VAR-201601-0071
Vulnerability from variot - Updated: 2025-04-13 23:35HPE Network Switches with software 15.16.x and 15.17.x allow local users to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2015-6859. HPENetworkSwitches is a network switch from HP. There are security vulnerabilities in HPENetworkSwitches15.16.x and 15.17.x versions. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n a-c04920918
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04920918 Version: 2
HPSBHF03431 rev.2 - HPE Network Switches, local Bypass of Security Restrictions, Indirect Vulnerabilities
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2015-12-11 Last Updated: 2016-02-05
Potential Security Impact: Bypass Security Restrictions, Indirect Vulnerabilities
Source: Hewlett Packard Enterprise, Product Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HPE Network Switches.
Note: Versions 15.16.xxxx and 15.17.xxxx were incorrectly identified as vulnerable, the only affected versions are KB.15.18.0006 & KB.15.18.0007.
References:
PSRT102924 CVE-2015-6859 CVE-2015-6860
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HPE Aruba Network Switches Firmware Version KB.15.18.0007 HPE Aruba Network Switches Firmware Version KB.15.18.0006
Note: see the resolution section for a list of impacted switch model numbers
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2015-6859 (AV:L/AC:L/Au:S/C:P/I:P/A:P) 4.3 CVE-2015-6860 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HPE has made the following software update available to resolve the vulnerability.
HPE Network Switch software KB.16.01.0004
Impacted switch model numbers:
J9821A HP 5406R zl2 Switch J9822A HP 5412R zl2 Switch J9823A HP 5406R-Gig-T-PoE+/SFP+ v2 zl2 Swch J9824A HP 5406R-Gig-T-PoE+/SFP v2 zl2 Swch J9825A HP 5412R-Gig-T-PoE+/SFP+ v2 zl2 Swch J9826A HP 5412R-Gig-T-PoE+/SFP v2 zl2 Swch J9850A HP 5406R zl2 Switch J9851A HP 5412R zl2 Switch J9868A HP 5406R-8XGT/8SFP+ v2 zl2 Swch
HISTORY Version:1 (rev.1) - 10 November 2015 Initial release Version:2 (rev.2) - 5 February 2016 Revised impacted software, impacted hardware products and resolution
Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HPE Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hpe.com.
Report: To report a potential security vulnerability with any HPE supported product, send Email to: security-alert@hpe.com
Subscribe: To initiate a subscription to receive future HPE Security Bulletin alerts via Email: http://www.hpe.com/support/Subscriber_Choice
Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://www.hpe.com/support/Security_Bulletin_Archive
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HPE General Software HF = HPE Hardware and Firmware MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PV = ProCurve ST = Storage Software UX = HP-UX
Copyright 2016 Hewlett Packard Enterprise
Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett Packard Enterprise and the names of Hewlett Packard Enterprise products referenced herein are trademarks of Hewlett Packard Enterprise in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQEcBAEBAgAGBQJWtRJOAAoJEGIGBBYqRO9/pWAIAKRQ3fJDht7qQ0V4UrprOMan N7KBj2Tt7DMqD8+xo4+pxqhJWE7077JKG83mELpvkGKG3t4kUVtc147aNUOOqk7T JvDoIN3JdvMI8bYZaNAPKeUR0bcODQ2eRvkzc1IBhvTlal9qMi13LuJMT369mUDc KobEP3qPUca1RDZOu6TMIzietJJVp+IkMcmtU7BW3chTGEOFW6n39MPzokqvI7PK QK038FTZpLtuN0Xhhfq8RmI3L1Ef33fLPoUnIy0dxGZW7hRfGw4Tu7jk7hU30DDp aC83KOH3uQ9t9XSFts1ln4F7OtGO7mWR0UKKWvuiHvRIErTyiv5OBmAb8mAzLyE= =+zEy -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201601-0071",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "j8715b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "j9851a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "j8992a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "j9540a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "j9825a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "j8697a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "j9473a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "j9821a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "j9588a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "j9447a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "j9822a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "j9824a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "j8698a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "j9866a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "j9850a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "j9638a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "j9532a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "j9586a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "j9452a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "j9587a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "j9264a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "j9533a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "j9573a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "j9448a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "j9472a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "j9539a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "j9823a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "j9826a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "j9475a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "j9471a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "j9585a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "j8693a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "j9642a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "network switch software",
"scope": "lte",
"trust": 1.0,
"vendor": "hp",
"version": "15.18.0"
},
{
"model": "j8715a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "j9091a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "j9584a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "j9575a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "j9640a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "j9576a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "j9311a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "j9451a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "j9470a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "j9643a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "j9265a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "j8700a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "j9639a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "j9574a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "j8699a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "j9868a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "j8692a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "j9310a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "j9263a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "j9641a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "hpe network switch software",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "15.16.x"
},
{
"model": "hpe network switch software",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "15.17.x"
},
{
"model": "j8692a",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "hp 3500-24g-poe yl switch"
},
{
"model": "j8693a",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "hp 3500-48g-poe yl switch"
},
{
"model": "j8697a",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "hp e5406 zl switch chassis"
},
{
"model": "j8698a",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "hp e5412 zl switch chassis"
},
{
"model": "j8699a",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "hp 5406-48g zl switch"
},
{
"model": "j8700a",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "hp 5412-96g zl switch"
},
{
"model": "j8715a",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "procurve switch 8212zl base system"
},
{
"model": "j8715b",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "hp e8212 zl switch base system"
},
{
"model": "j8992a",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "hp 6200-24g-mgbic yl switch"
},
{
"model": "j9091a",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "procurve switch 8212zl chassis and fan tray"
},
{
"model": "j9263a",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "hp e6600-24g switch"
},
{
"model": "j9264a",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "hp 6600-24g-4xg switch"
},
{
"model": "j9265a",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "hp 6600-24xg switch"
},
{
"model": "j9310a",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "hp 3500-24g-poe+ yl switch"
},
{
"model": "j9447a",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "hp 5406-44g-poe+-4sfp zl switch"
},
{
"model": "j9448a",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "hp 5412-92g-poe+-4sfp zl switch"
},
{
"model": "j9451a",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "hp e6600-48g switch"
},
{
"model": "j9452a",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "hp 6600-48g-4xg switch"
},
{
"model": "j9470a",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "hp 3500-24 switch"
},
{
"model": "j9471a",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "hp 3500-24-poe switch"
},
{
"model": "j9472a",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "hp 3500-48 switch"
},
{
"model": "j9473a",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "hp 3500-48-poe switch"
},
{
"model": "j9475a",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "hp e8206 zl switch base system"
},
{
"model": "j9532a",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "hp 5412-92g-poe+-2xg v2 zl swch w pm sw"
},
{
"model": "j9533a",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "hp 5406-44g-poe+-2xg v2 zl swch w pm sw"
},
{
"model": "j9539a",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "hp 5406-44g-poe+-4g v2 zl swch w prm sw"
},
{
"model": "j9540a",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "hp 5412-92g-poe+-4g v2 zl swch w prm sw"
},
{
"model": "j9573a",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "hp 3800-24g-poe+-2sfp+ switch"
},
{
"model": "j9574a",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "hp 3800-48g-poe+-4sfp+ switch"
},
{
"model": "j9575a",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "hp 3800-24g-2sfp+ switch"
},
{
"model": "j9576a",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "hp 3800-48g-4sfp+ switch"
},
{
"model": "j9584a",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "hp 3800-24sfp-2sfp+ switch"
},
{
"model": "j9585a",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "hp 3800-24g-2xg switch"
},
{
"model": "j9586a",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "hp 3800-48g-4xg switch"
},
{
"model": "j9587a",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "hp 3800-24g-poe+-2xg switch"
},
{
"model": "j9588a",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "hp 3800-48g-poe+-4xg switch"
},
{
"model": "j9638a",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "hp 8206-44g-poe+-2xg v2 zl swch w pm sw"
},
{
"model": "j9639a",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "hp 8212-92g-poe+-2xg v2 zl swch w pm sw"
},
{
"model": "j9640a",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "hp 8206 zl switch w/premium software"
},
{
"model": "j9641a",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "hp 8212 zl switch with premium sw"
},
{
"model": "j9642a",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "hp 5406 zl switch with premium software"
},
{
"model": "j9643a",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "hp 5412 zl switch with premium software"
},
{
"model": "j9821a",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "hp 5406r zl2 switch"
},
{
"model": "j9822a",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "hp 5412r zl2 switch"
},
{
"model": "j9823a",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "hp 5406r-gig-t-poe+/sfp+ v2 zl2 swch"
},
{
"model": "j9824a",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "hp 5406r-gig-t-poe+/sfp v2 zl2 swch"
},
{
"model": "j9825a",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "hp 5412r-gig-t-poe+/sfp+ v2 zl2 swch"
},
{
"model": "j9826a",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "hp 5412r-gig-t-poe+/sfp v2 zl2 swch"
},
{
"model": "j9850a",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "hp 5406r zl2 switch"
},
{
"model": "j9851a",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "hp 5412r zl2 switch"
},
{
"model": "j9866a",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "hp 5406 8p10gt 8p10ge swch and psw"
},
{
"model": "j9868a",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "hp 5406r-8xgt/8sfp+ v2 zl2 swch"
},
{
"model": "hpe network switches",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "15.16.x"
},
{
"model": "hpe network switches",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "15.17.x"
},
{
"model": "network switch software",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "15.18.0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00113"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006614"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-064"
},
{
"db": "NVD",
"id": "CVE-2015-6860"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:hp:network_switch_software",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:hp:j8692a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:hp:j8693a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:hp:j8697a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:hp:j8698a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:hp:j8699a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:hp:j8700a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:hp:j8715a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:hp:j8715b",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:hp:j8992a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:hp:j9091a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:hp:j9263a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:hp:j9264a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:hp:j9265a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:hp:j9310a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:hp:j9447a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:hp:j9448a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:hp:j9451a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:hp:j9452a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:hp:j9470a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:hp:j9471a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:hp:j9472a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:hp:j9473a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:hp:j9475a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:hp:j9532a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:hp:j9533a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:hp:j9539a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:hp:j9540a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:hp:j9573a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:hp:j9574a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:hp:j9575a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:hp:j9576a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:hp:j9584a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:hp:j9585a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:hp:j9586a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:hp:j9587a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:hp:j9588a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:hp:j9638a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:hp:j9639a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:hp:j9640a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:hp:j9641a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:hp:j9642a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:hp:j9643a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:hp:j9821a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:hp:j9822a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:hp:j9823a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:hp:j9824a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:hp:j9825a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:hp:j9826a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:hp:j9850a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:hp:j9851a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:hp:j9866a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:hp:j9868a",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006614"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HP",
"sources": [
{
"db": "BID",
"id": "79874"
},
{
"db": "PACKETSTORM",
"id": "134789"
},
{
"db": "PACKETSTORM",
"id": "136525"
},
{
"db": "PACKETSTORM",
"id": "135659"
}
],
"trust": 0.6
},
"cve": "CVE-2015-6860",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CVE-2015-6860",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CNVD-2016-00113",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-84821",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.5,
"id": "CVE-2015-6860",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6860",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-6860",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2016-00113",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201601-064",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-84821",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00113"
},
{
"db": "VULHUB",
"id": "VHN-84821"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006614"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-064"
},
{
"db": "NVD",
"id": "CVE-2015-6860"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HPE Network Switches with software 15.16.x and 15.17.x allow local users to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2015-6859. HPENetworkSwitches is a network switch from HP. There are security vulnerabilities in HPENetworkSwitches15.16.x and 15.17.x versions. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n\na-c04920918\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c04920918\nVersion: 2\n\nHPSBHF03431 rev.2 - HPE Network Switches, local Bypass of Security\nRestrictions, Indirect Vulnerabilities\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2015-12-11\nLast Updated: 2016-02-05\n\nPotential Security Impact: Bypass Security Restrictions, Indirect\nVulnerabilities\n\nSource: Hewlett Packard Enterprise, Product Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HPE Network\nSwitches. \n\nNote: Versions 15.16.xxxx and 15.17.xxxx were incorrectly identified as\nvulnerable, the only affected versions are KB.15.18.0006 \u0026 KB.15.18.0007. \n\nReferences:\n\nPSRT102924\nCVE-2015-6859\nCVE-2015-6860\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \n\nHPE Aruba Network Switches Firmware Version KB.15.18.0007\nHPE Aruba Network Switches Firmware Version KB.15.18.0006\n\nNote: see the resolution section for a list of impacted switch model numbers\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2015-6859 (AV:L/AC:L/Au:S/C:P/I:P/A:P) 4.3\nCVE-2015-6860 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHPE has made the following software update available to resolve the\nvulnerability. \n\nHPE Network Switch software KB.16.01.0004\n\nImpacted switch model numbers:\n\nJ9821A HP 5406R zl2 Switch\nJ9822A HP 5412R zl2 Switch\nJ9823A HP 5406R-Gig-T-PoE+/SFP+ v2 zl2 Swch\nJ9824A HP 5406R-Gig-T-PoE+/SFP v2 zl2 Swch\nJ9825A HP 5412R-Gig-T-PoE+/SFP+ v2 zl2 Swch\nJ9826A HP 5412R-Gig-T-PoE+/SFP v2 zl2 Swch\nJ9850A HP 5406R zl2 Switch\nJ9851A HP 5412R zl2 Switch\nJ9868A HP 5406R-8XGT/8SFP+ v2 zl2 Swch\n\nHISTORY\nVersion:1 (rev.1) - 10 November 2015 Initial release\nVersion:2 (rev.2) - 5 February 2016 Revised impacted software, impacted\nhardware products and resolution\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running Hewlett Packard Enterprise (HPE) software\nproducts should be applied in accordance with the customer\u0027s patch management\npolicy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HPE Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hpe.com. \n\nReport: To report a potential security vulnerability with any HPE supported\nproduct, send Email to: security-alert@hpe.com\n\nSubscribe: To initiate a subscription to receive future HPE Security Bulletin\nalerts via Email: http://www.hpe.com/support/Subscriber_Choice\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here: http://www.hpe.com/support/Security_Bulletin_Archive\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HPE General Software\nHF = HPE Hardware and Firmware\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPV = ProCurve\nST = Storage Software\nUX = HP-UX\n\nCopyright 2016 Hewlett Packard Enterprise\n\nHewlett Packard Enterprise shall not be liable for technical or editorial\nerrors or omissions contained herein. The information provided is provided\n\"as is\" without warranty of any kind. To the extent permitted by law, neither\nHP or its affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. Hewlett\nPackard Enterprise and the names of Hewlett Packard Enterprise products\nreferenced herein are trademarks of Hewlett Packard Enterprise in the United\nStates and other countries. Other product and company names mentioned herein\nmay be trademarks of their respective owners. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQEcBAEBAgAGBQJWtRJOAAoJEGIGBBYqRO9/pWAIAKRQ3fJDht7qQ0V4UrprOMan\nN7KBj2Tt7DMqD8+xo4+pxqhJWE7077JKG83mELpvkGKG3t4kUVtc147aNUOOqk7T\nJvDoIN3JdvMI8bYZaNAPKeUR0bcODQ2eRvkzc1IBhvTlal9qMi13LuJMT369mUDc\nKobEP3qPUca1RDZOu6TMIzietJJVp+IkMcmtU7BW3chTGEOFW6n39MPzokqvI7PK\nQK038FTZpLtuN0Xhhfq8RmI3L1Ef33fLPoUnIy0dxGZW7hRfGw4Tu7jk7hU30DDp\naC83KOH3uQ9t9XSFts1ln4F7OtGO7mWR0UKKWvuiHvRIErTyiv5OBmAb8mAzLyE=\n=+zEy\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6860"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006614"
},
{
"db": "CNVD",
"id": "CNVD-2016-00113"
},
{
"db": "BID",
"id": "79874"
},
{
"db": "VULHUB",
"id": "VHN-84821"
},
{
"db": "PACKETSTORM",
"id": "134789"
},
{
"db": "PACKETSTORM",
"id": "136525"
},
{
"db": "PACKETSTORM",
"id": "135659"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6860",
"trust": 3.7
},
{
"db": "SECTRACK",
"id": "1034410",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006614",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201601-064",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2016-00113",
"trust": 0.6
},
{
"db": "BID",
"id": "79874",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-84821",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "134789",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136525",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "135659",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00113"
},
{
"db": "VULHUB",
"id": "VHN-84821"
},
{
"db": "BID",
"id": "79874"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006614"
},
{
"db": "PACKETSTORM",
"id": "134789"
},
{
"db": "PACKETSTORM",
"id": "136525"
},
{
"db": "PACKETSTORM",
"id": "135659"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-064"
},
{
"db": "NVD",
"id": "CVE-2015-6860"
}
]
},
"id": "VAR-201601-0071",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00113"
},
{
"db": "VULHUB",
"id": "VHN-84821"
}
],
"trust": 1.575
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00113"
}
]
},
"last_update_date": "2025-04-13T23:35:05.770000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HPSBHF03431",
"trust": 0.8,
"url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04920918"
},
{
"title": "HPENetworkSwitches Local Security Bypass Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/69693"
},
{
"title": "HPE Network Switches Fixes for permission permissions and access control vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=59460"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00113"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006614"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-064"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84821"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006614"
},
{
"db": "NVD",
"id": "CVE-2015-6860"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.5,
"url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04920918"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04920918"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1034410"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6860"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6860"
},
{
"trust": 0.3,
"url": "https://www.hpe.com/emea_europe/en/networking/switches.html"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_n"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6859"
},
{
"trust": 0.3,
"url": "http://www.hpe.com/support/security_bulletin_archive"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6860"
},
{
"trust": 0.3,
"url": "http://www.hpe.com/support/subscriber_choice"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00113"
},
{
"db": "VULHUB",
"id": "VHN-84821"
},
{
"db": "BID",
"id": "79874"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006614"
},
{
"db": "PACKETSTORM",
"id": "134789"
},
{
"db": "PACKETSTORM",
"id": "136525"
},
{
"db": "PACKETSTORM",
"id": "135659"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-064"
},
{
"db": "NVD",
"id": "CVE-2015-6860"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-00113"
},
{
"db": "VULHUB",
"id": "VHN-84821"
},
{
"db": "BID",
"id": "79874"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006614"
},
{
"db": "PACKETSTORM",
"id": "134789"
},
{
"db": "PACKETSTORM",
"id": "136525"
},
{
"db": "PACKETSTORM",
"id": "135659"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-064"
},
{
"db": "NVD",
"id": "CVE-2015-6860"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-01-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-00113"
},
{
"date": "2016-01-05T00:00:00",
"db": "VULHUB",
"id": "VHN-84821"
},
{
"date": "2015-12-11T00:00:00",
"db": "BID",
"id": "79874"
},
{
"date": "2016-01-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006614"
},
{
"date": "2015-12-14T16:42:15",
"db": "PACKETSTORM",
"id": "134789"
},
{
"date": "2016-04-04T16:45:38",
"db": "PACKETSTORM",
"id": "136525"
},
{
"date": "2016-02-08T18:22:00",
"db": "PACKETSTORM",
"id": "135659"
},
{
"date": "2016-01-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-064"
},
{
"date": "2016-01-05T11:59:06.520000",
"db": "NVD",
"id": "CVE-2015-6860"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-01-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-00113"
},
{
"date": "2016-12-07T00:00:00",
"db": "VULHUB",
"id": "VHN-84821"
},
{
"date": "2016-07-05T22:02:00",
"db": "BID",
"id": "79874"
},
{
"date": "2016-01-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006614"
},
{
"date": "2016-02-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-064"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2015-6860"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "79874"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-064"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural HPE Network Switch Vulnerabilities that prevent access restrictions in other software",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006614"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-064"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…