9 matches found
EUVD-2017-15690
Malware in sbrugna...
CVE-2020-3184
A vulnerability in the web-based management interface of Cisco Prime Collaboration Provisioning Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. The vulnerability exists because the web-based management interface improperly validates...
CVE-2020-3192
A vulnerability in the web-based management interface of Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface. The vulnerability is due to insufficient validation of...
CVE-2018-0336
A vulnerability in the batch provisioning feature of Cisco Prime Collaboration Provisioning could allow an authenticated, remote attacker to escalate privileges to the Administrator level. The vulnerability is due to insufficient authorization enforcement on batch processing. An attacker could...
CVE-2018-0320
A vulnerability in the web framework code of Cisco Prime Collaboration Provisioning PCP could allow an unauthenticated, remote attacker to execute arbitrary SQL queries. The vulnerability is due to a lack of proper validation on user-supplied input in SQL queries. An attacker could exploit this...
CVE-2018-0318
A vulnerability in the password reset function of Cisco Prime Collaboration Provisioning PCP could allow an unauthenticated, remote attacker to gain unauthorized access to an affected device. The vulnerability is due to insufficient validation of a password reset request. An attacker could exploi...
CVE-2018-0141
A vulnerability in Cisco Prime Collaboration Provisioning PCP Software 11.6 could allow an unauthenticated, local attacker to log in to the underlying Linux operating system. The vulnerability is due to a hard-coded account password on the system. An attacker could exploit this vulnerability by...
CVE-2018-0205
A vulnerability in the User Provisioning tab in the Cisco Prime Collaboration Provisioning Tool could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack. The vulnerability is due to improper input validation. An attacker could exploit this vulnerability by...
CVE-2016-1416
Cisco Prime Collaboration Provisioning 10.6 SP2 aka 10.6.0.10602 mishandles LDAP authentication, which allows remote attackers to obtain administrator privileges via a crafted login attempt, aka Bug ID CSCuv37513...