CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-4304

The web framework in Cisco Prime Collaboration Assurance before 10.5.1.53684-1 allows remote authenticated users to bypass intended access restrictions, and create administrative accounts or read data from arbitrary tenant domains, via a crafted URL, aka Bug IDs CSCus62671 and CSCus62652.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 55.4%

CVSS Severity

CVSS v2 Score 9.0

References

Products affected by CVE-2015-4304

Cisco » Prime Collaboration Assurance » Version: 10.0.0

cpe:2.3:a:cisco:prime_collaboration_assurance:10.0.0
Cisco » Prime Collaboration Assurance » Version: 10.5.0

cpe:2.3:a:cisco:prime_collaboration_assurance:10.5.0
Cisco » Prime Collaboration Assurance » Version: 10.5.1

cpe:2.3:a:cisco:prime_collaboration_assurance:10.5.1
Cisco » Prime Collaboration Assurance » Version: 10.6.0

cpe:2.3:a:cisco:prime_collaboration_assurance:10.6.0
Cisco » Prime Collaboration Assurance » Version: 9.0.0

cpe:2.3:a:cisco:prime_collaboration_assurance:9.0.0
Cisco » Prime Collaboration Assurance » Version: 9.5.0

cpe:2.3:a:cisco:prime_collaboration_assurance:9.5.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-4304

Products

Pricing

Contact Us