CVE-2015-6479
published 2016-04-21CVE-2015-6479: ACEmanager in Sierra Wireless ALEOS 4.4.2 and earlier on ES440, ES450, GX400, GX440, GX450, and LS300 devices allows remote attackers to read the…
PriorityP418medium4.3CVSS 3.1
AVNACLPRNUIRSUCLINAN
EPSS
1.54%
71.8th percentile
ACEmanager in Sierra Wireless ALEOS 4.4.2 and earlier on ES440, ES450, GX400, GX440, GX450, and LS300 devices allows remote attackers to read the filteredlogs.txt file, and consequently discover potentially sensitive boot-sequence information, via unspecified vectors.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sierrawireless | aleos | <= 4.4.2 | — |
CVSS provenance
nvdv3.14.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:P/I:N/A:N
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-vjr8-x7xw-4627: ACEmanager in Sierra Wireless ALEOS 4
ghsa_unreviewed·2022-05-13
CVE-2015-6479 [MEDIUM] GHSA-vjr8-x7xw-4627: ACEmanager in Sierra Wireless ALEOS 4
ACEmanager in Sierra Wireless ALEOS 4.4.2 and earlier on ES440, ES450, GX400, GX440, GX450, and LS300 devices allows remote attackers to read the filteredlogs.txt file, and consequently discover potentially sensitive boot-sequence information, via unspecified vectors.
CISA ICS
Sierra Wireless ACEmanager Information Exposure Vulnerability
cisa_ics·2018-08-23
Sierra Wireless ACEmanager Information Exposure Vulnerability
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Sierra Wireless ACEmanager Information Exposure Vulnerability
Last RevisedAugust 23, 2018
Alert CodeICSA-16-105-01
## OVERVIEW
Independent researcher Maxim Rupp has identified an exposure of sensitive information vulnerability in the Sierra Wireless ACEmanager application. Sierra Wireless has produced a new version to mitigate this vulnerability.
This vulnerability could be exploited remotely.
## AFFECTED PRODUCTS
The following Sierra Wireless versions are affected:
- LS300 running ALEOS 4.4.2 and earlier,
- GX400 running ALEOS 4.4.2 and earlier,
- GX440 running ALEOS 4.4.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2016-04-21
Published