Lucene search
CiscoCISCO-SA-20170621-PCP1HistoryJun 21, 2017 - 4:00 p.m.
Cisco Prime Collaboration Provisioning Tool Session Hijacking Vulnerability
2017-06-2116:00:00
tools.cisco.com
12
EPSS
0.002
Percentile
56.2%
A vulnerability in the web application in the Cisco Prime Collaboration Provisioning tool could allow an unauthenticated, remote attacker to hijack another user’s session.
The vulnerability is due to insufficient session management during user authentication. An attacker could exploit this vulnerability by performing a session fixation attack against the web application.
There are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-pcp1 [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-pcp1”]
Affected configurations
Node
ciscoprime_collaboration_provisioningMatchany
ORciscoprime_collaboration_provisioningMatchany
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | prime_collaboration_provisioning | any | cpe:2.3:a:cisco:prime_collaboration_provisioning:any:*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2017-6703
2017-07-04 00:29:00
cvelist
cvelist
CVE-2017-6703
2017-07-04 00:00:00
cve
cve
CVE-2017-6703
2017-07-04 00:29:00
prion
prion
Design/Logic Flaw
2017-07-04 00:29:00