← Back

CVE-2015-6389

nvd nist
Published: Dec 13, 2015Modified: May 6, 2026

JSON object

Loading...
9.0
Vector
AV:N/AC:L/Au:N/C:P/I:P/A:C
Exploitability: 10.0 / Impact: 8.5
Source: NVD

Description

Cisco Prime Collaboration Assurance before 11.0 has a hardcoded cmuser account, which allows remote attackers to obtain access by establishing an SSH session and leveraging knowledge of this account's password, aka Bug ID CSCus62707.

Affected (2)

Cisco
1 product
Prime Collaboration Assurance
Configuration A
2 vulnerable
Vulnerable SoftwareAffected Versions
Cisco
Prime Collaboration Assurance
Version 10.5.1
Prime Collaboration Assurance
Version 10.6.0

Related CWEs

CWE-287
Improper Authentication
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

References (6)

Source: psirt@cisco.com
Vendor Advisory
Source: psirt@cisco.com
Source: psirt@cisco.com
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.