-BCA8-BC135FA4B834"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:rv_series_router_firmware:1.0.5.8:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1DEC997B-96CF-43E6-98C8-D6E469CA471D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:rv_series_router_firmware:1.0.6.6:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "9B6AD360-866C-4E63-BA54-EAF697560D07"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:rv_series_router_firmware:1.1.0.9:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A0B5DF7C-99D2-4CF9-A0AD-8D6BE5780CA7"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:rv_series_router_firmware:1.2.0.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F60788C6-2130-4561-B1C8-72B138F2E9B7"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:sun:opensolaris:snv_124:*:sparc:*:*:*:*:*",
|
|
"matchCriteriaId": "09B35C0E-6CBA-4B6B-BCD2-F5CC0BF8CF53"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-rv220",
|
|
"source": "ykramarz@cisco.com",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.securitytracker.com/id/1034830",
|
|
"source": "ykramarz@cisco.com"
|
|
}
|
|
]
|
|
} |