CVE Daily

CVE-2015-6395

Cisco Prime Service Catalog 10.0, 10.0(R2), 10.1, and 11.0 does not properly res...

Medium CVSS 6.5

Overview

Cisco Prime Service Catalog 10.0, 10.0(R2), 10.1, and 11.0 does not properly restrict access to web pages, which allows remote attackers to modify the configuration via a direct request, aka Bug ID CSCuw48188.

CWE: CWE-264 Published: 2015-12-12T11:59:00.120
Risk analysis

This vulnerability is rated 🟡 MEDIUM.

  • CVSS: 6.5 (MEDIUM)
  • Detected tags: none (tag impact: LOW)

Recommended actions:

  • Prioritize remediation based on business criticality and exposure.
  • Limit exposure and increase monitoring until fixed.

Recommended tools

Tags