CyberSec.Space Logo
返回 CVE 浏览器

CVE-2015-6298

CRITICAL
9.0
CVSS Severity Score
EPSS Score0.0930%
EPSS Percentile35.53th
Published2015年11月6日
Last Modified2026年5月6日

Vulnerability Description

The admin web interface in Cisco AsyncOS 8.x before 8.0.8-113, 8.1.x and 8.5.x before 8.5.3-051, 8.6.x and 8.7.x before 8.7.0-171-LD, and 8.8.x before 8.8.0-085 on Web Security Appliance (WSA) devices allows remote authenticated users to obtain root privileges via crafted certificate-generation arguments, aka Bug ID CSCus83445.

Affected Platforms (CPE)

📦
Cisco

Web Security Appliance

= 8.5.0-497

References & Advisories

🔗 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151104-wsa
🔗 http://www.securitytracker.com/id/1034059
🔗 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151104-wsa
🔗 http://www.securitytracker.com/id/1034059

相关漏洞威胁

CVE-2016-92699.9

Remote Command Execution in com.trend.iwss.gui.servlet.ManagePatches in Trend Micro Interscan Web Security Virtual Appliance (IWSV...

CVE-2020-285789.8

A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an unauthenticated, remote attacker to...

CVE-2020-86069.8

A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to bypass authentication on...

CVE-2020-84659.8

A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to manipulate system updat...

CVE-2015-6298 Detail & Impact Analysis | CVSS 9.0 (CRITICAL) | Cyber-Sec.Space | Cyber-Sec.Space