CVE-2015-6412

{"id": "CVE-2015-6412", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2016-01-22T11:59:00.130", "references": [{"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160120-d9036", "tags": ["Vendor Advisory"], "source": "psirt@cisco.com"}, {"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160120-d9036", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-255"}]}], "descriptions": [{"lang": "en", "value": "Cisco Modular Encoding Platform D9036 Software before 02.04.70 has hardcoded (1) root and (2) guest passwords, which makes it easier for remote attackers to obtain access via an SSH session, aka Bug ID CSCut88070."}, {"lang": "es", "value": "Cisco Modular Encoding Platform D9036 Software en versiones anteriores a 02.04.70 tiene contrase\u00f1as embebidas de (1) root y (2) guest, lo que hace m\u00e1s f\u00e1cil para atacantes remotos obtener acceso a trav\u00e9s de una sesi\u00f3n SSH, tambi\u00e9n conocido como Bug ID CSCut88070."}], "lastModified": "2025-04-12T10:46:40.837", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:modular_encoding_platform_d9036_software:02.00.80:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A51B3DD6-C241-49F9-B2BE-987A5E505695"}, {"criteria": "cpe:2.3:o:cisco:modular_encoding_platform_d9036_software:02.01.50:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "52D08AA9-DA96-4962-9422-8114FE10D5EF"}, {"criteria": "cpe:2.3:o:cisco:modular_encoding_platform_d9036_software:02.02.30:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "898F1F87-3FE7-43A2-A8F0-82148DB13C15"}, {"criteria": "cpe:2.3:o:cisco:modular_encoding_platform_d9036_software:02.03.30:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8FC95B56-7955-4415-8384-1CF08F969B85"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:modular_encoding_platform_d9036:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "22C700EE-D1E5-4A8B-87D0-DBD645D6444B"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt@cisco.com"}