CVE-2015-6395

EPSS 0.36%
Veröffentlicht 12.12.2015 11:59:00
Zuletzt bearbeitet 12.04.2025 10:46:40
Quelle psirt@cisco.com
Teams Watchlist Login
Unerledigt Login

Cisco Prime Service Catalog 10.0, 10.0(R2), 10.1, and 11.0 does not properly restrict access to web pages, which allows remote attackers to modify the configuration via a direct request, aka Bug ID CSCuw48188.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Cisco ≫ Prime Service Catalog Version10.0_base

Cisco ≫ Prime Service Catalog Version10.1_base

Cisco ≫ Prime Service Catalog Version11.0_base

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.36%	0.574

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.5	8	6.4	AV:N/AC:L/Au:S/C:P/I:P/A:P

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151207-psc

Vendor Advisory

http://www.securitytracker.com/id/1034313

https://nvd.nist.gov/vuln/detail/CVE-2015-6395

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2015-6395

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2015-6395

EUVD