Strix
26.1K

CVE-2015-0691

UnknownEPSS 3.07%

Last modified

CVE-2015-0691 is a vulnerability of currently unknown severity. A certain Cisco JAR file, as distributed in Cache Cleaner in Cisco Secure Desktop (CSD), allows remote attackers to execute arbitrary commands via a crafted web site, aka Bug ID CSCup83001.. EPSS estimates a 3.07% chance of exploitation in the next 30 days.

Description

A certain Cisco JAR file, as distributed in Cache Cleaner in Cisco Secure Desktop (CSD), allows remote attackers to execute arbitrary commands via a crafted web site, aka Bug ID CSCup83001.

Metrics

EPSS Probability
3.07%

86.0th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
CiscoSecure Desktop3.0_base
CiscoSecure Desktop3.1.0.31
CiscoSecure Desktop3.1.1
CiscoSecure Desktop3.1.1.45
CiscoSecure Desktop3.1_base
CiscoSecure Desktop3.2.0.136
CiscoSecure Desktop3.2.1.103
CiscoSecure Desktop3.2.1.126
CiscoSecure Desktop3.2_base
CiscoSecure Desktop3.3.0.118
CiscoSecure Desktop3.3.0.151
CiscoSecure Desktop3.3_base
CiscoSecure Desktop3.4.0373
CiscoSecure Desktop3.4.1108
CiscoSecure Desktop3.4.2048
CiscoSecure Desktop3.4_base
CiscoSecure Desktop3.5.841
CiscoSecure Desktop3.5.1077
CiscoSecure Desktop3.5.2001
CiscoSecure Desktop3.5.2003
CiscoSecure Desktop3.5.2008
CiscoSecure Desktop3.5_base
CiscoSecure Desktop3.6.181
CiscoSecure Desktop3.6.185
CiscoSecure Desktop3.6.1001
CiscoSecure Desktop3.6.2002
CiscoSecure Desktop3.6.3002
CiscoSecure Desktop3.6.4021
CiscoSecure Desktop3.6.5005
CiscoSecure Desktop3.6.6020
CiscoSecure Desktop3.6.6104
CiscoSecure Desktop3.6.6203
CiscoSecure Desktop3.6.6210
CiscoSecure Desktop3.6.6228
CiscoSecure Desktop3.6.6234
CiscoSecure Desktop3.6.6249
CiscoSecure Desktop3.6_base

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2015-0691?
A certain Cisco JAR file, as distributed in Cache Cleaner in Cisco Secure Desktop (CSD), allows remote attackers to execute arbitrary commands via a crafted web site, aka Bug ID CSCup83001.
How severe is CVE-2015-0691?
Severity scoring for CVE-2015-0691 is pending analysis. The EPSS model estimates a 3.07% probability of exploitation in the next 30 days.
How do I fix CVE-2015-0691?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2015-0691?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST