VAR-201511-0215
Vulnerability from variot - Updated: 2025-04-13 23:22Cisco Content Delivery System Manager Software 3.2 on Videoscape Distribution Suite Service Manager allows remote attackers to obtain sensitive information via crafted URLs in REST API requests, aka Bug ID CSCuv86960. Successful exploits may allow an attacker to obtain sensitive information that may lead to further attacks. This issue is tracked by Cisco Bug ID CSCuv86960. The former is a set of management software for real-time analysis and reporting of CDN, and the latter is a set of browser-based console software for managing the configuration, monitoring and reporting of all CDEs on the entire network
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201511-0215",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "videoscape distribution suite service manager",
"scope": "eq",
"trust": 1.4,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "videoscape distribution suite service manager",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "3.2.0"
},
{
"model": "videoscape distribution suite service manager",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "3.2.0"
},
{
"model": "videoscape distribution suite service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "content delivery system manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-07560"
},
{
"db": "BID",
"id": "77579"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005926"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-248"
},
{
"db": "NVD",
"id": "CVE-2015-6364"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:cisco:videoscape_distribution_suite_service_manager",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005926"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco",
"sources": [
{
"db": "BID",
"id": "77579"
}
],
"trust": 0.3
},
"cve": "CVE-2015-6364",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2015-6364",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2015-07560",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-84325",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6364",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-6364",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2015-07560",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201511-248",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-84325",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-07560"
},
{
"db": "VULHUB",
"id": "VHN-84325"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005926"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-248"
},
{
"db": "NVD",
"id": "CVE-2015-6364"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Content Delivery System Manager Software 3.2 on Videoscape Distribution Suite Service Manager allows remote attackers to obtain sensitive information via crafted URLs in REST API requests, aka Bug ID CSCuv86960. \nSuccessful exploits may allow an attacker to obtain sensitive information that may lead to further attacks. \nThis issue is tracked by Cisco Bug ID CSCuv86960. The former is a set of management software for real-time analysis and reporting of CDN, and the latter is a set of browser-based console software for managing the configuration, monitoring and reporting of all CDEs on the entire network",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6364"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005926"
},
{
"db": "CNVD",
"id": "CNVD-2015-07560"
},
{
"db": "BID",
"id": "77579"
},
{
"db": "VULHUB",
"id": "VHN-84325"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6364",
"trust": 3.4
},
{
"db": "SECTRACK",
"id": "1034159",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005926",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201511-248",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2015-07560",
"trust": 0.6
},
{
"db": "BID",
"id": "77579",
"trust": 0.4
},
{
"db": "SEEBUG",
"id": "SSVID-89791",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-84325",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-07560"
},
{
"db": "VULHUB",
"id": "VHN-84325"
},
{
"db": "BID",
"id": "77579"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005926"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-248"
},
{
"db": "NVD",
"id": "CVE-2015-6364"
}
]
},
"id": "VAR-201511-0215",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-07560"
},
{
"db": "VULHUB",
"id": "VHN-84325"
}
],
"trust": 0.06999999999999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-07560"
}
]
},
"last_update_date": "2025-04-13T23:22:22.677000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20151112-vds",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151112-vds"
},
{
"title": "Patch for the Cisco Videoscape Distribution Suite Service Manager REST API Information Disclosure Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/66803"
},
{
"title": "Cisco Videoscape Distribution Suite Service Manager Content Delivery System Manager Software Repair measures for information disclosure vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58737"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-07560"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005926"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-248"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84325"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005926"
},
{
"db": "NVD",
"id": "CVE-2015-6364"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20151112-vds"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1034159"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6364"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6364"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-07560"
},
{
"db": "VULHUB",
"id": "VHN-84325"
},
{
"db": "BID",
"id": "77579"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005926"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-248"
},
{
"db": "NVD",
"id": "CVE-2015-6364"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2015-07560"
},
{
"db": "VULHUB",
"id": "VHN-84325"
},
{
"db": "BID",
"id": "77579"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005926"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-248"
},
{
"db": "NVD",
"id": "CVE-2015-6364"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-11-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-07560"
},
{
"date": "2015-11-14T00:00:00",
"db": "VULHUB",
"id": "VHN-84325"
},
{
"date": "2015-11-13T00:00:00",
"db": "BID",
"id": "77579"
},
{
"date": "2015-11-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005926"
},
{
"date": "2015-11-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201511-248"
},
{
"date": "2015-11-14T03:59:01.723000",
"db": "NVD",
"id": "CVE-2015-6364"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-11-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-07560"
},
{
"date": "2016-12-07T00:00:00",
"db": "VULHUB",
"id": "VHN-84325"
},
{
"date": "2015-11-13T00:00:00",
"db": "BID",
"id": "77579"
},
{
"date": "2015-11-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005926"
},
{
"date": "2015-11-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201511-248"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2015-6364"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201511-248"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Videoscape Distribution Suite Service Manager Run on Content Delivery System Manager Software Vulnerability where important information is obtained",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005926"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201511-248"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…