Sign-up

ID

VAR-201511-0215


CVE

CVE-2015-6364


TITLE

Cisco Videoscape Distribution Suite Service Manager Run on Content Delivery System Manager Software Vulnerability where important information is obtained

Trust: 0.8

sources: JVNDB: JVNDB-2015-005926

DESCRIPTION

Cisco Content Delivery System Manager Software 3.2 on Videoscape Distribution Suite Service Manager allows remote attackers to obtain sensitive information via crafted URLs in REST API requests, aka Bug ID CSCuv86960. Successful exploits may allow an attacker to obtain sensitive information that may lead to further attacks. This issue is tracked by Cisco Bug ID CSCuv86960. The former is a set of management software for real-time analysis and reporting of CDN, and the latter is a set of browser-based console software for managing the configuration, monitoring and reporting of all CDEs on the entire network

Trust: 2.52

sources: NVD: CVE-2015-6364 // JVNDB: JVNDB-2015-005926 // CNVD: CNVD-2015-07560 // BID: 77579 // VULHUB: VHN-84325

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2015-07560

AFFECTED PRODUCTS

vendor:ciscomodel:videoscape distribution suite service managerscope:eqversion:3.2

Trust: 1.4

vendor:ciscomodel:videoscape distribution suite service managerscope:lteversion:3.2.0

Trust: 1.0

vendor:ciscomodel:videoscape distribution suite service managerscope:eqversion:3.2.0

Trust: 0.6

vendor:ciscomodel:videoscape distribution suite service managerscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:content delivery system manager softwarescope:eqversion:3.2

Trust: 0.3

sources: CNVD: CNVD-2015-07560 // BID: 77579 // JVNDB: JVNDB-2015-005926 // CNNVD: CNNVD-201511-248 // NVD: CVE-2015-6364

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2015-6364
value: MEDIUM

Trust: 1.0

NVD: CVE-2015-6364
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2015-07560
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201511-248
value: MEDIUM

Trust: 0.6

VULHUB: VHN-84325
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2015-6364
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2015-07560
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-84325
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CNVD: CNVD-2015-07560 // VULHUB: VHN-84325 // JVNDB: JVNDB-2015-005926 // CNNVD: CNNVD-201511-248 // NVD: CVE-2015-6364

PROBLEMTYPE DATA

problemtype:CWE-200

Trust: 1.9

sources: VULHUB: VHN-84325 // JVNDB: JVNDB-2015-005926 // NVD: CVE-2015-6364

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201511-248

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201511-248

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2015-005926

PATCH
title:cisco-sa-20151112-vdsurl:http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151112-vds
Trust: 0.8
title:Patch for the Cisco Videoscape Distribution Suite Service Manager REST API Information Disclosure Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/66803
Trust: 0.6
title:Cisco Videoscape Distribution Suite Service Manager Content Delivery System Manager Software Repair measures for information disclosure vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58737
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2015-07560 // 
            
            
            
            JVNDB: JVNDB-2015-005926 // 
            
            
            
            CNNVD: CNNVD-201511-248

EXTERNAL IDS
db:NVDid:CVE-2015-6364
Trust: 3.4
db:SECTRACKid:1034159
Trust: 1.1
db:JVNDBid:JVNDB-2015-005926
Trust: 0.8
db:CNNVDid:CNNVD-201511-248
Trust: 0.7
db:CNVDid:CNVD-2015-07560
Trust: 0.6
db:BIDid:77579
Trust: 0.4
db:SEEBUGid:SSVID-89791
Trust: 0.1
db:VULHUBid:VHN-84325
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2015-07560 // 
            
            
            
            VULHUB: VHN-84325 // 
            
            
            
            BID: 77579 // 
            
            
            
            JVNDB: JVNDB-2015-005926 // 
            
            
            
            CNNVD: CNNVD-201511-248 // 
            
            
            
            NVD: CVE-2015-6364

REFERENCES
url:http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20151112-vds
Trust: 2.6
url:http://www.securitytracker.com/id/1034159
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6364
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6364
Trust: 0.8
url:http://www.cisco.com/
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2015-07560 // 
            
            
            
            VULHUB: VHN-84325 // 
            
            
            
            BID: 77579 // 
            
            
            
            JVNDB: JVNDB-2015-005926 // 
            
            
            
            CNNVD: CNNVD-201511-248 // 
            
            
            
            NVD: CVE-2015-6364

CREDITS
Cisco
Trust: 0.3
sources:
            
            
            BID: 77579

SOURCES
db:CNVDid:CNVD-2015-07560
db:VULHUBid:VHN-84325
db:BIDid:77579
db:JVNDBid:JVNDB-2015-005926
db:CNNVDid:CNNVD-201511-248
db:NVDid:CVE-2015-6364

LAST UPDATE DATE
2025-04-13T23:22:22.677000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2015-07560date:2015-11-17T00:00:00
db:VULHUBid:VHN-84325date:2016-12-07T00:00:00
db:BIDid:77579date:2015-11-13T00:00:00
db:JVNDBid:JVNDB-2015-005926date:2015-11-17T00:00:00
db:CNNVDid:CNNVD-201511-248date:2015-11-18T00:00:00
db:NVDid:CVE-2015-6364date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:CNVDid:CNVD-2015-07560date:2015-11-17T00:00:00
db:VULHUBid:VHN-84325date:2015-11-14T00:00:00
db:BIDid:77579date:2015-11-13T00:00:00
db:JVNDBid:JVNDB-2015-005926date:2015-11-17T00:00:00
db:CNNVDid:CNNVD-201511-248date:2015-11-16T00:00:00
db:NVDid:CVE-2015-6364date:2015-11-14T03:59:01.723