CVE-2015-6237 – Tripwire IP360 VnE Remote Administrative API Authentication Bypass/Privilege Acquisition Vulnerability

Posted by Specto on Oct 05

Document Title
================
Tripwire IP360 VnE Remote Administrative API Authentication
Bypass/Privilege Acquisition Vulnerability

Affected Products
===================
Vendor: Tripwire
Software/Appliance: IP360 VnE Vulnerability Manager
Affected (verified) versions: v7.2.2 -> v7.2.5

CVE
=====
CVE-2015-6237

CVSS
=======
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/RL:O/RC:C
Base Score: 10.0
Temporal Score: 9.5

Rating
=========
Critical…

Leave a Reply