Published: 13/10/2015 Updated: 09/12/2016

CVSS v2 Base Score: 6.8 | Impact Score: 6.9 | Exploitability Score: 8

VMScore: 605

Vector: AV:N/AC:L/Au:S/C:C/I:N/A:N

Subscribe to Prime Collaboration Assurance

A vulnerability in the web framework of Cisco Prime Collaboration Assurance (PCA) could allow an authenticated, remote malicious user to retrieve arbitrary files from the underlying file system. The vulnerability is due to incorrect implementation of the access control code. An attacker could exploit this vulnerability by submitting a crafted URL to the system. Cisco has released software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are not available. This advisory is available at the following link: tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151008-pca

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco prime collaboration assurance 10.5.1

A vulnerability in the web framework of Cisco Prime Collaboration Assurance (PCA) could allow an authenticated, remote attacker to retrieve arbitrary files from the underlying file system The vulnerability is due to incorrect implementation of the access control code An attacker could exploit this vulnerability by submitting a crafted URL to the ...

CWE-200 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151008-pca http://www.securitytracker.com/id/1033784 https://nvd.nist.gov http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151008-pca

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2015-6328

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect