Bypassing Access Restrictions and Arbitrary Account Creation in Cisco Prime Collaboration Assurance
CVE-2015-4304 · HIGH Severity
AV:N/AC:L/AU:S/C:C/I:C/A:C
The web framework in Cisco Prime Collaboration Assurance before 10.5.1.53684-1 allows remote authenticated users to bypass intended access restrictions, and create administrative accounts or read data from arbitrary tenant domains, via a crafted URL, aka Bug IDs CSCus62671 and CSCus62652.
Learn more about our Cis Benchmark Audit For Cisco.