Information Disclosure in Cisco Mobility Services Engine by Cisco
CVE-2015-4263

Currently unrated

Key Information:

Vendor: Cisco
Status: Mobility Services Engine
Vendor: CVE Published:; 10 July 2015

What is CVE-2015-4263?

The Control and Provisioning functionality in Cisco Mobility Services Engine (MSE) 10.0(0.1) is susceptible to an information disclosure vulnerability. Remote authenticated users may exploit this flaw to access sensitive information by reading log files, potentially leading to unauthorized access to confidential data. Administrators should assess their systems for this vulnerability and consider implementing recommended mitigations.

References

http://tools.cisco.com/security/center/viewAlert.x?alertI...

vendor-advisoryx_refsource_CISCO

http://www.securitytracker.com/id/1032854

vdb-entryx_refsource_SECTRACK

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 10, 2015
Vulnerability Reserved
Jun 4, 2015