Details of VAR-201512-0608

ID

VAR-201512-0608

TITLE

Cisco Linksys EA6100 and EA6300 Routers Unauthorized Access Vulnerabilities

Trust: 0.6

sources: CNVD: CNVD-2015-08282

DESCRIPTION

The Cisco Linksys EA6100 and EA6300 are both wireless router products from Cisco. An unauthorized access vulnerability exists in the Cisco Linksys EA6100 and EA6300 Routers using firmware version 1.1.5. An attacker could use this vulnerability to bypass security restrictions and gain unauthorized access to the affected device. Linksys EA6100 and and EA6300 running firmware 1.1.5 are vulnerable

Trust: 1.35

sources: CNVD: CNVD-2015-08282 // CNNVD: CNNVD-201512-422 // BID: 78616

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2015-08282

AFFECTED PRODUCTS

vendor:	cisco	model:	linksys ea6100/ea6300 routers	scope:	eq	version:	1.1.5	Trust: 0.6
vendor:	linksys	model:	ea6300	scope:	eq	version:	1.1.5	Trust: 0.3
vendor:	linksys	model:	ea6100	scope:	eq	version:	1.1.5	Trust: 0.3

sources: CNVD: CNVD-2015-08282 // BID: 78616

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2015-08282
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2015-08282
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2015-08282

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201512-422

TYPE

Design Error

Trust: 0.3

sources: BID: 78616

EXTERNAL IDS

db:	BID	id:	78616	Trust: 1.5
db:	CNVD	id:	CNVD-2015-08282	Trust: 0.6
db:	CNNVD	id:	CNNVD-201512-422	Trust: 0.6

sources: CNVD: CNVD-2015-08282 // BID: 78616 // CNNVD: CNNVD-201512-422

REFERENCES

url:	http://www.securityfocus.com/bid/78616	Trust: 1.2
url:	http://seclists.org/fulldisclosure/2015/dec/4	Trust: 0.3
url:	https://www.korelogic.com/resources/advisories/kl-001-2015-006.txt	Trust: 0.3
url:	http://www.linksys.com/	Trust: 0.3

sources: CNVD: CNVD-2015-08282 // BID: 78616 // CNNVD: CNNVD-201512-422

CREDITS

Matt Bergin.

Trust: 0.9

sources: BID: 78616 // CNNVD: CNNVD-201512-422

SOURCES

db:	CNVD	id:	CNVD-2015-08282
db:	BID	id:	78616
db:	CNNVD	id:	CNNVD-201512-422

LAST UPDATE DATE

2022-05-17T01:46:30.713000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2015-08282	date:	2015-12-17T00:00:00
db:	BID	id:	78616	date:	2015-12-04T00:00:00
db:	CNNVD	id:	CNNVD-201512-422	date:	2015-12-15T00:00:00

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2015-08282	date:	2015-12-17T00:00:00
db:	BID	id:	78616	date:	2015-12-04T00:00:00
db:	CNNVD	id:	CNNVD-201512-422	date:	2015-12-15T00:00:00