Vulnslist

Cisco product, release, and evidence lookup

CVE-2015-6404

Cisco Hosted Collaboration Mediation Fulfillment 10.6(3) does not use RBAC, which allows remote authenticated users to obtain sensitive credential information by leveraging admin access and making SOAP API requests, aka Bug ID CSCuw84374.

SeverityMEDIUM
CVSS4.0
EPSS0.18% EPSS low
CWECWE-200
KEV
Published
Modified

Public Affected Products

Product Advisory Evidence
Cisco Hosted Collaboration Solution cisco-sa-20151210-hcm Cisco CSAF ยท structured affected