fkie_cve-2015-0691
Vulnerability from fkie_nvd
Published
2015-04-17 01:59
Modified
2025-04-12 10:46
Severity ?
Summary
A certain Cisco JAR file, as distributed in Cache Cleaner in Cisco Secure Desktop (CSD), allows remote attackers to execute arbitrary commands via a crafted web site, aka Bug ID CSCup83001.



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:secure_desktop:3.0_base:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE4B1CD7-A62B-4B19-99B1-876A6F4813D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_desktop:3.1.0.31:*:*:*:*:*:*:*",
              "matchCriteriaId": "89CA2699-7B66-4BFA-A1B8-2708F12D5F0C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_desktop:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F2F8EA5-8DEF-48D0-9E7F-6047D4AECC5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_desktop:3.1.1.45:*:*:*:*:*:*:*",
              "matchCriteriaId": "21F5DFB0-21F4-45F7-B4AF-000B24DEA596",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_desktop:3.1_base:*:*:*:*:*:*:*",
              "matchCriteriaId": "66D3F03B-3B28-4A3C-900E-9B69BEBD5EE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_desktop:3.2.0.136:*:*:*:*:*:*:*",
              "matchCriteriaId": "6532A12D-93A9-4BF7-984A-9F683BD79253",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_desktop:3.2.1.103:*:*:*:*:*:*:*",
              "matchCriteriaId": "98A6CCB3-EE2A-4880-8C19-4227A16C8EB7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_desktop:3.2.1.126:*:*:*:*:*:*:*",
              "matchCriteriaId": "30FA0F88-45CC-4AFA-864D-674BD0B98B9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_desktop:3.2_base:*:*:*:*:*:*:*",
              "matchCriteriaId": "A83EDA6C-CB7F-4E75-B8DD-4A68AAC4F1DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_desktop:3.3.0.118:*:*:*:*:*:*:*",
              "matchCriteriaId": "05C6754E-D07C-400E-91A1-1FF7D58FB6A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_desktop:3.3.0.151:*:*:*:*:*:*:*",
              "matchCriteriaId": "0153181F-53C9-453D-8FE9-2F6CD28C42D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_desktop:3.3_base:*:*:*:*:*:*:*",
              "matchCriteriaId": "63B62AD7-FA10-401A-A971-436F1A569DE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_desktop:3.4.0373:*:*:*:*:*:*:*",
              "matchCriteriaId": "8902AA77-A1DD-4574-9372-21966A5D9083",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_desktop:3.4.1108:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A8A8E4A-980A-4451-BE99-548910BAB988",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_desktop:3.4.2048:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE277431-4101-4C0F-91DB-A1C15C0344FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_desktop:3.4_base:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7944946-5409-46D1-B0A7-45258381AB46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_desktop:3.5.841:*:*:*:*:*:*:*",
              "matchCriteriaId": "85641AF5-7A5B-4146-9806-E055420DB3AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_desktop:3.5.1077:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D5FC538-64F7-4F3D-9FAE-82D5015737DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_desktop:3.5.2001:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F72D901-C62C-41A0-8D68-72CB9508E507",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_desktop:3.5.2003:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D66E2FC-03B9-4DFA-9482-BEB324710850",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_desktop:3.5.2008:*:*:*:*:*:*:*",
              "matchCriteriaId": "D79AB614-C5B3-4116-B957-A42F6AD0DD6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_desktop:3.5_base:*:*:*:*:*:*:*",
              "matchCriteriaId": "E76EE9E1-9F27-4AA5-ADA4-BC412E19DE64",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_desktop:3.6.181:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1A4F9A8-DB02-45A0-ABE4-08683C798CC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_desktop:3.6.185:*:*:*:*:*:*:*",
              "matchCriteriaId": "71AF8E5A-42C5-42CB-8890-6F00BC1C471A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_desktop:3.6.1001:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CA7E7CD-E877-4868-B868-AF77F931F593",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_desktop:3.6.2002:*:*:*:*:*:*:*",
              "matchCriteriaId": "93F2063D-7955-4217-A13D-217ED25C5DAE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_desktop:3.6.3002:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA30F821-2963-4431-B25F-BB061CBCBE27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_desktop:3.6.4021:*:*:*:*:*:*:*",
              "matchCriteriaId": "689D7A99-1CB3-4930-8A0B-466DDC718D6D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_desktop:3.6.5005:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D9C94C7-3E8A-4E3A-A88F-648F755D3C3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_desktop:3.6.6020:*:*:*:*:*:*:*",
              "matchCriteriaId": "E85C2E16-2FA7-4810-A79A-64DD0A45D8C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_desktop:3.6.6104:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C34D6B4-540B-4A30-AB7D-6FB3890AF427",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_desktop:3.6.6203:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DD98EEB-4457-4F10-A3E0-C11C38A30914",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_desktop:3.6.6210:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA9319D8-95C9-47B2-9D9D-969B288E5C04",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_desktop:3.6.6228:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6A0928D-BBE5-4AC0-AC8E-CAA121FB9B3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_desktop:3.6.6234:*:*:*:*:*:*:*",
              "matchCriteriaId": "156B35FE-BE52-490C-B9CA-C269C8013830",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_desktop:3.6.6249:*:*:*:*:*:*:*",
              "matchCriteriaId": "C95ECD0C-E1FE-46C2-A1C3-64CF36C6BF76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_desktop:3.6_base:*:*:*:*:*:*:*",
              "matchCriteriaId": "59E3328E-EAE8-474F-A9DA-B6D397EBC24B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A certain Cisco JAR file, as distributed in Cache Cleaner in Cisco Secure Desktop (CSD), allows remote attackers to execute arbitrary commands via a crafted web site, aka Bug ID CSCup83001."
    },
    {
      "lang": "es",
      "value": "Cierto fichero Cisco JAR, distribuido en Cache Cleaner en Cisco Secure Desktop (CSD), permite a atacantes remotos ejecutar comandos arbitrarios a trav\u00e9s de un sitio web manipulado, tambi\u00e9n conocido como Bug ID CSCup83001."
    }
  ],
  "id": "CVE-2015-0691",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2015-04-17T01:59:25.420",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150415-csd"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1032140"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150415-csd"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1032140"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        },
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.


Loading…

Loading…