25 matches found
EUVD-2019-16769
Malware in sbrugna...
ABB PB610 Panel Builder 600 Use of Hard-Coded Credentials (CVE-2019-7225)
The ABB HMI components implement hidden administrative accounts that are used during the provisioning phase of the HMI interface. These credentials allow the provisioning tool Panel Builder 600 to flash a new interface and Tags MODBUS coils mapping to the HMI. These credentials are the idal123...
CVE-2019-7225
The ABB HMI components implement hidden administrative accounts that are used during the provisioning phase of the HMI interface. These credentials allow the provisioning tool "Panel Builder 600" to flash a new interface and Tags MODBUS coils mapping to the HMI. These credentials are the idal123...
Cisco Prime Collaboration Provisioning Tool Cross-Site Scripting Vulnerability (CNVD-2018-05347)
The Cisco Prime Collaboration Provisioning Tool is a set of Web-based, next-generation communications services tools from Cisco. The tool provides IP communication service capabilities for IP telephony, voice mail, and unified communications environments.The User Provisioning tab is one of the us...
Cisco Prime Collaboration Provisioning Tool Denial of Service Vulnerability
Cisco Prime Collaboration Provisioning Tool is a set of Web-based next-generation communication service tools from Cisco. The tool provides IP communication service features for IP telephony, voicemail and unified communications environments. web portal is one of the web portal. A denial of servi...
CVE-2018-0204
A vulnerability in the web portal of the Cisco Prime Collaboration Provisioning Tool could allow an unauthenticated, remote attacker to create a denial of service DoS condition for individual users. The vulnerability is due to weak login controls. An attacker could exploit this vulnerability by...
CVE-2018-0204
CVE-2018-0204 affects the Cisco Prime Collaboration Provisioning Tool web portal. The root cause is weak login controls, enabling an unauthenticated, remote attacker to perform brute-force login attempts that can restrict user access and cause a DoS condition for individual users. The impact is r...
CVE-2018-0205
The CVE-2018-0205 issue affects Cisco Prime Collaboration Provisioning Tool, specifically the User Provisioning tab. It arises from improper input validation, allowing an unauthenticated, remote attacker to inject crafted data into the provisioning database and trigger a cross-site scripting (XSS...
CVE-2018-0205
A vulnerability in the User Provisioning tab in the Cisco Prime Collaboration Provisioning Tool could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack. The vulnerability is due to improper input validation. An attacker could exploit this vulnerability by...
Cisco Prime Collaboration Provisioning Tool User Provisioning Tab Cross-Site Scripting Vulnerability
A vulnerability in the User Provisioning tab in the Cisco Prime Collaboration Provisioning Tool could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack. The vulnerability is due to improper input validation. An attacker could exploit this vulnerability by...
Cisco Prime Collaboration Provisioning Tool Information Disclosure Vulnerability
Cisco Prime Collaboration Provisioning Tool is a set of Web-based, next-generation communications services tools from Cisco. The tool provides IP communication services capabilities for IP telephony, voice mail and unified communications environments. An information disclosure vulnerability exist...
Cisco Prime Collaboration Provisioning Tool System File Overwrite Vulnerability
A vulnerability in the batch provisioning feature in Cisco Prime Collaboration Provisioning Tool could allow an authenticated, remote attacker to overwrite system files as root. The vulnerability is due to lack of input validation of the parameters in BatchFileName and Directory. An attacker coul...
Cisco Prime Collaboration Provisioning Tool Arbitrary File Write Vulnerability
Cisco Prime Collaboration Provisioning Tool is a set of Web-based, next-generation communications services tools from Cisco. The tool provides IP communication services capabilities for IP telephony, voice mail, and unified communications environments. upgradeManager is one of the upgrade manager...
CVE-2017-6759
A vulnerability in the UpgradeManager of the Cisco Prime Collaboration Provisioning Tool 12.1 could allow an authenticated, remote attacker to write arbitrary files as root on the system. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by...
CVE-2017-6756
A vulnerability in the Web UI Application of the Cisco Prime Collaboration Provisioning Tool through 12.2 could allow an unauthenticated, remote attacker to execute unwanted actions. The vulnerability is due to a lack of defense against cross-site request forgery CSRF attacks. An attacker could...
Input validation
A vulnerability in the UpgradeManager of the Cisco Prime Collaboration Provisioning Tool 12.1 could allow an authenticated, remote attacker to write arbitrary files as root on the system. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by...
CVE-2017-6756
A vulnerability in the Web UI Application of the Cisco Prime Collaboration Provisioning Tool through 12.2 could allow an unauthenticated, remote attacker to execute unwanted actions. The vulnerability is due to a lack of defense against cross-site request forgery CSRF attacks. An attacker could...
CVE-2017-6759
CVE-2017-6759 affects Cisco Prime Collaboration Provisioning Tool (PCPT) 12.1 UpgradeManager. The flaw stems from insufficient input validation in the upgrade package installation functionality, allowing an authenticated, remote attacker to write arbitrary files as root on the system. Documents c...
Cisco Prime Collaboration Provisioning Tool Cross-Site Request Forgery Vulnerability
Cisco Prime Collaboration is a comprehensive video and voice service assurance and management system. A cross-site request forgery vulnerability exists in the Cisco Prime Collaboration Provisioning tool. This allows remote attackers to hijack the authentication of arbitrary user identities...
Cisco Prime Collaboration Provisioning Tool UpgradeManager File Write Vulnerability
A vulnerability in the UpgradeManager of the Cisco Prime Collaboration Provisioning Tool could allow an authenticated, remote attacker to write arbitrary files as root on the system. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by...