CVE-2015-6328

Published: Oct 13, 2015Modified: May 6, 2026

6.8

Vector

AV:N/AC:L/Au:S/C:C/I:N/A:N

Exploitability: 8.0 / Impact: 6.9

Source: NVD

Description

The web framework in Cisco Prime Collaboration Assurance (PCA) 10.5(1) allows remote authenticated users to bypass intended access restrictions and read arbitrary files via a crafted URL, aka Bug ID CSCus88380.

Affected (1)

Products: Cisco: Prime Collaboration Assurance

Cisco

1 product

Prime Collaboration Assurance

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Cisco Prime Collaboration Assurance	Version 10.5.1

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (4)

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151008-pca

Source: psirt@cisco.com

Vendor Advisory

http://www.securitytracker.com/id/1033784

Source: psirt@cisco.com

Third Party AdvisoryVDB Entry

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151008-pca

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securitytracker.com/id/1033784

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

Timeline

No history available yet.