Sign-up

ID

VAR-201511-0227


CVE

CVE-2015-6375


TITLE

IOS for Cisco Networking Services Vulnerability in the collection of important information in the debug logging function

Trust: 0.8

sources: JVNDB: JVNDB-2015-005989

DESCRIPTION

The debug-logging (aka debug cns) feature in Cisco Networking Services (CNS) for IOS 15.2(2)E3 allows local users to obtain sensitive information by reading an unspecified file, aka Bug ID CSCux18010. Vendors have confirmed this vulnerability Bug ID CSCux18010 It is released as.If a local user reads an unspecified file, important information may be obtained. Cisco Networking Services is prone to an information-disclosure vulnerability. Successful exploits may allow an attacker to obtain sensitive information that may lead to further attacks. This issue is tracked by Cisco Bug ID CSCux18010

Trust: 1.98

sources: NVD: CVE-2015-6375 // JVNDB: JVNDB-2015-005989 // BID: 77676 // VULHUB: VHN-84336

AFFECTED PRODUCTS

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)e3

Trust: 1.6

vendor:ciscomodel:iosscope:eqversion:15.2(2)e3

Trust: 0.8

vendor:ciscomodel:iosscope:eqversion:0

Trust: 0.3

sources: BID: 77676 // JVNDB: JVNDB-2015-005989 // CNNVD: CNNVD-201511-380 // NVD: CVE-2015-6375

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2015-6375
value: LOW

Trust: 1.0

NVD: CVE-2015-6375
value: LOW

Trust: 0.8

CNNVD: CNNVD-201511-380
value: LOW

Trust: 0.6

VULHUB: VHN-84336
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2015-6375
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-84336
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-84336 // JVNDB: JVNDB-2015-005989 // CNNVD: CNNVD-201511-380 // NVD: CVE-2015-6375

PROBLEMTYPE DATA

problemtype:CWE-200

Trust: 1.9

sources: VULHUB: VHN-84336 // JVNDB: JVNDB-2015-005989 // NVD: CVE-2015-6375

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201511-380

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201511-380

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2015-005989

PATCH
title:cisco-sa-20151120-nsurl:http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151120-ns
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2015-005989

EXTERNAL IDS
db:NVDid:CVE-2015-6375
Trust: 2.8
db:BIDid:77676
Trust: 1.4
db:JVNDBid:JVNDB-2015-005989
Trust: 0.8
db:CNNVDid:CNNVD-201511-380
Trust: 0.7
db:SEEBUGid:SSVID-89957
Trust: 0.1
db:VULHUBid:VHN-84336
Trust: 0.1
sources:
            
            
            VULHUB: VHN-84336 // 
            
            
            
            BID: 77676 // 
            
            
            
            JVNDB: JVNDB-2015-005989 // 
            
            
            
            CNNVD: CNNVD-201511-380 // 
            
            
            
            NVD: CVE-2015-6375

REFERENCES
url:http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20151120-ns
Trust: 1.7
url:http://www.securityfocus.com/bid/77676
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6375
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6375
Trust: 0.8
url:http://www.cisco.com/
Trust: 0.3
sources:
            
            
            VULHUB: VHN-84336 // 
            
            
            
            BID: 77676 // 
            
            
            
            JVNDB: JVNDB-2015-005989 // 
            
            
            
            CNNVD: CNNVD-201511-380 // 
            
            
            
            NVD: CVE-2015-6375

CREDITS
Cisco
Trust: 0.3
sources:
            
            
            BID: 77676

SOURCES
db:VULHUBid:VHN-84336
db:BIDid:77676
db:JVNDBid:JVNDB-2015-005989
db:CNNVDid:CNNVD-201511-380
db:NVDid:CVE-2015-6375

LAST UPDATE DATE
2025-04-12T23:15:37.318000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-84336date:2016-11-28T00:00:00
db:BIDid:77676date:2015-12-08T22:23:00
db:JVNDBid:JVNDB-2015-005989date:2015-11-24T00:00:00
db:CNNVDid:CNNVD-201511-380date:2015-11-27T00:00:00
db:NVDid:CVE-2015-6375date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:VULHUBid:VHN-84336date:2015-11-21T00:00:00
db:BIDid:77676date:2015-11-20T00:00:00
db:JVNDBid:JVNDB-2015-005989date:2015-11-24T00:00:00
db:CNNVDid:CNNVD-201511-380date:2015-11-23T00:00:00
db:NVDid:CVE-2015-6375date:2015-11-21T11:59:02.563