{"api_version":"1","generated_at":"2026-07-07T07:58:57+00:00","cve":"CVE-2015-0755","urls":{"html":"https://cve.report/CVE-2015-0755","api":"https://cve.report/api/cve/CVE-2015-0755.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2015-0755","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2015-0755"},"summary":{"title":"CVE-2015-0755","description":"The Posture module for Cisco Identity Services Engine (ISE), as distributed in Cisco AnyConnect Secure Mobility Client 4.0(64), allows local users to gain privileges via unspecified commands, aka Bug ID CSCut05797.","state":"PUBLISHED","assigner":"cisco","published_at":"2015-05-29 15:59:09","updated_at":"2026-05-06 22:30:45"},"problem_types":["CWE-284","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"6.8","severity":"","vector":"AV:L/AC:L/Au:S/C:C/I:C/A:C","data":{"version":"2.0","vectorString":"AV:L/AC:L/Au:S/C:C/I:C/A:C","baseScore":6.8,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"}}],"references":[{"url":"http://www.securitytracker.com/id/1032424","name":"http://www.securitytracker.com/id/1032424","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"],"title":"Cisco Identity Services Engine Access Control Flaw in Posture Module Lets Local Users Gain Elevated Privileges - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://tools.cisco.com/security/center/viewAlert.x?alertId=39018","name":"http://tools.cisco.com/security/center/viewAlert.x?alertId=39018","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Cisco Identity Services Engine Privilege Escalation Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2015-0755","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-0755","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2015","cve_id":"755","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"anyconnect_secure_mobility_client","cpe6":"4.0\\(64\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-06T04:17:32.824Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"1032424","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id/1032424"},{"name":"20150527 Cisco Identity Services Engine Privilege Escalation Vulnerability","tags":["vendor-advisory","x_refsource_CISCO","x_transferred"],"url":"http://tools.cisco.com/security/center/viewAlert.x?alertId=39018"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2015-05-27T00:00:00.000Z","descriptions":[{"lang":"en","value":"The Posture module for Cisco Identity Services Engine (ISE), as distributed in Cisco AnyConnect Secure Mobility Client 4.0(64), allows local users to gain privileges via unspecified commands, aka Bug ID CSCut05797."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2016-12-29T18:57:01.000Z","orgId":"d1c1063e-7a18-46af-9102-31f8928bc633","shortName":"cisco"},"references":[{"name":"1032424","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id/1032424"},{"name":"20150527 Cisco Identity Services Engine Privilege Escalation Vulnerability","tags":["vendor-advisory","x_refsource_CISCO"],"url":"http://tools.cisco.com/security/center/viewAlert.x?alertId=39018"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"psirt@cisco.com","ID":"CVE-2015-0755","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"The Posture module for Cisco Identity Services Engine (ISE), as distributed in Cisco AnyConnect Secure Mobility Client 4.0(64), allows local users to gain privileges via unspecified commands, aka Bug ID CSCut05797."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"1032424","refsource":"SECTRACK","url":"http://www.securitytracker.com/id/1032424"},{"name":"20150527 Cisco Identity Services Engine Privilege Escalation Vulnerability","refsource":"CISCO","url":"http://tools.cisco.com/security/center/viewAlert.x?alertId=39018"}]}}}},"cveMetadata":{"assignerOrgId":"d1c1063e-7a18-46af-9102-31f8928bc633","assignerShortName":"cisco","cveId":"CVE-2015-0755","datePublished":"2015-05-29T15:00:00.000Z","dateReserved":"2015-01-07T00:00:00.000Z","dateUpdated":"2024-08-06T04:17:32.824Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2015-05-29 15:59:09","lastModifiedDate":"2026-05-06 22:30:45","problem_types":["CWE-284","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:S/C:C/I:C/A:C","baseScore":6.8,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"MEDIUM","exploitabilityScore":3.1,"impactScore":10,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.0\\(64\\):*:*:*:*:*:*:*","matchCriteriaId":"9EC1592B-04DE-4FBB-88EF-7AFADEE75624"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2015","CveId":"755","Ordinal":"1","Title":"CVE-2015-0755","CVE":"CVE-2015-0755","Year":"2015"},"notes":[{"CveYear":"2015","CveId":"755","Ordinal":"1","NoteData":"The Posture module for Cisco Identity Services Engine (ISE), as distributed in Cisco AnyConnect Secure Mobility Client 4.0(64), allows local users to gain privileges via unspecified commands, aka Bug ID CSCut05797.","Type":"Description","Title":"CVE-2015-0755"},{"CveYear":"2015","CveId":"755","Ordinal":"2","NoteData":"2015-05-29","Type":"Other","Title":"Published"},{"CveYear":"2015","CveId":"755","Ordinal":"3","NoteData":"2016-12-29","Type":"Other","Title":"Modified"}]}}}