CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2015-6385

The publish-event event-manager feature in Cisco IOS 15.5(2)S and 15.5(3)S on Cloud Services Router 1000V devices allows local users to execute arbitrary commands with root privileges by leveraging administrative access to enter crafted environment variables, aka Bug ID CSCux14943.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 17.8%

CVSS Severity

CVSS v2 Score 7.2

References

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151130-csr
http://www.securitytracker.com/id/1034274
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151130-csr
http://www.securitytracker.com/id/1034274

Products affected by CVE-2015-6385

Cisco » Ios » Version: 15.5(2)s

cpe:2.3:o:cisco:ios:15.5(2)s
Cisco » Ios » Version: 15.5(3)s

cpe:2.3:o:cisco:ios:15.5(3)s

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-6385

Products

Pricing

Contact Us