CVE-2015-6355: Infoleak
First published: Wed Nov 04 2015(Updated: )
The web interface in Cisco Unified Computing System (UCS) 2.2(5b)A on blade servers allows remote attackers to obtain potentially sensitive version information by visiting an unspecified URL, aka Bug ID CSCuw87226.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Unified Computing System software | =2.2\(5b\)a |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2015-6355?
CVE-2015-6355 has a medium severity rating as it allows remote attackers to access sensitive version information.
How do I fix CVE-2015-6355?
To mitigate CVE-2015-6355, it is recommended to upgrade to a patched version of Cisco Unified Computing System software.
What types of attacks can exploit CVE-2015-6355?
CVE-2015-6355 can be exploited through sending requests to an unspecified URL that reveals sensitive version information.
Which Cisco products are affected by CVE-2015-6355?
CVE-2015-6355 specifically affects the Cisco Unified Computing System software version 2.2(5b)A on blade servers.
When was CVE-2015-6355 publicly disclosed?
CVE-2015-6355 was publicly disclosed on November 2, 2015, as part of a Cisco security advisory.
- agent/references
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/author
- agent/last-modified-date
- agent/first-publish-date
- agent/description
- agent/event
- agent/type
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco unified computing system software
- version/cisco unified computing system software/2.2\(5b\)a