CVE-2015-4305

The web framework in Cisco Prime Collaboration Assurance before 10.5.1.53684-1 allows remote authenticated users to bypass intended system-database read restrictions, and discover credentials or SNMP communities for arbitrary tenant domains, via a crafted URL, aka Bug ID CSCus62656.

Data: Cisco advisories 1 day ago · Cisco CSAF 4 hours ago · NVD CVEs 7 hours ago · NVD CPEs 1 day ago · CISA KEV 1 day ago · EPSS 1 day ago

Severity	MEDIUM
CVSS	4.0
EPSS	0.17% EPSS low
CWE	CWE-264
KEV
Published	10 years ago
Modified	2 weeks ago

Products with public affected evidence

Product	Advisory	Affected evidence
Cisco Prime Collaboration Assurance	cisco-sa-20150916-pca	structured affected CSAF product_status
Cisco Prime Collaboration Assurance	Cisco-SA-20150916-CVE-2015-4305	structured affected CSAF product_status