Vulnerability Change Records for CVE-2015-6510

Change History

CPE Deprecation Remap 5/30/2019 10:57:55 AM

Action Type Old Value New Value
Changed CPE Configuration
OR
     *cpe:2.3:a:pfsense:pfsense:*:*:*:*:*:*:*:* versions from (including) 2.2.2
OR
     *cpe:2.3:a:netgate:pfsense:*:*:*:*:*:*:*:* versions from (including) 2.2.2

Modified Analysis 8/19/2015 7:9:26 PM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
Configuration 1
     OR
          *cpe:2.3:a:pfsense:pfsense:2.2.2:*:*:*:*:*:*:* (and previous)
Added CVSS V2

								
							
							
						
(AV:N/AC:M/Au:N/C:N/I:P/A:N)
Added CWE

								
							
							
						
CWE-79
Changed Reference Type
https://www.pfsense.org/security/advisories/pfSense-SA-15_06.webgui.asc No Types Assigned
https://www.pfsense.org/security/advisories/pfSense-SA-15_06.webgui.asc Advisory

Initial CVE Analysis 8/19/2015 1:42:49 PM

Action Type Old Value New Value

CVE Translated 8/27/2015 12:45:07 PM

Action Type Old Value New Value
Added Translation

								
							
							
						
Vulnerabilidad de XSS múltiple en pfSense en versiones anteriores a 2.2.3, permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través del parámetro (1) srctrack, (2) use_mfs_tmp_size o (3) use_mfs_var_size a system_advanced_misc.php; del parámetro (4) port, (5) snaplen o (6) count a diag_packet_capture.php; del parámetro (7) pppoe_resethour, (8) pppoe_resetminute, (9) wpa_group_rekey o (10) wpa_gmk_rekey a interfaces.php; del parámetro (11) pppoe_resethour o (12) pppoe_resetminute a interfaces_ppps_edit.php; del parámetro (13) member[] a interfaces_qinq_edit.php; del parámetro (14) port o (15) retry a load_balancer_pool_edit.php; del parámetro (16) pkgrepourl a pkg_mgr_settings.php; del parámetro (17) zone a services_captiveportal.php; del parámetro port a (18) services_dnsmasq.php o (19) services_unbound.php; del parámetro (20) cache_max_ttl o (21) cache_min_ttl a services_unbound_advanced.php; del parámetro (22) sshport a system_advanced_a dmin.php; del parámetro (23) id, (24) tunable, (25) descr, o (26) value a system_advanced_sysctl.php; del parámetro (27) firmwareurl, (28) repositoryurl, o (29) branch a system_firmware_settings.php; del parámetro (30) pfsyncpeerip, (31) synchronizetoip, (32) username o (33) passwordfld a system_hasync.php; del parámetro (34) maxmss a vpn_ipsec_settings.php; del parámetro (35) ntp_server1, (36) ntp_server2, (37) wins_server1, o (38) wins_server2 a vpn_openvpn_csc.php; o parámetros no especificados a (39) load_balancer_relay_action.php, (40) load_balancer_relay_action_edit.php, (41) load_balancer_relay_protocol.php o (42) load_balancer_relay_protocol_edit.php.
Removed Translation
Múltiples vulnerabilidades de XSS en pfSense en versiones anteriores a 2.2.3, permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través del parámetro (1) srctrack, (2) use_mfs_tmp_size o (3) use_mfs_var_size a system_advanced_misc.php; del parámetro (4) port, (5) snaplen o (6) count a diag_packet_capture.php; del parámetro (7) pppoe_resethour, (8) pppoe_resetminute, (9) wpa_group_rekey o (10) wpa_gmk_rekey a interfaces.php; del parámetro (11) pppoe_resethour o (12) pppoe_resetminute a interfaces_ppps_edit.php; del parámetro (13) member[] a interfaces_qinq_edit.php; del parámetro (14) port o (15) retry a load_balancer_pool_edit.php; del parámetro (16) pkgrepourl a pkg_mgr_settings.php; del parámetro (17) zone a services_captiveportal.php; del parámetro port a (18) services_dnsmasq.php o (19) services_unbound.php; del parámetro (20) cache_max_ttl o (21) cache_min_ttl a services_unbound_advanced.php; del parámetro (22) sshport a system_advanced_a dmin.php; del parámetro (23) id, (24) tunable, (25) descr, o (26) value a system_advanced_sysctl.php; del parámetro (27) firmwareurl, (28) repositoryurl, o (29) branch a system_firmware_settings.php; del parámetro (30) pfsyncpeerip, (31) synchronizetoip, (32) username o (33) passwordfld a system_hasync.php; del parámetro (34) maxmss a vpn_ipsec_settings.php; del parámetro (35) ntp_server1, (36) ntp_server2, (37) wins_server1, o (38) wins_server2 a vpn_openvpn_csc.php; o parámetros no especificados a (39) load_balancer_relay_action.php, (40) load_balancer_relay_action_edit.php, (41) load_balancer_relay_protocol.php o (42) load_balancer_relay_protocol_edit.php.