ID
VAR-201505-0129
CVE
CVE-2015-0701
TITLE
Cisco Unified Computing System Central Software Arbitrary Command Execution Vulnerability
Trust: 1.1
sources:
BID: 74491 //
JVNDB: JVNDB-2015-002540
DESCRIPTION
Cisco UCS Central Software before 1.3(1a) allows remote attackers to execute arbitrary commands via a crafted HTTP request, aka Bug ID CSCut46961. An attacker can exploit this issue to execute system commands on the underlying operating system. This issue being tracked by Cisco Bug ID CSCut46961
Trust: 1.98
sources:
NVD: CVE-2015-0701 //
JVNDB: JVNDB-2015-002540 //
BID: 74491 //
VULHUB: VHN-78647
AFFECTED PRODUCTS
| vendor: | cisco | model: | unified computing system central software | scope: | eq | version: | 1.1_base | Trust: 1.6 |
| vendor: | cisco | model: | unified computing system central software | scope: | eq | version: | 1.2\(1e\) | Trust: 1.6 |
| vendor: | cisco | model: | unified computing system central software | scope: | eq | version: | 1.2\(1f\) | Trust: 1.6 |
| vendor: | cisco | model: | unified computing system central software | scope: | eq | version: | 1.0_base | Trust: 1.6 |
| vendor: | cisco | model: | unified computing system central software | scope: | eq | version: | 1.2\(1a\) | Trust: 1.6 |
| vendor: | cisco | model: | unified computing system central software | scope: | eq | version: | 1.2\(1d\) | Trust: 1.6 |
| vendor: | cisco | model: | unified computing system central software 1.2 | scope: | - | version: | - | Trust: 1.2 |
| vendor: | cisco | model: | unified computing system central software | scope: | lte | version: | 1.2 | Trust: 0.8 |
| vendor: | extremenetworks | model: | wireless ap | scope: | eq | version: | 396510.1.1 | Trust: 0.3 |
| vendor: | extremenetworks | model: | wireless ap | scope: | eq | version: | 393510.1.1 | Trust: 0.3 |
| vendor: | extremenetworks | model: | wireless ap | scope: | eq | version: | 386510.1.1 | Trust: 0.3 |
| vendor: | extremenetworks | model: | wireless ap | scope: | eq | version: | 382510.1.1 | Trust: 0.3 |
| vendor: | extremenetworks | model: | wireless ap | scope: | eq | version: | 380510.1.1 | Trust: 0.3 |
| vendor: | extremenetworks | model: | wireless ap | scope: | eq | version: | 380110.1.1 | Trust: 0.3 |
| vendor: | extremenetworks | model: | wireless ap | scope: | eq | version: | 371510.1.1 | Trust: 0.3 |
| vendor: | extremenetworks | model: | extremexos | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | cisco | model: | unified computing system central software | scope: | eq | version: | 1.2 | Trust: 0.3 |
| vendor: | cisco | model: | unified computing system central software | scope: | eq | version: | 1.1 | Trust: 0.3 |
| vendor: | cisco | model: | unified computing system central software | scope: | eq | version: | 1.0 | Trust: 0.3 |
| vendor: | extremenetworks | model: | wireless ap | scope: | ne | version: | 396510.11.1 | Trust: 0.3 |
| vendor: | extremenetworks | model: | wireless ap | scope: | ne | version: | 396510.1.4 | Trust: 0.3 |
| vendor: | extremenetworks | model: | wireless ap | scope: | ne | version: | 393510.11.1 | Trust: 0.3 |
| vendor: | extremenetworks | model: | wireless ap | scope: | ne | version: | 393510.1.4 | Trust: 0.3 |
| vendor: | extremenetworks | model: | wireless ap | scope: | ne | version: | 386510.11.1 | Trust: 0.3 |
| vendor: | extremenetworks | model: | wireless ap | scope: | ne | version: | 386510.1.4 | Trust: 0.3 |
| vendor: | extremenetworks | model: | wireless ap | scope: | ne | version: | 382510.11.1 | Trust: 0.3 |
| vendor: | extremenetworks | model: | wireless ap | scope: | ne | version: | 382510.1.4 | Trust: 0.3 |
| vendor: | extremenetworks | model: | wireless ap | scope: | ne | version: | 380510.11.1 | Trust: 0.3 |
| vendor: | extremenetworks | model: | wireless ap | scope: | ne | version: | 380510.1.4 | Trust: 0.3 |
| vendor: | extremenetworks | model: | wireless ap | scope: | ne | version: | 380110.11.1 | Trust: 0.3 |
| vendor: | extremenetworks | model: | wireless ap | scope: | ne | version: | 380110.1.4 | Trust: 0.3 |
| vendor: | extremenetworks | model: | wireless ap | scope: | ne | version: | 371510.11.1 | Trust: 0.3 |
| vendor: | extremenetworks | model: | wireless ap | scope: | ne | version: | 371510.1.4 | Trust: 0.3 |
sources:
BID: 74491 //
JVNDB: JVNDB-2015-002540 //
CNNVD: CNNVD-201505-028 //
NVD: CVE-2015-0701
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
sources:
VULHUB: VHN-78647 //
JVNDB: JVNDB-2015-002540 //
CNNVD: CNNVD-201505-028 //
NVD: CVE-2015-0701
PROBLEMTYPE DATA
| problemtype: | CWE-20 | Trust: 1.9 |
sources:
VULHUB: VHN-78647 //
JVNDB: JVNDB-2015-002540 //
NVD: CVE-2015-0701
THREAT TYPE
remote
Trust: 0.6
sources:
CNNVD: CNNVD-201505-028
TYPE
input validation
Trust: 0.6
sources:
CNNVD: CNNVD-201505-028
CONFIGURATIONS
sources:
JVNDB: JVNDB-2015-002540
PATCH
| title: | cisco-sa-20150506-ucsc | url: | http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150506-ucsc | Trust: 0.8 |
| title: | 38591 | url: | http://tools.cisco.com/security/center/viewAlert.x?alertId=38591 | Trust: 0.8 |
sources:
JVNDB: JVNDB-2015-002540
EXTERNAL IDS
| db: | NVD | id: | CVE-2015-0701 | Trust: 2.8 |
| db: | BID | id: | 74491 | Trust: 1.4 |
| db: | SECTRACK | id: | 1032267 | Trust: 1.1 |
| db: | JVNDB | id: | JVNDB-2015-002540 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-201505-028 | Trust: 0.7 |
| db: | VULHUB | id: | VHN-78647 | Trust: 0.1 |
sources:
VULHUB: VHN-78647 //
BID: 74491 //
JVNDB: JVNDB-2015-002540 //
CNNVD: CNNVD-201505-028 //
NVD: CVE-2015-0701
REFERENCES
| url: | http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20150506-ucsc | Trust: 2.0 |
| url: | http://www.securityfocus.com/bid/74491 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id/1032267 | Trust: 1.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0701 | Trust: 0.8 |
| url: | http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-0701 | Trust: 0.8 |
| url: | http://www.cisco.com/ | Trust: 0.3 |
| url: | http://tools.cisco.com/security/center/viewalert.x?alertid=38591 | Trust: 0.3 |
| url: | https://gtacknowledge.extremenetworks.com/articles/vulnerability_notice/vn-2016-002-openssl/?q=cve-2015-3197&l=en_us&fs=search&pn=1 | Trust: 0.3 |
sources:
VULHUB: VHN-78647 //
BID: 74491 //
JVNDB: JVNDB-2015-002540 //
CNNVD: CNNVD-201505-028 //
NVD: CVE-2015-0701
CREDITS
Cisco
Trust: 0.3
sources:
BID: 74491
SOURCES
| db: | VULHUB | id: | VHN-78647 |
| db: | BID | id: | 74491 |
| db: | JVNDB | id: | JVNDB-2015-002540 |
| db: | CNNVD | id: | CNNVD-201505-028 |
| db: | NVD | id: | CVE-2015-0701 |
LAST UPDATE DATE
2025-04-13T20:46:30.695000+00:00
SOURCES UPDATE DATE
| db: | VULHUB | id: | VHN-78647 | date: | 2016-11-28T00:00:00 |
| db: | BID | id: | 74491 | date: | 2016-07-21T02:00:00 |
| db: | JVNDB | id: | JVNDB-2015-002540 | date: | 2015-05-08T00:00:00 |
| db: | CNNVD | id: | CNNVD-201505-028 | date: | 2015-05-08T00:00:00 |
| db: | NVD | id: | CVE-2015-0701 | date: | 2025-04-12T10:46:40.837 |
SOURCES RELEASE DATE
| db: | VULHUB | id: | VHN-78647 | date: | 2015-05-07T00:00:00 |
| db: | BID | id: | 74491 | date: | 2015-05-06T00:00:00 |
| db: | JVNDB | id: | JVNDB-2015-002540 | date: | 2015-05-08T00:00:00 |
| db: | CNNVD | id: | CNNVD-201505-028 | date: | 2015-05-07T00:00:00 |
| db: | NVD | id: | CVE-2015-0701 | date: | 2015-05-07T01:59:02.323 |