Описание
The web GUI in Cisco Connected Grid Network Management System (CG-NMS) 3.0(0.35) and 3.0(0.54) allows remote authenticated users to bypass intended access restrictions and modify the configuration by leveraging the Monitor-Only role, aka Bug ID CSCuw42640.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:cisco:connected_grid_network_management_system:3.0\(0.35\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:connected_grid_network_management_system:3.0\(0.54\):*:*:*:*:*:*:*
EPSS
Процентиль: 30%
0.00111
Низкий
4 Medium
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
больше 3 лет назад
The web GUI in Cisco Connected Grid Network Management System (CG-NMS) 3.0(0.35) and 3.0(0.54) allows remote authenticated users to bypass intended access restrictions and modify the configuration by leveraging the Monitor-Only role, aka Bug ID CSCuw42640.
EPSS
Процентиль: 30%
0.00111
Низкий
4 Medium
CVSS2
Дефекты
CWE-264