CVE-2014-0659

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140110-sbd", "name": "20140110 Undocumented Test Interface in Cisco Small Business Devices", "tags": ["Vendor Advisory"], "refsource": "CISCO"}, {"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=32381", "name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=32381", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://www.securitytracker.com/id/1029579", "name": "1029579", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": "SECTRACK"}, {"url": "http://www.securitytracker.com/id/1029580", "name": "1029580", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": "SECTRACK"}, {"url": "http://secunia.com/advisories/56292", "name": "56292", "tags": [], "refsource": "SECUNIA"}, {"url": "https://github.com/elvanderb/TCP-32764", "name": "https://github.com/elvanderb/TCP-32764", "tags": ["Patch", "Issue Tracking"], "refsource": "MISC"}, {"url": "http://www.securityfocus.com/bid/64776", "name": "64776", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": "BID"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90233", "name": "cisco-small-cve20140659-priv-esc(90233)", "tags": [], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "The Cisco WAP4410N access point with firmware through 2.0.6.1, WRVS4400N router with firmware 1.x through 1.1.13 and 2.x through 2.0.2.1, and RVS4000 router with firmware through 2.0.3.2 allow remote attackers to read credential and configuration data, and execute arbitrary commands, via requests to the test interface on TCP port 32764, aka Bug IDs CSCum37566, CSCum43693, CSCum43700, and CSCum43685."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-78"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2014-0659", "ASSIGNER": "psirt@cisco.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "HIGH", "impactScore": 10.0, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2014-01-12T18:34Z", "configurations": {"nodes": [{"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:cisco:rvs4000_firmware:2.0.2.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:rvs4000_firmware:2.0.0.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:rvs4000_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "2.0.3.2"}, {"cpe23Uri": "cpe:2.3:o:cisco:rvs4000_firmware:1.3.3.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:rvs4000_firmware:1.3.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:cisco:rvs4000:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:cisco:wrvs4400n_firmware:2.0.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:wrvs4400n_firmware:2.0.1.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:wrvs4400n_firmware:1.1.13:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:wrvs4400n_firmware:1.1.03:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:cisco:wrvs4400n:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:cisco:wap4410n_firmware:2.0.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:wap4410n_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "2.0.6.1"}, {"cpe23Uri": "cpe:2.3:o:cisco:wap4410n_firmware:2.0.4.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:wap4410n_firmware:2.0.3.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:cisco:wap4410n:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "operator": "AND", "cpe_match": []}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-08-29T01:34Z"}