Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ciscoCiscoCISCO-SA-20170517-PCP2
HistoryMay 17, 2017 - 4:00 p.m.

Cisco Prime Collaboration Provisioning Information Disclosure Vulnerability

2017-05-1716:00:00
tools.cisco.com
9

0.53 Medium

EPSS

Percentile

97.6%

JSON

A vulnerability in the web interface of Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to access sensitive data. The attacker could use this information to conduct additional reconnaissance attacks.

The vulnerability is due to insufficient protection of sensitive data when responding to an HTTP request on the web interface. An attacker could exploit the vulnerability by sending a crafted HTTP request to the application to access specific system files. An exploit could allow the attacker to obtain sensitive information about the application which could include user credentials.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-pcp2 [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-pcp2”]

Affected configurations

Vulners
Node
ciscoprime_collaboration_provisioningMatchany
OR
ciscoprime_collaboration_provisioningMatchany

Related

nvd 1
cve 1
checkpoint_advisories 1
cvelist 1
zdi 1
openvas 1
prion 1
nessus 1
nvd
nvd
CVE-2017-6621
2017-05-18 19:29:00
cve
cve
CVE-2017-6621
2017-05-18 19:29:00
checkpoint_advisories
checkpoint_advisories
Cisco Prime Collaboration Provisioning logconfigtracer.jsp Directory Traversal (CVE-2017-6621)
2017-08-08 00:00:00
cvelist
cvelist
CVE-2017-6621
2017-05-18 19:00:00
zdi
zdi
Cisco Prime Collaboration Provisioning logconfigtracer Directory Traversal Information Disclosure Vulnerability
2017-06-26 00:00:00
openvas
openvas
Cisco Prime Collaboration Provisioning Information Disclosure Vulnerability (May 2017)
2017-05-23 00:00:00
prion
prion
Design/Logic Flaw
2017-05-18 19:29:00
nessus
nessus
Cisco Prime Collaboration Provisioning < 12.1 Multiple Vulnerabilities (cisco-sa-20170517-pcp1 - cisco-sa-20170517-pcp3)
2017-05-22 00:00:00

0.53 Medium

EPSS

Percentile

97.6%

JSON
Related for CISCO-SA-20170517-PCP2
nvd1cve1checkpoint_advisories1cvelist1zdi1openvas1prion1nessus1