CVE-2015-6362

CVE Database · CVE-2015-6362

CVE-2015-6362

· N/AModified

CVSS v3.1

N/A

EPSS

1.38%

Published

Nov 10, 2015

Modified

May 6, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

The web GUI in Cisco Connected Grid Network Management System (CG-NMS) 3.0(0.35) and 3.0(0.54) allows remote authenticated users to bypass intended access restrictions and modify the configuration by leveraging the Monitor-Only role, aka Bug ID CSCuw42640.

Weaknesses (CWE)

CWE-264

Affected Products (2)

cisco · connected_grid_network_management_systemvulnerable

References (4)

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151109-cg-nms

Vendor Advisory

http://www.securitytracker.com/id/1034106

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151109-cg-nms

Vendor Advisory

http://www.securitytracker.com/id/1034106

KEV Catalog EPSS Scores Vendors All CVEs