CVE-2015-4287

{"id": "CVE-2015-4287", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2015-07-29T01:59:05.920", "references": [{"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40136", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "Cisco Firepower Extensible Operating System 1.1(1.86) on Firepower 9000 devices allows remote attackers to bypass intended access restrictions and obtain sensitive device information by visiting an unspecified web page, aka Bug ID CSCuu82230."}, {"lang": "es", "value": "Vulnerabilidad en Cisco Firepower Extensible Operating System 1.1(1.86) en dispositivos Firepower 9000, permite a atacantes remotos evadir la restricci\u00f3n destinada al acceso y obtener informaci\u00f3n sensible del dispositivo visitando una p\u00e1gina web no especificada, tambi\u00e9n conocida como Bug ID CSCuu82230."}], "lastModified": "2015-07-29T17:05:41.703", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:1.1\\(1.86\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0DCF5F07-33A1-48B3-B20A-FA6C13FDD469"}], "operator": "OR"}]}], "sourceIdentifier": "ykramarz@cisco.com"}