MEDIUM✓ PATCH🇬🇧 English

CVE-2015-6404

CVSS 4.0v2.0pub. 2015-12-15upd. 2026-05-06

Cisco Hosted Collaboration Mediation Fulfillment 10.6(3) does not use RBAC, which allows remote authenticated users to obtain sensitive credential information by leveraging admin access and making SOAP API requests, aka Bug ID CSCuw84374.

oryginał EN
CVSS Vector
AV:N/AC:L/Au:S/C:P/I:N/A:N
  • Cisco Hosted Collaboration Solution

    APP
    Cisco
    10.6\(3\)_base
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
CWE
Referencje

Powiązane podatności

CVE-2017-12337CRITICAL9.8ten sam produkt

A vulnerability in the upgrade mechanism of Cisco collaboration products based on the Cisco Voice Operating Sy...

CVE-2017-9805HIGH8.1⚠ KEVten sam produkt

The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHand...

CVE-2019-15968MEDIUM5.4ten sam produkt

A vulnerability in the web-based management interface of Cisco Unified Communications Domain Manager (Unified ...

CVE-2019-1911MEDIUM5.3ten sam produkt

A vulnerability in the CLI of Cisco Unified Communications Domain Manager (Cisco Unified CDM) Software could a...

CVE-2018-0386MEDIUM6.1ten sam produkt

A vulnerability in Cisco Unified Communications Domain Manager Software could allow an unauthenticated, remote...