Cisco Connected Grid Network Management System Privilege Escalation Vulnerability
|
Información sobre el sistema
|
|
|
Software afectado |
Cisco |
Descripción
|
A vulnerability in the web GUI of Cisco Connected Grid Network Management System could allow an authenticated, remote attacker to perform limited configuration changes while logged in as a user having the Monitor-Only role.The vulnerability is due to insufficient authorization controls. An attacker could exploit this vulnerability by accessing the related configuration pages on the web interface and submitting the changes. An exploit could allow the attacker to make unauthorized modifications
More info:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151109-cg-nms?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Connected%20Grid%20Network%20Management%20System%20Privilege%20Esca |
Identificadores estándar
|
Propiedad |
Valor |
CVE |
CVE-2015-6362. |