CVE-2015-0768

The Device Work Center (DWC) component in Cisco Prime Network Control System (NCS) 2.1(0.0.85), 2.2(0.0.58), and 2.2(0.0.69) does not properly implement AAA roles, which allows remote authenticated users to bypass intended access restrictions and execute commands via a login session, aka Bug ID CSCur27371.

Severity	MEDIUM
CVSS	6.5
EPSS	0.15% EPSS low
CWE	CWE-264
KEV
Published	10 years ago
Modified	2 weeks ago

Public Affected Products

Product	Advisory	Evidence
Cisco Prime Network Control System	Cisco-SA-20150609-CVE-2015-0768	Cisco CSAF · structured affected