Boletines de Vulnerabilidades

Cisco Prime Collaboration Assurance Information Disclosure Vulnerability

Información sobre el sistema
   
Software afectado Cisco

Descripción
A vulnerability in the web framework of Cisco Prime CollaborationAssurance could allow an authenticated, remote attacker to accessinformation about any device imported into the system database.Thevulnerability is due to improper implementation of authorization andaccess controls. An attacker could exploit this vulnerability by sendingcrafted URLs to the system. The attacker would need to be logged in tothe system to exploit this vulnerability. An exploit couldallow the attacker to access

More info:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20150916-CVE-2015-4305?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Prime%20Collaboration%20Assurance%20Information%20Disclosure

Identificadores estándar
Propiedad Valor
CVE

Histórico de versiones
Versión Comentario Fecha
1.0 Advisory issued 2015-10-08

Miembros de

CERT
FIRST
TF-CSIRT
EGC Group
UE
Red Nacional de SOC
Foro Nacional de Ciberseguridad
CSIRT.es
Ministerio de Defensa
CNI
CCN
CCN-CERT