CVE-2015-6364

{"id": "CVE-2015-6364", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2015-11-14T03:59:01.723", "references": [{"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151112-vds", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}, {"url": "http://www.securitytracker.com/id/1034159", "source": "ykramarz@cisco.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "Cisco Content Delivery System Manager Software 3.2 on Videoscape Distribution Suite Service Manager allows remote attackers to obtain sensitive information via crafted URLs in REST API requests, aka Bug ID CSCuv86960."}, {"lang": "es", "value": "Cisco Content Delivery System Manager Software 3.2 en Videoscape Distribution Suite Service Manager permite a atacantes remotos obtener informaci\u00f3n sensible a trav\u00e9s de URLs manipuladas en peticiones API REST, tambi\u00e9n conocido como Bug ID CSCuv86960."}], "lastModified": "2016-12-07T18:19:53.520", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:videoscape_distribution_suite_service_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FC7F4DE1-3EB9-4DF6-92EA-F82E8350F481", "versionEndIncluding": "3.2.0"}], "operator": "OR"}]}], "sourceIdentifier": "ykramarz@cisco.com"}