CVE-2015-6362

Name of the Vulnerable Software and Affected Versions Cisco Connected Grid Network Management System (CG-NMS) versions 3.0(0.35) through 3.0(0.54)

Description The issue allows remote authenticated users to bypass intended access restrictions and modify the configuration by leveraging the Monitor-Only role.

Recommendations For versions 3.0(0.35) through 3.0(0.54), consider restricting the Monitor-Only role to prevent unauthorized configuration modifications until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.