CVE-2015-4202Sensitive Information Exposure in Cisco IOS

CWE-200Sensitive Information Exposure4 documents4 sources
Severity
5.0MEDIUMNVD
EPSS
0.4%
top 36.46%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco IOS
Timeline
PublishedJun 20
Latest updateMay 17

Description

Cisco IOS 12.2SCH on uBR10000 router Cable Modem Termination Systems (CMTS) does not properly restrict access to the IP Detail Record (IPDR) service, which allows remote attackers to obtain potentially sensitive MAC address and network-utilization information via crafted IPDR packets, aka Bug ID CSCua39203.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDcisco/ios12.2\(33\)sch, 12.2sch+1

🔴Vulnerability Details

2
GHSA
GHSA-4mf4-pwvw-5252: Cisco IOS 122022-05-17
CVEList
CVE-2015-4202: Cisco IOS 122015-06-20

📋Vendor Advisories

1
Cisco
Cisco uBR10000 Series Universal Broadband Routers Information Disclosure Vulnerability2015-06-19
CVE-2015-4202 — Sensitive Information Exposure in Cisco | cvebase