CVE-2015-6319

{"id": "CVE-2015-6319", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": true, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2016-01-27T22:59:00.100", "references": [{"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-rv220", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}, {"url": "http://www.securitytracker.com/id/1034830", "source": "ykramarz@cisco.com"}, {"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-rv220", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id/1034830", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-89"}]}], "descriptions": [{"lang": "en", "value": "SQL injection vulnerability in the web-based management interface on Cisco RV220W devices allows remote attackers to execute arbitrary SQL commands via a crafted header in an HTTP request, aka Bug ID CSCuv29574."}, {"lang": "es", "value": "Vulnerabilidad de inyecci\u00f3n SQL en la interfaz de gesti\u00f3n basada en web en dispositivos Cisco RV220W permite a atacantes remotos ejecutar comandos SQL arbitrarios a trav\u00e9s de una cabecera manipulada en una petici\u00f3n HTTP, tambi\u00e9n conocida como Bug ID CSCuv29574."}], "lastModified": "2024-11-21T02:34:46.617", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:rv016_multi-wan_vpn_router:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "217831DB-FC07-443B-B969-2513ACE0C0AA"}, {"criteria": "cpe:2.3:h:cisco:rv042_dual_wan_vpn_router:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "87905EBD-2C32-41C7-933E-168B1A5941F2"}, {"criteria": "cpe:2.3:h:cisco:rv042g_dual_gigabit_wan_vpn_router:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0008DDD6-A6A5-46A2-B9A0-1DC807E29E02"}, {"criteria": "cpe:2.3:h:cisco:rv082_dual_wan_vpn_router:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "37F1D3C2-8CD6-416D-80C2-3ECBB941DA55"}, {"criteria": "cpe:2.3:h:cisco:rv110w_wireless-n_vpn_firewall:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F95AABA7-ADCF-474B-A1AD-E55EFC09CF2A"}, {"criteria": "cpe:2.3:h:cisco:rv120w_wireless-n_vpn_firewall:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B3562EAC-7DD9-4D7E-8A54-577FAEDFD42B"}, {"criteria": "cpe:2.3:h:cisco:rv130_vpn_router:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0A7C79FC-EC93-4832-85EC-E7D5672A7DF4"}, {"criteria": "cpe:2.3:h:cisco:rv130w_wireless-n_multifunction_vpn_router:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4993AC7B-5E6F-4DB5-90D8-3181148BC7B0"}, {"criteria": "cpe:2.3:h:cisco:rv180_vpn_router:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8C656EE6-510D-4530-947E-6C1DE46EBC68"}, {"criteria": "cpe:2.3:h:cisco:rv180w_wireless-n_multifunction_vpn_router:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8A68C4AD-0FB1-45FE-BD04-C3DC8A716F3F"}, {"criteria": "cpe:2.3:h:cisco:rv215w_wireless-n_vpn_router:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "175F8546-DBBB-4C34-9B9A-A39A6E70F2AF"}, {"criteria": "cpe:2.3:h:cisco:rv220w_wireless_network_security_firewall:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5DD07AB5-E9DA-463F-B017-7A10FD8C2878"}, {"criteria": "cpe:2.3:h:cisco:rv320_dual_gigabit_wan_vpn_router:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "40BE4E08-761E-44B1-923C-8CAF3EA1B812"}, {"criteria": "cpe:2.3:h:cisco:rv320_dual_gigabit_wan_wf_vpn_router:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "22E350F7-5E72-4749-BBFE-021A3B838105"}, {"criteria": "cpe:2.3:h:cisco:rv325_dual_gigabit_wan_wf_vpn_router:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DE38F76A-20EB-4A00-A84D-F5F262E7A1AD"}, {"criteria": "cpe:2.3:h:cisco:rv325_dual_wan_gigabit_vpn_router:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "57228295-609D-4939-9FEF-71EFE6FFEAB6"}, {"criteria": "cpe:2.3:h:cisco:rvl200_4-port_ssl_ipsec_vpn_router:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F4558947-E413-4283-959A-B7C854BCECE6"}, {"criteria": "cpe:2.3:h:cisco:rvs4000_4-port_gigabit_security_router_-_vpn:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "54D7930A-EC68-4518-BA88-529A3D4F0919"}, {"criteria": "cpe:2.3:h:cisco:wrv200_wireless-g_vpn_router_-_rangebooster:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D22C7E67-0F47-416F-80A5-D218C655D275"}, {"criteria": "cpe:2.3:h:cisco:wrv210_wireless-g_vpn_router_-_rangebooster:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7618CAE2-22D2-44B1-8FE8-F29101B62D57"}, {"criteria": "cpe:2.3:h:cisco:wrvs4400n_wireless-n_gigabit_security_router_-_vpn_v2.0:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D0954EAD-6830-499E-BCE7-4F0FE1DDFE24"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:rv_series_router_firmware:1.0.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "82E9DB28-1575-415C-BE18-9ADFD6BA66D5"}, {"criteria": "cpe:2.3:o:cisco:rv_series_router_firmware:1.0.0.30:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1AE98C62-84E0-435F-A376-984B1819B94C"}, {"criteria": "cpe:2.3:o:cisco:rv_series_router_firmware:1.0.1.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EBC77F08-1A4A-46AC-8359-5B20BAA9989B"}, {"criteria": "cpe:2.3:o:cisco:rv_series_router_firmware:1.0.2.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FE637ED7-943B-45A3-A0B3-EEAE02A96693"}, {"criteria": "cpe:2.3:o:cisco:rv_series_router_firmware:1.0.3.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AA64F9F9-6843-4A74-8DC4-692B8A7E8394"}, {"criteria": "cpe:2.3:o:cisco:rv_series_router_firmware:1.0.4.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "95D5F5BE-8A32-415A-A686-5221C42EFD8B"}, {"criteria": "cpe:2.3:o:cisco:rv_series_router_firmware:1.0.4.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DCCDA0D3-AF8C-4EC2-8DC8-64322452C697"}, {"criteria": "cpe:2.3:o:cisco:rv_series_router_firmware:1.0.5.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CF064F34-25A3-474E-BCA8-BC135FA4B834"}, {"criteria": "cpe:2.3:o:cisco:rv_series_router_firmware:1.0.5.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1DEC997B-96CF-43E6-98C8-D6E469CA471D"}, {"criteria": "cpe:2.3:o:cisco:rv_series_router_firmware:1.0.6.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9B6AD360-866C-4E63-BA54-EAF697560D07"}, {"criteria": "cpe:2.3:o:cisco:rv_series_router_firmware:1.1.0.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A0B5DF7C-99D2-4CF9-A0AD-8D6BE5780CA7"}, {"criteria": "cpe:2.3:o:cisco:rv_series_router_firmware:1.2.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F60788C6-2130-4561-B1C8-72B138F2E9B7"}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_124:*:sparc:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "09B35C0E-6CBA-4B6B-BCD2-F5CC0BF8CF53"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "ykramarz@cisco.com"}