Lucene search
CiscoCISCO-SA-20170802-PCPT1HistoryAug 02, 2017 - 4:00 p.m.
Cisco Prime Collaboration Provisioning Tool Pervasive Cross-Site Request Forgery Vulnerability
2017-08-0216:00:00
tools.cisco.com
17
0.002 Low
EPSS
Percentile
55.4%
A vulnerability in the Web UI Application of the Cisco Prime Collaboration Provisioning Tool could allow an unauthenticated, remote attacker to execute unwanted actions.
The vulnerability is due to a lack of defense against cross-site request forgery (CSRF) attacks. An attacker could exploit this vulnerability by forcing the userβs browser to perform any action authorized for that user.
There are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-pcpt1 [βhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-pcpt1β]
Affected configurations
Node
ciscoprime_collaboration_provisioningMatchany
ORciscoprime_collaboration_provisioningMatchany
| CPE | Name | Operator | Version |
|---|---|---|---|
| cisco prime collaboration provisioning | eq | any | |
| cisco prime collaboration provisioning | eq | any |
Related
nvd
nvd
CVE-2017-6756
2017-08-07 06:29:00
prion
prion
Cross site request forgery (csrf)
2017-08-07 06:29:00
cve
cve
CVE-2017-6756
2017-08-07 06:29:00
cvelist
cvelist
CVE-2017-6756
2017-08-07 06:00:00