Vulnerability Details CVE-2015-4307
The web framework in Cisco Prime Collaboration Provisioning before 11.0 allows remote authenticated users to bypass intended access restrictions and create administrative accounts via a crafted URL, aka Bug ID CSCut64111.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 57.6%
CVSS Severity
CVSS v2 Score 9.0
References
Products affected by CVE-2015-4307
-
cpe:2.3:a:cisco:prime_collaboration_provisioning:10.0.0
-
cpe:2.3:a:cisco:prime_collaboration_provisioning:10.5.0
-
cpe:2.3:a:cisco:prime_collaboration_provisioning:10.5.1
-
cpe:2.3:a:cisco:prime_collaboration_provisioning:10.6.0
-
cpe:2.3:a:cisco:prime_collaboration_provisioning:9.0.0
-
cpe:2.3:a:cisco:prime_collaboration_provisioning:9.5.0