National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Vulnerability Change Record for CVE-2015-6928

Change History

Modified Analysis - 9/29/2015 3:08:42 PM

Action Type Old Value New Value
Changed Reference Type
http://packetstormsecurity.com/files/133535/CubeCart-6.0.6-Administrative-Bypass.html No Types Assigned
http://packetstormsecurity.com/files/133535/CubeCart-6.0.6-Administrative-Bypass.html Exploit
Changed Reference Type
http://seclists.org/fulldisclosure/2015/Sep/40 No Types Assigned
http://seclists.org/fulldisclosure/2015/Sep/40 Exploit
Changed Reference Type
https://forums.cubecart.com/topic/50277-critical-security-issue-admin-account-hijack/ No Types Assigned
https://forums.cubecart.com/topic/50277-critical-security-issue-admin-account-hijack/ Advisory, Patch
Added CWE
CWE-284
Added CVSS V2
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Added CPE Configuration
Configuration 1
     OR
          *cpe:2.3:a:cubecart:cubecart:5.2.12:*:*:*:*:*:*:*
          *cpe:2.3:a:cubecart:cubecart:5.2.13:*:*:*:*:*:*:*
          *cpe:2.3:a:cubecart:cubecart:5.2.14:*:*:*:*:*:*:*
          *cpe:2.3:a:cubecart:cubecart:5.2.15:*:*:*:*:*:*:*
          *cpe:2.3:a:cubecart:cubecart:6.0.0:*:*:*:*:*:*:*
          *cpe:2.3:a:cubecart:cubecart:6.0.1:*:*:*:*:*:*:*
          *cpe:2.3:a:cubecart:cubecart:6.0.2:*:*:*:*:*:*:*
          *cpe:2.3:a:cubecart:cubecart:6.0.3:*:*:*:*:*:*:*
          *cpe:2.3:a:cubecart:cubecart:6.0.4:*:*:*:*:*:*:*
          *cpe:2.3:a:cubecart:cubecart:6.0.5:*:*:*:*:*:*:*
          *cpe:2.3:a:cubecart:cubecart:6.0.6:*:*:*:*:*:*:*