CVE-2015-6328Sensitive Information Exposure in Cisco Prime Collaboration Assurance

CWE-200Sensitive Information Exposure4 documents4 sources
Severity
6.8MEDIUMNVD
EPSS
0.2%
top 61.57%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Prime Collaboration Assurance
Timeline
PublishedOct 13
Latest updateMay 17

Description

The web framework in Cisco Prime Collaboration Assurance (PCA) 10.5(1) allows remote authenticated users to bypass intended access restrictions and read arbitrary files via a crafted URL, aka Bug ID CSCus88380.

CVSS vector

AV:N/AC:L/C:C/I:N/A:NExploitability: 8.0 | Impact: 6.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-c3pc-qcfg-gxh2: The web framework in Cisco Prime Collaboration Assurance (PCA) 102022-05-17
CVEList
CVE-2015-6328: The web framework in Cisco Prime Collaboration Assurance (PCA) 102015-10-13

📋Vendor Advisories

1
Cisco
Cisco Prime Collaboration Assurance Arbitrary File Retrieval Vulnerability2015-10-08
CVE-2015-6328 — Sensitive Information Exposure in Cisco | cvebase