CVE-2015-0691 - Vulnerability Details

Vendors	Products
Cisco	Secure Desktop

Link	Providers
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150415-csd
http://www.securitytracker.com/id/1032140

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-04-15T00:00:00", "descriptions": [{"lang": "en", "value": "A certain Cisco JAR file, as distributed in Cache Cleaner in Cisco Secure Desktop (CSD), allows remote attackers to execute arbitrary commands via a crafted web site, aka Bug ID CSCup83001."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-12-30T16:57:01", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "20150415 Cisco Secure Desktop Cache Cleaner Command Execution Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150415-csd"}, {"name": "1032140", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1032140"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2015-0691", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A certain Cisco JAR file, as distributed in Cache Cleaner in Cisco Secure Desktop (CSD), allows remote attackers to execute arbitrary commands via a crafted web site, aka Bug ID CSCup83001."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20150415 Cisco Secure Desktop Cache Cleaner Command Execution Vulnerability", "refsource": "CISCO", "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150415-csd"}, {"name": "1032140", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1032140"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T04:17:32.570Z"}, "title": "CVE Program Container", "references": [{"name": "20150415 Cisco Secure Desktop Cache Cleaner Command Execution Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150415-csd"}, {"name": "1032140", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1032140"}]}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2015-0691", "datePublished": "2015-04-17T01:00:00", "dateReserved": "2015-01-07T00:00:00", "dateUpdated": "2024-08-06T04:17:32.570Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : n/a (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : n/a (string)

}

]

}

]

datePublic : 2015-04-15T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : A certain Cisco JAR file, as distributed in Cache Cleaner in Cisco Secure Desktop (CSD), allows remote attackers to execute arbitrary commands via a crafted web site, aka Bug ID CSCup83001. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : n/a (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2016-12-30T16:57:01 (string)

orgId : d1c1063e-7a18-46af-9102-31f8928bc633 (string)

shortName : cisco (string)

}

references : [ »

0 : { »

name : 20150415 Cisco Secure Desktop Cache Cleaner Command Execution Vulnerability (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_CISCO (string)

]

url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150415-csd (string)

}

1 : { »

name : 1032140 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_SECTRACK (string)

]

url : http://www.securitytracker.com/id/1032140 (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : psirt@cisco.com (string)

ID : CVE-2015-0691 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : n/a (string)

version : { »

version_data : [ »

0 : { »

version_value : n/a (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : A certain Cisco JAR file, as distributed in Cache Cleaner in Cisco Secure Desktop (CSD), allows remote attackers to execute arbitrary commands via a crafted web site, aka Bug ID CSCup83001. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : n/a (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : 20150415 Cisco Secure Desktop Cache Cleaner Command Execution Vulnerability (string)

refsource : CISCO (string)

url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150415-csd (string)

}

1 : { »

name : 1032140 (string)

refsource : SECTRACK (string)

url : http://www.securitytracker.com/id/1032140 (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-06T04:17:32.570Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

name : 20150415 Cisco Secure Desktop Cache Cleaner Command Execution Vulnerability (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_CISCO (string)

2 : x_transferred (string)

]

url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150415-csd (string)

}

1 : { »

name : 1032140 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_SECTRACK (string)

2 : x_transferred (string)

]

url : http://www.securitytracker.com/id/1032140 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : d1c1063e-7a18-46af-9102-31f8928bc633 (string)

assignerShortName : cisco (string)

cveId : CVE-2015-0691 (string)

datePublished : 2015-04-17T01:00:00 (string)

dateReserved : 2015-01-07T00:00:00 (string)

dateUpdated : 2024-08-06T04:17:32.570Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:secure_desktop:3.0_base:*:*:*:*:*:*:*", "matchCriteriaId": "BE4B1CD7-A62B-4B19-99B1-876A6F4813D1", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_desktop:3.1.0.31:*:*:*:*:*:*:*", "matchCriteriaId": "89CA2699-7B66-4BFA-A1B8-2708F12D5F0C", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_desktop:3.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "7F2F8EA5-8DEF-48D0-9E7F-6047D4AECC5C", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_desktop:3.1.1.45:*:*:*:*:*:*:*", "matchCriteriaId": "21F5DFB0-21F4-45F7-B4AF-000B24DEA596", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_desktop:3.1_base:*:*:*:*:*:*:*", "matchCriteriaId": "66D3F03B-3B28-4A3C-900E-9B69BEBD5EE4", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_desktop:3.2.0.136:*:*:*:*:*:*:*", "matchCriteriaId": "6532A12D-93A9-4BF7-984A-9F683BD79253", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_desktop:3.2.1.103:*:*:*:*:*:*:*", "matchCriteriaId": "98A6CCB3-EE2A-4880-8C19-4227A16C8EB7", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_desktop:3.2.1.126:*:*:*:*:*:*:*", "matchCriteriaId": "30FA0F88-45CC-4AFA-864D-674BD0B98B9E", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_desktop:3.2_base:*:*:*:*:*:*:*", "matchCriteriaId": "A83EDA6C-CB7F-4E75-B8DD-4A68AAC4F1DE", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_desktop:3.3.0.118:*:*:*:*:*:*:*", "matchCriteriaId": "05C6754E-D07C-400E-91A1-1FF7D58FB6A7", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_desktop:3.3.0.151:*:*:*:*:*:*:*", "matchCriteriaId": "0153181F-53C9-453D-8FE9-2F6CD28C42D4", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_desktop:3.3_base:*:*:*:*:*:*:*", "matchCriteriaId": "63B62AD7-FA10-401A-A971-436F1A569DE0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_desktop:3.4.0373:*:*:*:*:*:*:*", "matchCriteriaId": "8902AA77-A1DD-4574-9372-21966A5D9083", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_desktop:3.4.1108:*:*:*:*:*:*:*", "matchCriteriaId": "0A8A8E4A-980A-4451-BE99-548910BAB988", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_desktop:3.4.2048:*:*:*:*:*:*:*", "matchCriteriaId": "FE277431-4101-4C0F-91DB-A1C15C0344FF", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_desktop:3.4_base:*:*:*:*:*:*:*", "matchCriteriaId": "B7944946-5409-46D1-B0A7-45258381AB46", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_desktop:3.5.841:*:*:*:*:*:*:*", "matchCriteriaId": "85641AF5-7A5B-4146-9806-E055420DB3AD", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_desktop:3.5.1077:*:*:*:*:*:*:*", "matchCriteriaId": "7D5FC538-64F7-4F3D-9FAE-82D5015737DE", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_desktop:3.5.2001:*:*:*:*:*:*:*", "matchCriteriaId": "4F72D901-C62C-41A0-8D68-72CB9508E507", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_desktop:3.5.2003:*:*:*:*:*:*:*", "matchCriteriaId": "3D66E2FC-03B9-4DFA-9482-BEB324710850", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_desktop:3.5.2008:*:*:*:*:*:*:*", "matchCriteriaId": "D79AB614-C5B3-4116-B957-A42F6AD0DD6F", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_desktop:3.5_base:*:*:*:*:*:*:*", "matchCriteriaId": "E76EE9E1-9F27-4AA5-ADA4-BC412E19DE64", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_desktop:3.6.181:*:*:*:*:*:*:*", "matchCriteriaId": "A1A4F9A8-DB02-45A0-ABE4-08683C798CC3", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_desktop:3.6.185:*:*:*:*:*:*:*", "matchCriteriaId": "71AF8E5A-42C5-42CB-8890-6F00BC1C471A", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_desktop:3.6.1001:*:*:*:*:*:*:*", "matchCriteriaId": "4CA7E7CD-E877-4868-B868-AF77F931F593", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_desktop:3.6.2002:*:*:*:*:*:*:*", "matchCriteriaId": "93F2063D-7955-4217-A13D-217ED25C5DAE", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_desktop:3.6.3002:*:*:*:*:*:*:*", "matchCriteriaId": "BA30F821-2963-4431-B25F-BB061CBCBE27", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_desktop:3.6.4021:*:*:*:*:*:*:*", "matchCriteriaId": "689D7A99-1CB3-4930-8A0B-466DDC718D6D", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_desktop:3.6.5005:*:*:*:*:*:*:*", "matchCriteriaId": "2D9C94C7-3E8A-4E3A-A88F-648F755D3C3A", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_desktop:3.6.6020:*:*:*:*:*:*:*", "matchCriteriaId": "E85C2E16-2FA7-4810-A79A-64DD0A45D8C3", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_desktop:3.6.6104:*:*:*:*:*:*:*", "matchCriteriaId": "7C34D6B4-540B-4A30-AB7D-6FB3890AF427", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_desktop:3.6.6203:*:*:*:*:*:*:*", "matchCriteriaId": "8DD98EEB-4457-4F10-A3E0-C11C38A30914", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_desktop:3.6.6210:*:*:*:*:*:*:*", "matchCriteriaId": "AA9319D8-95C9-47B2-9D9D-969B288E5C04", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_desktop:3.6.6228:*:*:*:*:*:*:*", "matchCriteriaId": "A6A0928D-BBE5-4AC0-AC8E-CAA121FB9B3D", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_desktop:3.6.6234:*:*:*:*:*:*:*", "matchCriteriaId": "156B35FE-BE52-490C-B9CA-C269C8013830", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_desktop:3.6.6249:*:*:*:*:*:*:*", "matchCriteriaId": "C95ECD0C-E1FE-46C2-A1C3-64CF36C6BF76", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_desktop:3.6_base:*:*:*:*:*:*:*", "matchCriteriaId": "59E3328E-EAE8-474F-A9DA-B6D397EBC24B", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A certain Cisco JAR file, as distributed in Cache Cleaner in Cisco Secure Desktop (CSD), allows remote attackers to execute arbitrary commands via a crafted web site, aka Bug ID CSCup83001."}, {"lang": "es", "value": "Cierto fichero Cisco JAR, distribuido en Cache Cleaner en Cisco Secure Desktop (CSD), permite a atacantes remotos ejecutar comandos arbitrarios a trav\u00e9s de un sitio web manipulado, tambi\u00e9n conocido como Bug ID CSCup83001."}], "id": "CVE-2015-0691", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2015-04-17T01:59:25.420", "references": [{"source": "psirt@cisco.com", "tags": ["Mitigation", "Vendor Advisory"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150415-csd"}, {"source": "psirt@cisco.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1032140"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mitigation", "Vendor Advisory"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150415-csd"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1032140"}], "sourceIdentifier": "psirt@cisco.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}, {"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:cisco:secure_desktop:3.0_base:*:*:*:*:*:*:* (string)

matchCriteriaId : BE4B1CD7-A62B-4B19-99B1-876A6F4813D1 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:cisco:secure_desktop:3.1.0.31:*:*:*:*:*:*:* (string)

matchCriteriaId : 89CA2699-7B66-4BFA-A1B8-2708F12D5F0C (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:cisco:secure_desktop:3.1.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 7F2F8EA5-8DEF-48D0-9E7F-6047D4AECC5C (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:cisco:secure_desktop:3.1.1.45:*:*:*:*:*:*:* (string)

matchCriteriaId : 21F5DFB0-21F4-45F7-B4AF-000B24DEA596 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:cisco:secure_desktop:3.1_base:*:*:*:*:*:*:* (string)

matchCriteriaId : 66D3F03B-3B28-4A3C-900E-9B69BEBD5EE4 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:cisco:secure_desktop:3.2.0.136:*:*:*:*:*:*:* (string)

matchCriteriaId : 6532A12D-93A9-4BF7-984A-9F683BD79253 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:a:cisco:secure_desktop:3.2.1.103:*:*:*:*:*:*:* (string)

matchCriteriaId : 98A6CCB3-EE2A-4880-8C19-4227A16C8EB7 (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:a:cisco:secure_desktop:3.2.1.126:*:*:*:*:*:*:* (string)

matchCriteriaId : 30FA0F88-45CC-4AFA-864D-674BD0B98B9E (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:a:cisco:secure_desktop:3.2_base:*:*:*:*:*:*:* (string)

matchCriteriaId : A83EDA6C-CB7F-4E75-B8DD-4A68AAC4F1DE (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:a:cisco:secure_desktop:3.3.0.118:*:*:*:*:*:*:* (string)

matchCriteriaId : 05C6754E-D07C-400E-91A1-1FF7D58FB6A7 (string)

vulnerable : true (boolean)

}

10 : { »

criteria : cpe:2.3:a:cisco:secure_desktop:3.3.0.151:*:*:*:*:*:*:* (string)

matchCriteriaId : 0153181F-53C9-453D-8FE9-2F6CD28C42D4 (string)

vulnerable : true (boolean)

}

11 : { »

criteria : cpe:2.3:a:cisco:secure_desktop:3.3_base:*:*:*:*:*:*:* (string)

matchCriteriaId : 63B62AD7-FA10-401A-A971-436F1A569DE0 (string)

vulnerable : true (boolean)

}

12 : { »

criteria : cpe:2.3:a:cisco:secure_desktop:3.4.0373:*:*:*:*:*:*:* (string)

matchCriteriaId : 8902AA77-A1DD-4574-9372-21966A5D9083 (string)

vulnerable : true (boolean)

}

13 : { »

criteria : cpe:2.3:a:cisco:secure_desktop:3.4.1108:*:*:*:*:*:*:* (string)

matchCriteriaId : 0A8A8E4A-980A-4451-BE99-548910BAB988 (string)

vulnerable : true (boolean)

}

14 : { »

criteria : cpe:2.3:a:cisco:secure_desktop:3.4.2048:*:*:*:*:*:*:* (string)

matchCriteriaId : FE277431-4101-4C0F-91DB-A1C15C0344FF (string)

vulnerable : true (boolean)

}

15 : { »

criteria : cpe:2.3:a:cisco:secure_desktop:3.4_base:*:*:*:*:*:*:* (string)

matchCriteriaId : B7944946-5409-46D1-B0A7-45258381AB46 (string)

vulnerable : true (boolean)

}

16 : { »

criteria : cpe:2.3:a:cisco:secure_desktop:3.5.841:*:*:*:*:*:*:* (string)

matchCriteriaId : 85641AF5-7A5B-4146-9806-E055420DB3AD (string)

vulnerable : true (boolean)

}

17 : { »

criteria : cpe:2.3:a:cisco:secure_desktop:3.5.1077:*:*:*:*:*:*:* (string)

matchCriteriaId : 7D5FC538-64F7-4F3D-9FAE-82D5015737DE (string)

vulnerable : true (boolean)

}

18 : { »

criteria : cpe:2.3:a:cisco:secure_desktop:3.5.2001:*:*:*:*:*:*:* (string)

matchCriteriaId : 4F72D901-C62C-41A0-8D68-72CB9508E507 (string)

vulnerable : true (boolean)

}

19 : { »

criteria : cpe:2.3:a:cisco:secure_desktop:3.5.2003:*:*:*:*:*:*:* (string)

matchCriteriaId : 3D66E2FC-03B9-4DFA-9482-BEB324710850 (string)

vulnerable : true (boolean)

}

20 : { »

criteria : cpe:2.3:a:cisco:secure_desktop:3.5.2008:*:*:*:*:*:*:* (string)

matchCriteriaId : D79AB614-C5B3-4116-B957-A42F6AD0DD6F (string)

vulnerable : true (boolean)

}

21 : { »

criteria : cpe:2.3:a:cisco:secure_desktop:3.5_base:*:*:*:*:*:*:* (string)

matchCriteriaId : E76EE9E1-9F27-4AA5-ADA4-BC412E19DE64 (string)

vulnerable : true (boolean)

}

22 : { »

criteria : cpe:2.3:a:cisco:secure_desktop:3.6.181:*:*:*:*:*:*:* (string)

matchCriteriaId : A1A4F9A8-DB02-45A0-ABE4-08683C798CC3 (string)

vulnerable : true (boolean)

}

23 : { »

criteria : cpe:2.3:a:cisco:secure_desktop:3.6.185:*:*:*:*:*:*:* (string)

matchCriteriaId : 71AF8E5A-42C5-42CB-8890-6F00BC1C471A (string)

vulnerable : true (boolean)

}

24 : { »

criteria : cpe:2.3:a:cisco:secure_desktop:3.6.1001:*:*:*:*:*:*:* (string)

matchCriteriaId : 4CA7E7CD-E877-4868-B868-AF77F931F593 (string)

vulnerable : true (boolean)

}

25 : { »

criteria : cpe:2.3:a:cisco:secure_desktop:3.6.2002:*:*:*:*:*:*:* (string)

matchCriteriaId : 93F2063D-7955-4217-A13D-217ED25C5DAE (string)

vulnerable : true (boolean)

}

26 : { »

criteria : cpe:2.3:a:cisco:secure_desktop:3.6.3002:*:*:*:*:*:*:* (string)

matchCriteriaId : BA30F821-2963-4431-B25F-BB061CBCBE27 (string)

vulnerable : true (boolean)

}

27 : { »

criteria : cpe:2.3:a:cisco:secure_desktop:3.6.4021:*:*:*:*:*:*:* (string)

matchCriteriaId : 689D7A99-1CB3-4930-8A0B-466DDC718D6D (string)

vulnerable : true (boolean)

}

28 : { »

criteria : cpe:2.3:a:cisco:secure_desktop:3.6.5005:*:*:*:*:*:*:* (string)

matchCriteriaId : 2D9C94C7-3E8A-4E3A-A88F-648F755D3C3A (string)

vulnerable : true (boolean)

}

29 : { »

criteria : cpe:2.3:a:cisco:secure_desktop:3.6.6020:*:*:*:*:*:*:* (string)

matchCriteriaId : E85C2E16-2FA7-4810-A79A-64DD0A45D8C3 (string)

vulnerable : true (boolean)

}

30 : { »

criteria : cpe:2.3:a:cisco:secure_desktop:3.6.6104:*:*:*:*:*:*:* (string)

matchCriteriaId : 7C34D6B4-540B-4A30-AB7D-6FB3890AF427 (string)

vulnerable : true (boolean)

}

31 : { »

criteria : cpe:2.3:a:cisco:secure_desktop:3.6.6203:*:*:*:*:*:*:* (string)

matchCriteriaId : 8DD98EEB-4457-4F10-A3E0-C11C38A30914 (string)

vulnerable : true (boolean)

}

32 : { »

criteria : cpe:2.3:a:cisco:secure_desktop:3.6.6210:*:*:*:*:*:*:* (string)

matchCriteriaId : AA9319D8-95C9-47B2-9D9D-969B288E5C04 (string)

vulnerable : true (boolean)

}

33 : { »

criteria : cpe:2.3:a:cisco:secure_desktop:3.6.6228:*:*:*:*:*:*:* (string)

matchCriteriaId : A6A0928D-BBE5-4AC0-AC8E-CAA121FB9B3D (string)

vulnerable : true (boolean)

}

34 : { »

criteria : cpe:2.3:a:cisco:secure_desktop:3.6.6234:*:*:*:*:*:*:* (string)

matchCriteriaId : 156B35FE-BE52-490C-B9CA-C269C8013830 (string)

vulnerable : true (boolean)

}

35 : { »

criteria : cpe:2.3:a:cisco:secure_desktop:3.6.6249:*:*:*:*:*:*:* (string)

matchCriteriaId : C95ECD0C-E1FE-46C2-A1C3-64CF36C6BF76 (string)

vulnerable : true (boolean)

}

36 : { »

criteria : cpe:2.3:a:cisco:secure_desktop:3.6_base:*:*:*:*:*:*:* (string)

matchCriteriaId : 59E3328E-EAE8-474F-A9DA-B6D397EBC24B (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : A certain Cisco JAR file, as distributed in Cache Cleaner in Cisco Secure Desktop (CSD), allows remote attackers to execute arbitrary commands via a crafted web site, aka Bug ID CSCup83001. (string)

}

1 : { »

lang : es (string)

value : Cierto fichero Cisco JAR, distribuido en Cache Cleaner en Cisco Secure Desktop (CSD), permite a atacantes remotos ejecutar comandos arbitrarios a través de un sitio web manipulado, también conocido como Bug ID CSCup83001. (string)

}

]

id : CVE-2015-0691 (string)

lastModified : 2025-04-12T10:46:40.837 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : HIGH (string)

cvssData : { »

accessComplexity : MEDIUM (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : COMPLETE (string)

baseScore : 9.3 (number)

confidentialityImpact : COMPLETE (string)

integrityImpact : COMPLETE (string)

vectorString : AV:N/AC:M/Au:N/C:C/I:C/A:C (string)

version : 2.0 (string)

}

exploitabilityScore : 8.6 (number)

impactScore : 10 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : true (boolean)

}

]

}

published : 2015-04-17T01:59:25.420 (string)

references : [ »

0 : { »

source : psirt@cisco.com (string)

tags : [ »

0 : Mitigation (string)

1 : Vendor Advisory (string)

]

url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150415-csd (string)

}

1 : { »

source : psirt@cisco.com (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : http://www.securitytracker.com/id/1032140 (string)

}

2 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Mitigation (string)

1 : Vendor Advisory (string)

]

url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150415-csd (string)

}

3 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : http://www.securitytracker.com/id/1032140 (string)

}

]

sourceIdentifier : psirt@cisco.com (string)

vulnStatus : Deferred (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-78 (string)

}

1 : { »

lang : en (string)

value : CWE-264 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object