CVE-2015-6417

Cisco Videoscape Distribution Suite Service Manager (VDS-SM) 3.4.0 and earlier does not always use RBAC for backend database access, which allows remote authenticated users to read or write to database entries via (1) the GUI or (2) a crafted HTTP request, aka Bug ID CSCuv87025.

Severity	MEDIUM
CVSS	6.5
CWE	CWE-264
KEV
Published	10 years ago
Modified	1 week ago

Related Products

Product	Advisory
Cisco RV Series Routers	cisco-sa-20151210-vdssm
Cisco Nexus Dashboard	cisco-sa-20151210-vdssm
Cisco Application Centric Infrastructure Virtual Edge	cisco-sa-20151210-vdssm
Cisco Videoscape Distribution Suite Service Manager	cisco-sa-20151210-vdssm