Unrated severityNVD Advisory· Published Dec 12, 2015· Updated May 6, 2026

CVE-2015-6395

Description

Cisco Prime Service Catalog 10.0, 10.0(R2), 10.1, and 11.0 does not properly restrict access to web pages, which allows remote attackers to modify the configuration via a direct request, aka Bug ID CSCuw48188.

Affected products

Cisco Systems, Inc./Prime Service Catalog4 versions
cpe:2.3:a:cisco:prime_service_catalog:10.0_base:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:cisco:prime_service_catalog:10.0_base:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:prime_service_catalog:10.0\(r2\)_base:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:prime_service_catalog:10.1_base:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:prime_service_catalog:11.0_base:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151207-pscnvdVendor Advisory
www.securitytracker.com/id/1034313nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000