CVE-2015-6839

Name: CVE-2015-6839
Creator: NVD / NIST
Published: 2017-10-23T18:29:00.837+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 0.40%

Last modified Jun 17, 2026

CVE-2015-6839 is a vulnerability of currently unknown severity. The parse function in MSA vot.Ar 3.1 does not check whether a candidate receives more than one vote, which allows physically proximate attackers to cast multiple votes for a candidate via a crafted RFID ballot tag.. EPSS estimates a 0.40% chance of exploitation in the next 30 days.

Description

The parse function in MSA vot.Ar 3.1 does not check whether a candidate receives more than one vote, which allows physically proximate attackers to cast multiple votes for a candidate via a crafted RFID ballot tag.

Metrics

EPSS Probability

0.40%

31.4th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-20

Affected Software

Vendor	Product	Versions
Grupo Msa	Vot.Ar	3.1

References

https://docs.google.com/document/d/13t1jqu-Upj4SyjYBMj3OMshdy6rGBrnb1R3P-goz-cs/edit?pli=1Issue Tracking, Third Party Advisory
https://docs.google.com/document/d/1aH6kvoLR8O1qWOpEz89FAB2xFcBNB-QqHgZpXxg0vGE/preview?sle=true&pli=1Issue Tracking, Third Party Advisory
https://www.eleccionesciudad.gob.ar/uploads/resoluciones/Informe_05-BALOTAJE-2015-07-17.pdfIssue Tracking, Third Party Advisory
https://www.youtube.com/watch?v=CTOCspLn6ZkThird Party Advisory
https://docs.google.com/document/d/13t1jqu-Upj4SyjYBMj3OMshdy6rGBrnb1R3P-goz-cs/edit?pli=1Issue Tracking, Third Party Advisory
https://docs.google.com/document/d/1aH6kvoLR8O1qWOpEz89FAB2xFcBNB-QqHgZpXxg0vGE/preview?sle=true&pli=1Issue Tracking, Third Party Advisory
https://www.eleccionesciudad.gob.ar/uploads/resoluciones/Informe_05-BALOTAJE-2015-07-17.pdfIssue Tracking, Third Party Advisory
https://www.youtube.com/watch?v=CTOCspLn6ZkThird Party Advisory

Timeline

Published: Oct 23, 2017
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2015-6839?

How severe is CVE-2015-6839?

Severity scoring for CVE-2015-6839 is pending analysis. The EPSS model estimates a 0.40% probability of exploitation in the next 30 days.

How do I fix CVE-2015-6839?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2015-6839?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST