Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2015-6420

EPSS 19.35% · P95
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2015-6420

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Serialized-object interfaces in certain Cisco Collaboration and Social Media; Endpoint Clients and Client Software; Network Application, Service, and Acceleration; Network and Content Security Devices; Network Management and Provisioning; Routing and Switching - Enterprise and Service Provider; Unified Computing; Voice and Unified Communications Devices; Video, Streaming, TelePresence, and Transcoding Devices; Wireless; and Cisco Hosted Services products allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
多款Cisco产品Apache Commons Collections库任意代码执行漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Apache Commons Collections(ACC)是美国阿帕奇(Apache)软件基金会的一个Apache Commons项目的Commons Proper(可重复利用Java组件库)中的组件,它可以扩展或增加Java集合框架。 多款Cisco产品的ACC库中使用的Java反序列化过程中存在安全漏洞。远程攻击者可通过提交特制的输入利用该漏洞执行任意代码。以下产品及版本受到影响:Cisco Digital Life RMS 1.8.1.1版本,Broadband Access Center Te
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2015-6420

#POC DescriptionSource LinkShenlong Link
1Nonehttps://github.com/Leeziao/CVE-2015-6420POC Details
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2015-6420

登录查看更多情报信息。

Same Patch Batch · n/a · 2015-12-15 · 23 CVEs total

CVE-2015-7498libxml2 缓冲区错误漏洞
CVE-2015-8572Autodesk Design Review 缓冲区溢出漏洞
CVE-2015-8571Autodesk Design Review 整数溢出漏洞
CVE-2015-8570Lepide Software Active Directory Self Service 权限许可和访问控制漏洞
CVE-2015-8377Cacti SQL注入漏洞
CVE-2015-8317libxml2 信息泄露漏洞
CVE-2015-8247Synnefo Internet Management Software 跨站脚本漏洞
CVE-2015-8242libxml2 信息泄露漏洞
CVE-2015-8241libxml2‘xmlNextChar’函数
CVE-2015-7500libxml2 缓冲区错误漏洞
CVE-2015-7499libxml2 缓冲区错误漏洞
CVE-2015-4206Cisco Unified Communications Manager 安全漏洞
CVE-2015-7497libxml2 缓冲区错误漏洞
CVE-2015-5312libxml2‘xmlStringLenDecodeEntities’函数资源管理错误漏洞
CVE-2015-8561Schneider Electric ProClima F1 Bookview 缓冲区溢出漏洞
CVE-2015-7918Schneider Electric ProClima F1BookView ActiveX控件缓冲区溢出漏洞
CVE-2015-6411Cisco FirePOWER Management Center Software 信息泄露漏洞
CVE-2015-6404Cisco Hosted Collaboration Mediation Fulfillment 信息泄露漏洞
CVE-2015-6403多款Cisco IP Phones产品任意文件上传漏洞
CVE-2015-6399Cisco Integrated Management Controller 资源管理错误漏洞

Showing top 20 of 23 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2015-6420

No comments yet

Leave a comment