6 matches found
CVE-2018-0204
CVE-2018-0204 affects the Cisco Prime Collaboration Provisioning Tool web portal. The root cause is weak login controls, enabling an unauthenticated, remote attacker to perform brute-force login attempts that can restrict user access and cause a DoS condition for individual users. The impact is r...
CVE-2018-0205
A vulnerability in the User Provisioning tab in the Cisco Prime Collaboration Provisioning Tool could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack. The vulnerability is due to improper input validation. An attacker could exploit this vulnerability by...
Cisco Prime Collaboration Provisioning Tool User Provisioning Tab Cross-Site Scripting Vulnerability
A vulnerability in the User Provisioning tab in the Cisco Prime Collaboration Provisioning Tool could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack. The vulnerability is due to improper input validation. An attacker could exploit this vulnerability by...
Cisco Prime Collaboration Provisioning Tool System File Overwrite Vulnerability
A vulnerability in the batch provisioning feature in Cisco Prime Collaboration Provisioning Tool could allow an authenticated, remote attacker to overwrite system files as root. The vulnerability is due to lack of input validation of the parameters in BatchFileName and Directory. An attacker coul...
CVE-2017-6756
A vulnerability in the Web UI Application of the Cisco Prime Collaboration Provisioning Tool through 12.2 could allow an unauthenticated, remote attacker to execute unwanted actions. The vulnerability is due to a lack of defense against cross-site request forgery CSRF attacks. An attacker could...
CVE-2017-6759
CVE-2017-6759 affects Cisco Prime Collaboration Provisioning Tool (PCPT) 12.1 UpgradeManager. The flaw stems from insufficient input validation in the upgrade package installation functionality, allowing an authenticated, remote attacker to write arbitrary files as root on the system. Documents c...