Lucene search
CiscoCISCO-SA-20170802-PCPTHistoryAug 02, 2017 - 4:00 p.m.
Cisco Prime Collaboration Provisioning Tool UpgradeManager File Write Vulnerability
2017-08-0216:00:00
tools.cisco.com
23
EPSS
0.001
Percentile
40.6%
A vulnerability in the UpgradeManager of the Cisco Prime Collaboration Provisioning Tool could allow an authenticated, remote attacker to write arbitrary files as root on the system.
The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by triggering the upgrade package installation functionality.
There are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-pcpt [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-pcpt”]
Affected configurations
Node
ciscoprime_collaboration_provisioningMatchany
ORciscoprime_collaboration_provisioningMatchany
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | prime_collaboration_provisioning | any | cpe:2.3:a:cisco:prime_collaboration_provisioning:any:*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2017-6759
2017-08-07 06:29:00
prion
prion
Input validation
2017-08-07 06:29:00
cve
cve
CVE-2017-6759
2017-08-07 06:29:00
cvelist
cvelist
CVE-2017-6759
2017-08-07 06:00:00