6.5
CVE-2015-6417
- EPSS 0.09%
- Published 12.12.2015 11:59:01
- Last modified 12.04.2025 10:46:40
- Source psirt@cisco.com
- Teams watchlist Login
- Open Login
Cisco Videoscape Distribution Suite Service Manager (VDS-SM) 3.4.0 and earlier does not always use RBAC for backend database access, which allows remote authenticated users to read or write to database entries via (1) the GUI or (2) a crafted HTTP request, aka Bug ID CSCuv87025.
Data is provided by the National Vulnerability Database (NVD)
Cisco ≫ Videoscape Distribution Suite Service Manager Version3.0.0
Cisco ≫ Videoscape Distribution Suite Service Manager Version3.1.0
Cisco ≫ Videoscape Distribution Suite Service Manager Version3.2.0
Cisco ≫ Videoscape Distribution Suite Service Manager Version3.3.0
Cisco ≫ Videoscape Distribution Suite Service Manager Version3.4.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.09% | 0.236 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 8 | 6.4 |
AV:N/AC:L/Au:S/C:P/I:P/A:P
|