CVE-2015-6479

{"id": "CVE-2015-6479", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 2.8}]}, "published": "2016-04-21T10:59:01.537", "references": [{"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-105-01", "tags": ["Third Party Advisory", "US Government Resource"], "source": "ics-cert@hq.dhs.gov"}, {"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-105-01", "tags": ["Third Party Advisory", "US Government Resource"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "ACEmanager in Sierra Wireless ALEOS 4.4.2 and earlier on ES440, ES450, GX400, GX440, GX450, and LS300 devices allows remote attackers to read the filteredlogs.txt file, and consequently discover potentially sensitive boot-sequence information, via unspecified vectors."}, {"lang": "es", "value": "ACEmanager en Sierra Wireless ALEOS 4.4.2 y versiones anteriores en dispositivos ES440, ES450, GX400, GX440, GX450 y LS300 permite a atacantes remotos leer el archivo filteredlogs.txt, y consecuentemente descubrir informaci\u00f3n potencialmente sensible sobre la secuencia de arranque, a trav\u00e9s de vectores no especificados."}], "lastModified": "2024-11-21T02:35:03.080", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:sierrawireless:aleos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "30FB5223-A3DD-4914-8BEC-D2486E3B31E5", "versionEndIncluding": "4.4.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:sierrawireless:es440:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E2098BAB-AF80-4C32-A5B8-FD6296C74110"}, {"criteria": "cpe:2.3:h:sierrawireless:es450:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "524DF1AE-21F2-4AA6-99E7-6F98304FF845"}, {"criteria": "cpe:2.3:h:sierrawireless:gx400:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5CBA7B93-E1C2-41C6-B21E-6DA8B568D751"}, {"criteria": "cpe:2.3:h:sierrawireless:gx440:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "15DD2CF2-3A83-4ED7-BCD8-05F60782AE17"}, {"criteria": "cpe:2.3:h:sierrawireless:gx450:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2C12CF71-FE0E-44EA-9F2E-7CFB42E7C216"}, {"criteria": "cpe:2.3:h:sierrawireless:ls300:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5F4A4F52-F99E-4F72-8A2C-8D2CC21461BD"}], "operator": "OR"}], "operator": "AND"}], "evaluatorComment": "CWE-538: File and Directory Information Exposure", "sourceIdentifier": "ics-cert@hq.dhs.gov"}