// For flags

CVE-2015-6395

 

Severity Score

6.5
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Cisco Prime Service Catalog 10.0, 10.0(R2), 10.1, and 11.0 does not properly restrict access to web pages, which allows remote attackers to modify the configuration via a direct request, aka Bug ID CSCuw48188.

Cisco Prime Service Catalog 10.0, 10.0(R2), 10.1 y 11.0 no restringe adecuadamente el acceso a páginas web, lo que permite a atacantes remotos modificar la configuración a través de una petición directa, también conocido como Bug ID CSCuw48188.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Authentication
Single
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2015-08-17 CVE Reserved
  • 2015-12-12 CVE Published
  • 2023-03-07 EPSS Updated
  • 2024-08-06 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-264: Permissions, Privileges, and Access Controls
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Cisco
Search vendor "Cisco"
Prime Service Catalog
Search vendor "Cisco" for product "Prime Service Catalog"
10.0\(r2\)_base
Search vendor "Cisco" for product "Prime Service Catalog" and version "10.0\(r2\)_base"
-
Affected
Cisco
Search vendor "Cisco"
Prime Service Catalog
Search vendor "Cisco" for product "Prime Service Catalog"
10.0_base
Search vendor "Cisco" for product "Prime Service Catalog" and version "10.0_base"
-
Affected
Cisco
Search vendor "Cisco"
Prime Service Catalog
Search vendor "Cisco" for product "Prime Service Catalog"
10.1_base
Search vendor "Cisco" for product "Prime Service Catalog" and version "10.1_base"
-
Affected
Cisco
Search vendor "Cisco"
Prime Service Catalog
Search vendor "Cisco" for product "Prime Service Catalog"
11.0_base
Search vendor "Cisco" for product "Prime Service Catalog" and version "11.0_base"
-
Affected