CVE-2015-6296

EUVD-2015-6238
Cisco Prime Network Registrar (CPNR) 8.1(3.3), 8.2(3), and 8.3(2) has a default account, which allows local users to obtain root access by leveraging knowledge of the credentials, aka Bug ID CSCuw21825.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.2 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 25%
Affected Products (NVD)
VendorProductVersion
ciscoprime_network_registrar
8.1.3.3
ciscoprime_network_registrar
8.2.3
ciscoprime_network_registrar
8.3.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://tools.cisco.com/security/center/viewAlert.x?alertId=41041
http://www.securitytracker.com/id/1033613
http://tools.cisco.com/security/center/viewAlert.x?alertId=41041
http://www.securitytracker.com/id/1033613