Sensitive Credential Disclosure in Cisco Hosted Collaboration Mediation Fulfillment
CVE-2015-6404

Currently unrated

Key Information:

Vendor
Cisco
Status
Hosted Collaboration Solution
Vendor
CVE Published:
15 December 2015

Summary

Cisco Hosted Collaboration Mediation Fulfillment version 10.6(3) has a vulnerability that permits remote authenticated users to exploit a lack of Role-Based Access Control (RBAC). This oversight allows them to access sensitive credential information through SOAP API requests. The vulnerability is identified as Bug ID CSCuw84374 and highlights the importance of implementing proper access controls to protect sensitive data within the system.

References

http://www.securityfocus.com/bid/78874
vdb-entryx_refsource_BID
http://tools.cisco.com/security/center/content/CiscoSecur...
vendor-advisoryx_refsource_CISCO

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.