Lucene search
HistoryDec 12, 2015 - 11:59 a.m.
CVE-2015-6395
cve-2015-6395
cisco
prime service catalog
bug id cscuw48188
access restriction
remote attack
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
6.8 Medium
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
54.6%
Cisco Prime Service Catalog 10.0, 10.0(R2), 10.1, and 11.0 does not properly restrict access to web pages, which allows remote attackers to modify the configuration via a direct request, aka Bug ID CSCuw48188.
Affected configurations
Node
ciscoprime_service_catalogMatch10.0\(r2\)_base
ORciscoprime_service_catalogMatch10.0_base
ORciscoprime_service_catalogMatch10.1_base
ORciscoprime_service_catalogMatch11.0_base
Related
cisco
cisco
Cisco Prime Service Catalog Web Interface Unauthorized Access Vulnerability
2015-12-07 17:10:00
cvelist
cvelist
CVE-2015-6395
2015-12-12 11:00:00
nvd
nvd
CVE-2015-6395
2015-12-12 11:59:00
prion
prion
Design/Logic Flaw
2015-12-12 11:59:00
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
6.8 Medium
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
54.6%
Related for CVE-2015-6395