CVE-2015-6375

Published: 21/11/2015 Updated: 28/11/2016

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

VMScore: 187

Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

A vulnerability in the debug logging function of Cisco Networking Services (CNS) used for configuring Cisco IOS networking devices could allow an authenticated, local malicious user to disclose sensitive data. The vulnerability is due to insufficient protections of sensitive data at rest. An attacker could exploit this vulnerability by accessing a specific file and reading the sensitive information. Cisco has not released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available. This advisory is available at the following link: tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151120-ns

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco ios 15.2(2)e3

A vulnerability in the debug logging function of Cisco Networking Services (CNS) used for configuring Cisco IOS networking devices could allow an authenticated, local attacker to disclose sensitive data The vulnerability is due to insufficient protections of sensitive data at rest An attacker could exploit this vulnerability by accessing a spec ...

CWE-200 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151120-ns http://www.securityfocus.com/bid/77676 https://nvd.nist.gov http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151120-ns

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2015-6375

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect