CVE-2015-7269

MEDIUM Year: 2015
CVSS v3 Score
4.2
Medium
CVSS v2 Score
1.9
Low
Weakness Type
CWE-254
View all →

Vulnerability Description

Seagate ST500LT015 hard disk drives, when operating in eDrive mode on Lenovo ThinkPad W541 laptops with BIOS 2.21, allow physically proximate attackers to bypass self-encrypting drive (SED) protection by attaching a second SATA connector to exposed pins, maintaining an alternate power source, and attaching the data cable to another machine, aka a "Hot Unplug Attack."

Related Vulnerabilities

CVE-2015-0233

MEDIUM
CVSS:4.2(Medium)

Multiple insecure Temporary File vulnerabilities in 389 Administration Server before 1.1.38.

CWE-2542015

CVE-2015-7267

MEDIUM
CVSS:4.2(Medium)

Samsung 850 Pro and PM851 solid-state drives and Seagate ST500LT015 and ST500LT025 hard disk drives, when in sleep mode and operating in Opal or eDrive mode on Lenovo ThinkPad T440s laptops with BIOS ...

CWE-2542015

CVE-2015-7268

MEDIUM
CVSS:4.2(Medium)

Samsung 850 Pro and PM851 solid-state drives and Seagate ST500LT015 and ST500LT025 hard disk drives, when used on Windows and operating in Opal mode on Lenovo ThinkPad T440s laptops with BIOS 2.32 or ...

CWE-2542015

CVE-2015-5331

MEDIUM
CVSS:4.3(Medium)

Moodle 2.9.x before 2.9.3 does not properly check the contact list before authorizing message transmission, which allows remote authenticated users to bypass intended access restrictions and conduct s...

CWE-2542015

CVE-2015-7976

MEDIUM
CVSS:4.3(Medium)

The ntpq saveconfig command in NTP 4.1.2, 4.2.x before 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special characters, which allows attackers to cause unspecified impact via a cr...

CWE-2542015

CVE-2016-10148

MEDIUM
CVSS:4.3(Medium)

The wp_ajax_update_plugin function in wp-admin/includes/ajax-actions.php in WordPress before 4.6 makes a get_plugin_data call before checking the update_plugins capability, which allows remote authent...

CWE-2542016