CVE-2015-4225Cisco Nx-os vulnerability

CWE-2644 documents4 sources
Severity
4.0MEDIUMNVD
EPSS
0.3%
top 48.74%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Nx-os
Timeline
PublishedJun 27
Latest updateMay 17

Description

Cisco Application Policy Infrastructure Controller (APIC) 1.0(1.110a) and 1.0(1e) on Nexus 9000 devices does not properly implement RBAC health scoring, which allows remote authenticated users to obtain sensitive information via unspecified vectors, aka Bug ID CSCuq77485.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 8.0 | Impact: 2.9

Affected Packages1 packages

NVDcisco/nx-os1.0\(1.110a\), 1.0\(1e\)+1

🔴Vulnerability Details

2
GHSA
GHSA-37rg-q6m8-6h7g: Cisco Application Policy Infrastructure Controller (APIC) 12022-05-17
CVEList
CVE-2015-4225: Cisco Application Policy Infrastructure Controller (APIC) 12015-06-27

📋Vendor Advisories

1
Cisco
Cisco Application Policy Infrastructure Controller Unauthorized Access Vulnerability2015-06-26
CVE-2015-4225 — Cisco Nx-os vulnerability | cvebase