VAR-201506-0291
Vulnerability from variot - Updated: 2025-04-13 23:23Cisco IOS 12.2SCH on uBR10000 router Cable Modem Termination Systems (CMTS) does not properly restrict access to the IP Detail Record (IPDR) service, which allows remote attackers to obtain potentially sensitive MAC address and network-utilization information via crafted IPDR packets, aka Bug ID CSCua39203. Vendors have confirmed this vulnerability Bug ID CSCua39203 It is released as.Skillfully crafted by a third party IPDR Important through the packet MAC Information about address and network usage may be obtained. The Cisco uBR 10000 Series is a router device from Cisco. Cisco uBR10000 Series Universal Broadband Routers are prone to information disclosure vulnerability. A remote attacker may exploit this issue to gain potentially sensitive information. This may aid in further attacks. This issue is tracked by Cisco Bug ID CSCua39203. Cisco IOS on uBR10000 router Cable Modem Termination Systems (CMTS) is a set of operating system running on uBR10000 CMTS (Cable Modem Termination System) router of Cisco (Cisco)
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201506-0291",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ios",
"scope": "eq",
"trust": 2.4,
"vendor": "cisco",
"version": "12.2sch"
},
{
"model": "ios",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "12.2\\(33\\)sch"
},
{
"model": "ios 12.2sch",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "12.2(33)sch"
},
{
"model": "ubr10000 for router cable modem termination system",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "ubr10000 router cable modem termination systems",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ubr10000",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 sch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03987"
},
{
"db": "BID",
"id": "75321"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003228"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-350"
},
{
"db": "NVD",
"id": "CVE-2015-4202"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:cisco:ios",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:cisco:ubr10000_cable_modem_termination_system",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-003228"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco",
"sources": [
{
"db": "BID",
"id": "75321"
}
],
"trust": 0.3
},
"cve": "CVE-2015-4202",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2015-4202",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2015-03987",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-82163",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-4202",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-4202",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2015-03987",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201506-350",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-82163",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03987"
},
{
"db": "VULHUB",
"id": "VHN-82163"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003228"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-350"
},
{
"db": "NVD",
"id": "CVE-2015-4202"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco IOS 12.2SCH on uBR10000 router Cable Modem Termination Systems (CMTS) does not properly restrict access to the IP Detail Record (IPDR) service, which allows remote attackers to obtain potentially sensitive MAC address and network-utilization information via crafted IPDR packets, aka Bug ID CSCua39203. Vendors have confirmed this vulnerability Bug ID CSCua39203 It is released as.Skillfully crafted by a third party IPDR Important through the packet MAC Information about address and network usage may be obtained. The Cisco uBR 10000 Series is a router device from Cisco. Cisco uBR10000 Series Universal Broadband Routers are prone to information disclosure vulnerability. \nA remote attacker may exploit this issue to gain potentially sensitive information. This may aid in further attacks. \nThis issue is tracked by Cisco Bug ID CSCua39203. Cisco IOS on uBR10000 router Cable Modem Termination Systems (CMTS) is a set of operating system running on uBR10000 CMTS (Cable Modem Termination System) router of Cisco (Cisco)",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-4202"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003228"
},
{
"db": "CNVD",
"id": "CNVD-2015-03987"
},
{
"db": "BID",
"id": "75321"
},
{
"db": "VULHUB",
"id": "VHN-82163"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-4202",
"trust": 3.4
},
{
"db": "BID",
"id": "75321",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1032678",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003228",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201506-350",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2015-03987",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-82163",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03987"
},
{
"db": "VULHUB",
"id": "VHN-82163"
},
{
"db": "BID",
"id": "75321"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003228"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-350"
},
{
"db": "NVD",
"id": "CVE-2015-4202"
}
]
},
"id": "VAR-201506-0291",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03987"
},
{
"db": "VULHUB",
"id": "VHN-82163"
}
],
"trust": 1.2999999999999998
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03987"
}
]
},
"last_update_date": "2025-04-13T23:23:44.731000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "39432",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39432"
},
{
"title": "Patch for Cisco uBR10000 Series Universal Broadband Routers Information Disclosure Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/59983"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03987"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003228"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-82163"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003228"
},
{
"db": "NVD",
"id": "CVE-2015-4202"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=39432"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/75321"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1032678"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-4202"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-4202"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03987"
},
{
"db": "VULHUB",
"id": "VHN-82163"
},
{
"db": "BID",
"id": "75321"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003228"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-350"
},
{
"db": "NVD",
"id": "CVE-2015-4202"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2015-03987"
},
{
"db": "VULHUB",
"id": "VHN-82163"
},
{
"db": "BID",
"id": "75321"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003228"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-350"
},
{
"db": "NVD",
"id": "CVE-2015-4202"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-06-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-03987"
},
{
"date": "2015-06-20T00:00:00",
"db": "VULHUB",
"id": "VHN-82163"
},
{
"date": "2015-06-19T00:00:00",
"db": "BID",
"id": "75321"
},
{
"date": "2015-06-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-003228"
},
{
"date": "2015-06-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201506-350"
},
{
"date": "2015-06-20T14:59:01.947000",
"db": "NVD",
"id": "CVE-2015-4202"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-06-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-03987"
},
{
"date": "2016-12-28T00:00:00",
"db": "VULHUB",
"id": "VHN-82163"
},
{
"date": "2015-06-19T00:00:00",
"db": "BID",
"id": "75321"
},
{
"date": "2015-06-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-003228"
},
{
"date": "2015-06-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201506-350"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2015-4202"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201506-350"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco uBR10000 Important in cable modem termination systems for routers MAC Vulnerability to obtain information about address and network usage",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-003228"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201506-350"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…