CVE-2015-6389 — Vulnetix

CVE-2015-6389 PUBLISHED CVSS 9 CRITICAL

Cisco Prime Collaboration Assurance before 11.0 has a hardcoded cmuser account, which allows remote attackers to obtain access by establishing an SSH session and leveraging knowledge of this account's password, aka Bug ID CSCus62707.

EPSS 0.55% · 68.5th percentile

Risk Scores

CVSS 2.0

EPSS Score

0.55%

68.5th percentile

Affected Products

Vendor	Product	Versions
cisco	prime_collaboration_assurance	10.5.1, 10.6.0
n/a	n/a	*

Exploit Intelligence

78738 (circl)
1034361 (circl)
20151209 Cisco Prime Collaboration Assurance Default Account Credential Vulnerability (circl)

Timeline

Dec 9, 2015 CVE Published
Feb 4, 2022 EPSS Score
Mar 29, 2022 EPSS Score
May 20, 2022 EPSS Score
Jul 12, 2022 EPSS Score
Sep 3, 2022 EPSS Score
Oct 26, 2022 EPSS Score
Dec 18, 2022 EPSS Score
Feb 8, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Apr 2, 2023 EPSS Score
May 25, 2023 EPSS Score

References

78738 vdb
1034361 vdb
20151209 Cisco Prime Collaboration Assurance Default Account Credential Vulnerability vendor-advisory
https://nvd.nist.gov/vuln/detail/CVE-2015-6389 advisory

Open in Interactive Console →