Vulnerability Details : CVE-2015-6412
Cisco Modular Encoding Platform D9036 Software before 02.04.70 has hardcoded (1) root and (2) guest passwords, which makes it easier for remote attackers to obtain access via an SSH session, aka Bug ID CSCut88070.
Products affected by CVE-2015-6412
- cpe:2.3:o:cisco:modular_encoding_platform_d9036_software:02.02.30:*:*:*:*:*:*:*When used together with: Cisco » Modular Encoding Platform D9036
- cpe:2.3:o:cisco:modular_encoding_platform_d9036_software:02.00.80:*:*:*:*:*:*:*When used together with: Cisco » Modular Encoding Platform D9036
- cpe:2.3:o:cisco:modular_encoding_platform_d9036_software:02.01.50:*:*:*:*:*:*:*When used together with: Cisco » Modular Encoding Platform D9036
- cpe:2.3:o:cisco:modular_encoding_platform_d9036_software:02.03.30:*:*:*:*:*:*:*When used together with: Cisco » Modular Encoding Platform D9036
Exploit prediction scoring system (EPSS) score for CVE-2015-6412
0.42%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 71 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2015-6412
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST | |
9.8
|
CRITICAL | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2015-6412
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2015-6412
-
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160120-d9036
Cisco Modular Encoding Platform D9036 Software Default Credentials VulnerabilityVendor Advisory
Jump to