CVE-2015-4190 - Cisco Cloud Portal in Cisco Prime Service Catalog 9.4.1_vortex on Cloud Portal appliances allows man

CVE-2015-4190

Summary

Cisco Cloud Portal in Cisco Prime Service Catalog 9.4.1_vortex on Cloud Portal appliances allows man-in-the-middle attackers to modify data via unspecified vectors, aka Bug ID CSCuh19683. <a href="https://cwe.mitre.org/data/definitions/701.html">Weaknesses Introduced During Design</a>

References

http://tools.cisco.com/security/center/viewAlert.x?alertId=39380
http://www.securityfocus.com/bid/75271
http://www.securitytracker.com/id/1032593
http://www.securitytracker.com/id/1032594

Vulnerable Configurations

cpe:2.3:a:cisco:prime_service_catalog:9.4.1_vortex:*:*:*:*:*:*:*
cpe:2.3:a:cisco:prime_service_catalog:9.4.1_vortex:*:*:*:*:*:*:*

CVSS

Base:	4.3 (as of 07-12-2016 - 18:12)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
NONE	PARTIAL	NONE

cvss-vector via4

AV:N/AC:M/Au:N/C:N/I:P/A:N

refmap via4

bid	75271
cisco	20150616 Cisco Cloud Portal Appliance Pregenerated Default Host Keys Vulnerability
sectrack	1032593 1032594

Last major update

07-12-2016 - 18:12

Published

17-06-2015 - 10:59

Last modified

07-12-2016 - 18:12