CVE-2015-6296

Cisco Prime Network Registrar (CPNR) 8.1(3.3), 8.2(3), and 8.3(2) has a default account, which allows local users to obtain root access by leveraging knowledge of the credentials, aka Bug ID CSCuw21825.

Published: Sep 19, 2015
Updated: Apr 13, 2023
CVE: CVE-2015-6296
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
cisco / prime_network_registrar	8.2.3	8.2.3.x
cisco / prime_network_registrar	8.3.2	8.3.2.x
cisco / prime_network_registrar	8.1.3.3	8.1.3.3.x

http://tools.cisco.com/security/center/viewAlert.x?alertId=41041
http://www.securitytracker.com/id/1033613

Vulnerability Database

289,598

CVE-2015-6296