Vulnerability-Lookup

CVE-2015-6364 (GCVE-0-2015-6364)

Vulnerability from cvelistv5 – Published: 2015-11-14 02:00 – Updated: 2024-08-06 07:22

Summary

Severity ?

No CVSS data available.

CWE

Assigner

cisco

References

URL

CNVD-2015-07560

Vulnerability from cnvd - Published: 2015-11-17

Title

Cisco Videoscape Distribution Suite Service Manager REST API信息泄露漏洞

Description

Cisco Videoscape Distribution Suite Service Manager是一个扩展和增强的内容分发网络组件的服务管理程序。 Cisco Videoscape Distribution Suite Service Manager未能正确处理目标REST API，允许远程攻击者利用漏洞提交特殊的HTTP请求，查看敏感信息。

Severity

中

Patch Name

Cisco Videoscape Distribution Suite Service Manager REST API信息泄露漏洞的补丁

Patch Description

Formal description

用户可参考如下厂商提供的安全补丁以修复该漏洞： http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151112-vds

Reference

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151112-vds

Impacted products

Name
Cisco Videoscape Distribution Suite Service Manager 3.2

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2015-6364"
    }
  },
  "description": "Cisco Videoscape Distribution Suite Service Manager\u662f\u4e00\u4e2a\u6269\u5c55\u548c\u589e\u5f3a\u7684\u5185\u5bb9\u5206\u53d1\u7f51\u7edc\u7ec4\u4ef6\u7684\u670d\u52a1\u7ba1\u7406\u7a0b\u5e8f\u3002\r\n\r\nCisco Videoscape Distribution Suite Service Manager\u672a\u80fd\u6b63\u786e\u5904\u7406\u76ee\u6807REST API\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u63d0\u4ea4\u7279\u6b8a\u7684HTTP\u8bf7\u6c42\uff0c\u67e5\u770b\u654f\u611f\u4fe1\u606f\u3002",
  "discovererName": "Cisco",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u5382\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u8865\u4e01\u4ee5\u4fee\u590d\u8be5\u6f0f\u6d1e\uff1a\r\nhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151112-vds",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2015-07560",
  "openTime": "2015-11-17",
  "patchDescription": "Cisco Videoscape Distribution Suite Service Manager\u662f\u4e00\u4e2a\u6269\u5c55\u548c\u589e\u5f3a\u7684\u5185\u5bb9\u5206\u53d1\u7f51\u7edc\u7ec4\u4ef6\u7684\u670d\u52a1\u7ba1\u7406\u7a0b\u5e8f\u3002\r\nCisco Videoscape Distribution Suite Service Manager\u672a\u80fd\u6b63\u786e\u5904\u7406\u76ee\u6807REST API\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u63d0\u4ea4\u7279\u6b8a\u7684HTTP\u8bf7\u6c42\uff0c\u67e5\u770b\u654f\u611f\u4fe1\u606f\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cisco Videoscape Distribution Suite Service Manager REST API\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Cisco  Videoscape Distribution Suite Service Manager 3.2"
  },
  "referenceLink": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151112-vds",
  "serverity": "\u4e2d",
  "submitTime": "2015-11-15",
  "title": "Cisco Videoscape Distribution Suite Service Manager REST API\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e"
}

GHSA-R6MH-X664-PFH3

Vulnerability from github – Published: 2022-05-17 03:26 – Updated: 2022-05-17 03:26

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2015-6364"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2015-11-14T03:59:00Z",
    "severity": "MODERATE"
  },
  "details": "Cisco Content Delivery System Manager Software 3.2 on Videoscape Distribution Suite Service Manager allows remote attackers to obtain sensitive information via crafted URLs in REST API requests, aka Bug ID CSCuv86960.",
  "id": "GHSA-r6mh-x664-pfh3",
  "modified": "2022-05-17T03:26:57Z",
  "published": "2022-05-17T03:26:57Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-6364"
    },
    {
      "type": "WEB",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151112-vds"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1034159"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

FKIE_CVE-2015-6364

Vulnerability from fkie_nvd - Published: 2015-11-14 03:59 - Updated: 2025-04-12 10:46

Severity ?

Summary

References

URL	Tags
psirt@cisco.com	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151112-vds	Vendor Advisory
psirt@cisco.com	http://www.securitytracker.com/id/1034159
af854a3a-2127-422b-91ae-364da2661108	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151112-vds	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1034159

Impacted products

	Vendor	Product	Version
	cisco	videoscape_distribution_suite_service_manager	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:videoscape_distribution_suite_service_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC7F4DE1-3EB9-4DF6-92EA-F82E8350F481",
              "versionEndIncluding": "3.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cisco Content Delivery System Manager Software 3.2 on Videoscape Distribution Suite Service Manager allows remote attackers to obtain sensitive information via crafted URLs in REST API requests, aka Bug ID CSCuv86960."
    },
    {
      "lang": "es",
      "value": "Cisco Content Delivery System Manager Software 3.2 en Videoscape Distribution Suite Service Manager permite a atacantes remotos obtener informaci\u00f3n sensible a trav\u00e9s de URLs manipuladas en peticiones API REST, tambi\u00e9n conocido como Bug ID CSCuv86960."
    }
  ],
  "id": "CVE-2015-6364",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2015-11-14T03:59:01.723",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151112-vds"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securitytracker.com/id/1034159"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151112-vds"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1034159"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CERTFR-2015-AVI-489

Vulnerability from certfr_avis - Published: 2015-11-16 - Updated: 2015-11-16

De multiples vulnérabilités ont été corrigées dans les produits Cisco. Elles permettent à un attaquant de provoquer un déni de service à distance, un contournement de la politique de sécurité et une atteinte à la confidentialité des données.

Contournement provisoire

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Cisco	IOS	Cisco IOS Software Release 15.2(04)M
Cisco	N/A	Cisco Videoscape Distribution Suite Service Manager
Cisco	IOS	Cisco IOS Software Release 15.4(03)M
Cisco	N/A	Cisco Aironet 1800 Series utilisant la version 8.1(révision 131.0)

References

Title

Publication Time

GSD-2015-6364

Vulnerability from gsd - Updated: 2023-12-13 01:20

Details

Aliases

CVE-2015-6364

Aliases

CVE-2015-6364

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2015-6364",
    "description": "Cisco Content Delivery System Manager Software 3.2 on Videoscape Distribution Suite Service Manager allows remote attackers to obtain sensitive information via crafted URLs in REST API requests, aka Bug ID CSCuv86960.",
    "id": "GSD-2015-6364"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2015-6364"
      ],
      "details": "Cisco Content Delivery System Manager Software 3.2 on Videoscape Distribution Suite Service Manager allows remote attackers to obtain sensitive information via crafted URLs in REST API requests, aka Bug ID CSCuv86960.",
      "id": "GSD-2015-6364",
      "modified": "2023-12-13T01:20:04.541229Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "ID": "CVE-2015-6364",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Cisco Content Delivery System Manager Software 3.2 on Videoscape Distribution Suite Service Manager allows remote attackers to obtain sensitive information via crafted URLs in REST API requests, aka Bug ID CSCuv86960."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "20151113 Cisco Videoscape Distribution Suite Service Manager Information Disclosure Vulnerability",
            "refsource": "CISCO",
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151112-vds"
          },
          {
            "name": "1034159",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1034159"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:cisco:videoscape_distribution_suite_service_manager:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "3.2.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2015-6364"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Cisco Content Delivery System Manager Software 3.2 on Videoscape Distribution Suite Service Manager allows remote attackers to obtain sensitive information via crafted URLs in REST API requests, aka Bug ID CSCuv86960."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-200"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20151113 Cisco Videoscape Distribution Suite Service Manager Information Disclosure Vulnerability",
              "refsource": "CISCO",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151112-vds"
            },
            {
              "name": "1034159",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id/1034159"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2016-12-07T18:19Z",
      "publishedDate": "2015-11-14T03:59Z"
    }
  }
}

VAR-201511-0215

Vulnerability from variot - Updated: 2025-04-13 23:22

Cisco Content Delivery System Manager Software 3.2 on Videoscape Distribution Suite Service Manager allows remote attackers to obtain sensitive information via crafted URLs in REST API requests, aka Bug ID CSCuv86960. Successful exploits may allow an attacker to obtain sensitive information that may lead to further attacks. This issue is tracked by Cisco Bug ID CSCuv86960. The former is a set of management software for real-time analysis and reporting of CDN, and the latter is a set of browser-based console software for managing the configuration, monitoring and reporting of all CDEs on the entire network

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201511-0215",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "videoscape distribution suite service manager",
        "scope": "eq",
        "trust": 1.4,
        "vendor": "cisco",
        "version": "3.2"
      },
      {
        "model": "videoscape distribution suite service manager",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "3.2.0"
      },
      {
        "model": "videoscape distribution suite service manager",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "3.2.0"
      },
      {
        "model": "videoscape distribution suite service manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "content delivery system manager software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.2"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-07560"
      },
      {
        "db": "BID",
        "id": "77579"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-005926"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201511-248"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-6364"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:cisco:videoscape_distribution_suite_service_manager",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-005926"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco",
    "sources": [
      {
        "db": "BID",
        "id": "77579"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2015-6364",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2015-6364",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2015-07560",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-84325",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2015-6364",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2015-6364",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2015-07560",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201511-248",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-84325",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-07560"
      },
      {
        "db": "VULHUB",
        "id": "VHN-84325"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-005926"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201511-248"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-6364"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco Content Delivery System Manager Software 3.2 on Videoscape Distribution Suite Service Manager allows remote attackers to obtain sensitive information via crafted URLs in REST API requests, aka Bug ID CSCuv86960. \nSuccessful exploits may allow an attacker to obtain sensitive information that may lead to further attacks. \nThis issue is tracked by Cisco Bug ID CSCuv86960. The former is a set of management software for real-time analysis and reporting of CDN, and the latter is a set of browser-based console software for managing the configuration, monitoring and reporting of all CDEs on the entire network",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2015-6364"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-005926"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-07560"
      },
      {
        "db": "BID",
        "id": "77579"
      },
      {
        "db": "VULHUB",
        "id": "VHN-84325"
      }
    ],
    "trust": 2.52
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2015-6364",
        "trust": 3.4
      },
      {
        "db": "SECTRACK",
        "id": "1034159",
        "trust": 1.1
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-005926",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201511-248",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-07560",
        "trust": 0.6
      },
      {
        "db": "BID",
        "id": "77579",
        "trust": 0.4
      },
      {
        "db": "SEEBUG",
        "id": "SSVID-89791",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-84325",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-07560"
      },
      {
        "db": "VULHUB",
        "id": "VHN-84325"
      },
      {
        "db": "BID",
        "id": "77579"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-005926"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201511-248"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-6364"
      }
    ]
  },
  "id": "VAR-201511-0215",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-07560"
      },
      {
        "db": "VULHUB",
        "id": "VHN-84325"
      }
    ],
    "trust": 0.06999999999999999
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-07560"
      }
    ]
  },
  "last_update_date": "2025-04-13T23:22:22.677000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "cisco-sa-20151112-vds",
        "trust": 0.8,
        "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151112-vds"
      },
      {
        "title": "Patch for the Cisco Videoscape Distribution Suite Service Manager REST API Information Disclosure Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/66803"
      },
      {
        "title": "Cisco Videoscape Distribution Suite Service Manager Content Delivery System Manager Software Repair measures for information disclosure vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58737"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-07560"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-005926"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201511-248"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-200",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-84325"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-005926"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-6364"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.6,
        "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20151112-vds"
      },
      {
        "trust": 1.1,
        "url": "http://www.securitytracker.com/id/1034159"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6364"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6364"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-07560"
      },
      {
        "db": "VULHUB",
        "id": "VHN-84325"
      },
      {
        "db": "BID",
        "id": "77579"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-005926"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201511-248"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-6364"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-07560"
      },
      {
        "db": "VULHUB",
        "id": "VHN-84325"
      },
      {
        "db": "BID",
        "id": "77579"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-005926"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201511-248"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-6364"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2015-11-17T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2015-07560"
      },
      {
        "date": "2015-11-14T00:00:00",
        "db": "VULHUB",
        "id": "VHN-84325"
      },
      {
        "date": "2015-11-13T00:00:00",
        "db": "BID",
        "id": "77579"
      },
      {
        "date": "2015-11-17T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2015-005926"
      },
      {
        "date": "2015-11-16T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201511-248"
      },
      {
        "date": "2015-11-14T03:59:01.723000",
        "db": "NVD",
        "id": "CVE-2015-6364"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2015-11-17T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2015-07560"
      },
      {
        "date": "2016-12-07T00:00:00",
        "db": "VULHUB",
        "id": "VHN-84325"
      },
      {
        "date": "2015-11-13T00:00:00",
        "db": "BID",
        "id": "77579"
      },
      {
        "date": "2015-11-17T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2015-005926"
      },
      {
        "date": "2015-11-18T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201511-248"
      },
      {
        "date": "2025-04-12T10:46:40.837000",
        "db": "NVD",
        "id": "CVE-2015-6364"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201511-248"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco Videoscape Distribution Suite Service Manager Run on  Content Delivery System Manager Software Vulnerability where important information is obtained",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-005926"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "information disclosure",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201511-248"
      }
    ],
    "trust": 0.6
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2015-6364 (GCVE-0-2015-6364)

CNVD-2015-07560

GHSA-R6MH-X664-PFH3

FKIE_CVE-2015-6364

CERTFR-2015-AVI-489

Contournement provisoire

GSD-2015-6364

VAR-201511-0215

Tags

Sightings

Nomenclature