CVE-2015-4304

Currently unrated

Key Information:

Vendor: Cisco
Status: Prime Collaboration Assurance
Vendor: CVE Published:; 20 September 2015

Summary

The web framework in Cisco Prime Collaboration Assurance before 10.5.1.53684-1 allows remote authenticated users to bypass intended access restrictions, and create administrative accounts or read data from arbitrary tenant domains, via a crafted URL, aka Bug IDs CSCus62671 and CSCus62652.

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

http://www.securitytracker.com/id/1033581

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Sep 20, 2015
Vulnerability Reserved
Jun 4, 2015