VAR-201508-0481
Vulnerability from variot - Updated: 2025-04-13 23:27The webGUI configuration-export feature in Cisco Edge Bluebird Operating System 1.2 on Edge 340 devices allows remote authenticated users to obtain sensitive information via unspecified vectors, aka Bug ID CSCuu43968. The Cisco Edge 340 Series Digital Media Player is a digital media playback application. An attacker can exploit this issue to gain access to sensitive information that may aid in further attacks. This issue is being tracked by Cisco Bug Id CSCuu43968
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201508-0481",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "edge bluebird operating system",
"scope": "eq",
"trust": 2.2,
"vendor": "cisco",
"version": "1.2"
},
{
"model": "edge bluebird operating system software",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "1.2.0"
},
{
"model": "edge bluebird operating system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.2"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-05531"
},
{
"db": "BID",
"id": "76349"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004359"
},
{
"db": "CNNVD",
"id": "CNNVD-201508-373"
},
{
"db": "NVD",
"id": "CVE-2015-4308"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:cisco:edge_bluebird_operating_system",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-004359"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco",
"sources": [
{
"db": "BID",
"id": "76349"
},
{
"db": "CNNVD",
"id": "CNNVD-201508-373"
}
],
"trust": 0.9
},
"cve": "CVE-2015-4308",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "CVE-2015-4308",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "CNVD-2015-05531",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "VHN-82269",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:C/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-4308",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-4308",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2015-05531",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201508-373",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-82269",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-05531"
},
{
"db": "VULHUB",
"id": "VHN-82269"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004359"
},
{
"db": "CNNVD",
"id": "CNNVD-201508-373"
},
{
"db": "NVD",
"id": "CVE-2015-4308"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The webGUI configuration-export feature in Cisco Edge Bluebird Operating System 1.2 on Edge 340 devices allows remote authenticated users to obtain sensitive information via unspecified vectors, aka Bug ID CSCuu43968. The Cisco Edge 340 Series Digital Media Player is a digital media playback application. \nAn attacker can exploit this issue to gain access to sensitive information that may aid in further attacks. \nThis issue is being tracked by Cisco Bug Id CSCuu43968",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-4308"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004359"
},
{
"db": "CNVD",
"id": "CNVD-2015-05531"
},
{
"db": "BID",
"id": "76349"
},
{
"db": "VULHUB",
"id": "VHN-82269"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-4308",
"trust": 3.4
},
{
"db": "BID",
"id": "76349",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1033280",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004359",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201508-373",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2015-05531",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-82269",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-05531"
},
{
"db": "VULHUB",
"id": "VHN-82269"
},
{
"db": "BID",
"id": "76349"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004359"
},
{
"db": "CNNVD",
"id": "CNNVD-201508-373"
},
{
"db": "NVD",
"id": "CVE-2015-4308"
}
]
},
"id": "VAR-201508-0481",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-05531"
},
{
"db": "VULHUB",
"id": "VHN-82269"
}
],
"trust": 1.2999999999999998
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-05531"
}
]
},
"last_update_date": "2025-04-13T23:27:31.986000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "40434",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40434"
},
{
"title": "\\302\\240Patch for Cisco Edge 340 Series Digital Media Player File View Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/62937"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-05531"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004359"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-82269"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004359"
},
{
"db": "NVD",
"id": "CVE-2015-4308"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=40434"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/76349"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1033280"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-4308"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-4308"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-05531"
},
{
"db": "VULHUB",
"id": "VHN-82269"
},
{
"db": "BID",
"id": "76349"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004359"
},
{
"db": "CNNVD",
"id": "CNNVD-201508-373"
},
{
"db": "NVD",
"id": "CVE-2015-4308"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2015-05531"
},
{
"db": "VULHUB",
"id": "VHN-82269"
},
{
"db": "BID",
"id": "76349"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004359"
},
{
"db": "CNNVD",
"id": "CNNVD-201508-373"
},
{
"db": "NVD",
"id": "CVE-2015-4308"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-08-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-05531"
},
{
"date": "2015-08-19T00:00:00",
"db": "VULHUB",
"id": "VHN-82269"
},
{
"date": "2015-08-13T00:00:00",
"db": "BID",
"id": "76349"
},
{
"date": "2015-08-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-004359"
},
{
"date": "2015-08-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201508-373"
},
{
"date": "2015-08-19T15:59:04.913000",
"db": "NVD",
"id": "CVE-2015-4308"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-08-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-05531"
},
{
"date": "2016-12-28T00:00:00",
"db": "VULHUB",
"id": "VHN-82269"
},
{
"date": "2015-08-13T00:00:00",
"db": "BID",
"id": "76349"
},
{
"date": "2015-08-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-004359"
},
{
"date": "2015-08-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201508-373"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2015-4308"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201508-373"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Edge 340 Run on device Edge Bluebird Operating System of WebGUI Vulnerability in which important information is acquired in the configuration export function",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-004359"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201508-373"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…