Bypassing System-Database Read Restrictions in Cisco Prime Collaboration Assurance

CVE-2015-4305 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

The web framework in Cisco Prime Collaboration Assurance before 10.5.1.53684-1 allows remote authenticated users to bypass intended system-database read restrictions, and discover credentials or SNMP communities for arbitrary tenant domains, via a crafted URL, aka Bug ID CSCus62656.

Learn more about our Cis Benchmark Audit For Cisco.