VDB
CVE-2015-6383
CVE-2015-6383
PUBLISHED
CVSS 7.199999809265137 HIGH
Cisco IOS XE 15.4(3)S on ASR 1000 devices improperly loads software packages, which allows local users to bypass license restrictions and obtain certain root privileges by using the CLI to enter crafted filenames, aka Bug ID CSCuv93130.
EPSS 0.09% · 25.3th percentile
Risk Scores
CVSS 2.0
7.199999809265137
EPSS Score
0.09%
25.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| cisco | ios_xe | 15.4\(3\)s |
Exploit Intelligence
- 78521 (circl)
- 1034277 (circl)
- 1034296 (circl)
- 20151130 Cisco ASR 1000 Series Root Shell License Bypass Vulnerability (circl)
Timeline
- Nov 30, 2015 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
- May 25, 2023 EPSS Score
References
- 78521 vdb
- 1034277 vdb
- 1034296 vdb
- 20151130 Cisco ASR 1000 Series Root Shell License Bypass Vulnerability vendor-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2015-6383 advisory