CVE-2015-6404
Cisco Hosted Collaboration Mediation Fulfillment 10.6(3) - Sensitive Credential Exposure via SOAP API
Title source: llmDescription
Cisco Hosted Collaboration Mediation Fulfillment 10.6(3) does not use RBAC, which allows remote authenticated users to obtain sensitive credential information by leveraging admin access and making SOAP API requests, aka Bug ID CSCuw84374.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/78874
Vendor Advisory vendor-advisory
x_refsource_cisco
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151210-hcm
Scores
EPSS
0.0095
EPSS Percentile
57.1%
Details
CWE
CWE-200
Status
published
Products (1)
cisco/hosted_collaboration_solution
10.6\(3\)_base
Published
Dec 15, 2015
Tracked Since
Feb 18, 2026