CVE-2015-6019 - OpenCVE

The management portal on ZyXEL PMG5318-B20A devices with firmware 1.00AANC0b5 does not terminate sessions upon a logout action, which allows remote attackers to bypass intended access restrictions by leveraging an unattended workstation.

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact Low

Integrity Impact High

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:L/Au:N/C:N/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Zyxel	Pmg5318-b20a Firmware

Configuration 1 [-]

cpe:2.3:o:zyxel:pmg5318-b20a_firmware:v100aanc0b5:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://www.securitytracker.com/id/1034553
https://www.kb.cert.org/vuls/id/870744
https://www.kb.cert.org/vuls/id/BLUU-9ZQU2R

History

No history.

MITRE

Status: PUBLISHED

Assigner: certcc

Published: 2015-12-31T02:00:00

Updated: 2024-08-06T07:06:34.982Z

Reserved: 2015-08-14T00:00:00

Link: CVE-2015-6019

Vulnrichment

No data.

NVD

Status : Modified

Published: 2015-12-31T05:59:17.727

Modified: 2016-12-07T18:17:42.343

Link: CVE-2015-6019

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-10-13T00:00:00", "descriptions": [{"lang": "en", "value": "The management portal on ZyXEL PMG5318-B20A devices with firmware 1.00AANC0b5 does not terminate sessions upon a logout action, which allows remote attackers to bypass intended access restrictions by leveraging an unattended workstation."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-12-05T14:57:01", "orgId": "37e5125f-f79b-445b-8fad-9564f167944b", "shortName": "certcc"}, "references": [{"name": "1034553", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1034553"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://www.kb.cert.org/vuls/id/BLUU-9ZQU2R"}, {"name": "VU#870744", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "https://www.kb.cert.org/vuls/id/870744"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cert@cert.org", "ID": "CVE-2015-6019", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The management portal on ZyXEL PMG5318-B20A devices with firmware 1.00AANC0b5 does not terminate sessions upon a logout action, which allows remote attackers to bypass intended access restrictions by leveraging an unattended workstation."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "1034553", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034553"}, {"name": "https://www.kb.cert.org/vuls/id/BLUU-9ZQU2R", "refsource": "CONFIRM", "url": "https://www.kb.cert.org/vuls/id/BLUU-9ZQU2R"}, {"name": "VU#870744", "refsource": "CERT-VN", "url": "https://www.kb.cert.org/vuls/id/870744"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T07:06:34.982Z"}, "title": "CVE Program Container", "references": [{"name": "1034553", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1034553"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.kb.cert.org/vuls/id/BLUU-9ZQU2R"}, {"name": "VU#870744", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "https://www.kb.cert.org/vuls/id/870744"}]}]}, "cveMetadata": {"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b", "assignerShortName": "certcc", "cveId": "CVE-2015-6019", "datePublished": "2015-12-31T02:00:00", "dateReserved": "2015-08-14T00:00:00", "dateUpdated": "2024-08-06T07:06:34.982Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:pmg5318-b20a_firmware:v100aanc0b5:*:*:*:*:*:*:*", "matchCriteriaId": "B2128415-3791-4EFC-8ED0-E31BBEBDFADF", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The management portal on ZyXEL PMG5318-B20A devices with firmware 1.00AANC0b5 does not terminate sessions upon a logout action, which allows remote attackers to bypass intended access restrictions by leveraging an unattended workstation."}, {"lang": "es", "value": "El portal de gesti\u00f3n en dispositivos ZyXEL PMG5318-B20A con firmware 1.00AANC0b5 no finaliza sesi\u00f3n sobre una acci\u00f3n de cierre de sesi\u00f3n, lo que permite a atacantes remotos eludir las restricciones destinadas al acceso aprovechando una estaci\u00f3n de trabajo sin supervisi\u00f3n."}], "evaluatorComment": "<a href=\"http://cwe.mitre.org/data/definitions/330.html\">CWE-330: Use of Insufficiently Random Values</a>", "id": "CVE-2015-6019", "lastModified": "2016-12-07T18:17:42.343", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.5, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:N", "version": "3.0"}, "exploitabilityScore": 3.1, "impactScore": 4.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2015-12-31T05:59:17.727", "references": [{"source": "cret@cert.org", "url": "http://www.securitytracker.com/id/1034553"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.kb.cert.org/vuls/id/870744"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.kb.cert.org/vuls/id/BLUU-9ZQU2R"}], "sourceIdentifier": "cret@cert.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}