{"containers": {"cna": {"affected": [{"product": "Palo Alto Networks Zingbox Inspector", "vendor": "n/a", "versions": [{"status": "affected", "version": "Zingbox Inspector, versions 1.294 and earlier."}]}], "descriptions": [{"lang": "en", "value": "In the Zingbox Inspector, versions 1.294 and earlier, hardcoded credentials for root and inspector user accounts are present in the system software, which can result in unauthorized users gaining access to the system."}], "problemTypes": [{"descriptions": [{"description": "Use of Hard-coded Credentials", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-02-17T16:03:47", "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "shortName": "palo_alto"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://security.paloaltonetworks.com/CVE-2019-15015"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@paloaltonetworks.com", "ID": "CVE-2019-15015", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Palo Alto Networks Zingbox Inspector", "version": {"version_data": [{"version_value": "Zingbox Inspector, versions 1.294 and earlier."}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In the Zingbox Inspector, versions 1.294 and earlier, hardcoded credentials for root and inspector user accounts are present in the system software, which can result in unauthorized users gaining access to the system."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Use of Hard-coded Credentials"}]}]}, "references": {"reference_data": [{"name": "https://security.paloaltonetworks.com/CVE-2019-15015", "refsource": "MISC", "url": "https://security.paloaltonetworks.com/CVE-2019-15015"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T00:34:52.975Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://security.paloaltonetworks.com/CVE-2019-15015"}]}]}, "cveMetadata": {"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "assignerShortName": "palo_alto", "cveId": "CVE-2019-15015", "datePublished": "2019-10-09T20:20:28", "dateReserved": "2019-08-13T00:00:00", "dateUpdated": "2024-08-05T00:34:52.975Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:zingbox:inspector:*:*:*:*:*:*:*:*", "matchCriteriaId": "8B80B554-4953-4738-8DBE-AD1BAC6C7254", "versionEndIncluding": "1.294", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In the Zingbox Inspector, versions 1.294 and earlier, hardcoded credentials for root and inspector user accounts are present in the system software, which can result in unauthorized users gaining access to the system."}, {"lang": "es", "value": "En Zingbox Inspector, versiones 1.294 y anteriores, las credenciales embebidas para las cuentas de usuario root e inspector est\u00e1n presentes en el software del sistema, lo que puede resultar en que usuarios no autorizados consigan acceso al sistema."}], "id": "CVE-2019-15015", "lastModified": "2024-11-21T04:27:52.657", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-10-09T21:15:12.680", "references": [{"source": "psirt@paloaltonetworks.com", "tags": ["Third Party Advisory"], "url": "https://security.paloaltonetworks.com/CVE-2019-15015"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://security.paloaltonetworks.com/CVE-2019-15015"}], "sourceIdentifier": "psirt@paloaltonetworks.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-798"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}