CVE-2015-6424

CWE-2555 documents5 sources

Severity

7.2HIGH

EPSS

0.1%

top 74.36%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Application Policy Infrastructure Controller

Timeline

PublishedDec 18

Latest updateMay 17

Description

The boot manager in Cisco Application Policy Infrastructure Controller (APIC) 1.1(0.920a) allows local users to bypass intended access restrictions and obtain single-user-mode root access via unspecified vectors, aka Bug ID CSCuu83985.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

▶NVDcisco/application_policy_infrastructure_controller1.1\(0.920a\)

🔴Vulnerability Details

GHSA

GHSA-xgmj-8cq2-4f7j: The boot manager in Cisco Application Policy Infrastructure Controller (APIC) 1↗2022-05-17

▶

CVEList

CVE-2015-6424: The boot manager in Cisco Application Policy Infrastructure Controller (APIC) 1↗2015-12-18

▶

OSV

xorg-server, xorg-server-lts-trusty, xorg-server-lts-utopic vulnerabilities↗2015-02-17

▶

📋Vendor Advisories

Cisco

Cisco Application Policy Infrastructure Controller Insecure Credentials Vulnerability↗2015-12-16

▶