Vulnslist

Cisco product, release, and evidence lookup

CVE-2015-4304

The web framework in Cisco Prime Collaboration Assurance before 10.5.1.53684-1 allows remote authenticated users to bypass intended access restrictions, and create administrative accounts or read data from arbitrary tenant domains, via a crafted URL, aka Bug IDs CSCus62671 and CSCus62652.

Data: Cisco advisories · Cisco CSAF · NVD CVEs · NVD CPEs · CISA KEV · EPSS

SeverityHIGH
CVSS9.0
EPSS0.36% EPSS medium
CWECWE-264
KEV
Published
Modified

Products with public affected evidence

Product Advisory Affected evidence
Cisco Prime Collaboration Assurance cisco-sa-20150916-pca structured affected CSAF product_status