Lucene search
K

6 matches found

CVE
CVE
added 2018/02/22 12:0 a.m.68 views

CVE-2018-0204

CVE-2018-0204 affects the Cisco Prime Collaboration Provisioning Tool web portal. The root cause is weak login controls, enabling an unauthenticated, remote attacker to perform brute-force login attempts that can restrict user access and cause a DoS condition for individual users. The impact is r...

7.5CVSS7.5AI score0.02404EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2018/02/22 12:0 a.m.8 views

CVE-2018-0205

A vulnerability in the User Provisioning tab in the Cisco Prime Collaboration Provisioning Tool could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack. The vulnerability is due to improper input validation. An attacker could exploit this vulnerability by...

5.9AI score0.01244EPSS
Exploits0References3
Cisco
Cisco
added 2018/02/21 4:0 p.m.63 views

Cisco Prime Collaboration Provisioning Tool User Provisioning Tab Cross-Site Scripting Vulnerability

A vulnerability in the User Provisioning tab in the Cisco Prime Collaboration Provisioning Tool could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack. The vulnerability is due to improper input validation. An attacker could exploit this vulnerability by...

4.7CVSS1.3AI score0.01244EPSS
Exploits0References1
Cisco
Cisco
added 2017/09/06 4:0 p.m.29 views

Cisco Prime Collaboration Provisioning Tool System File Overwrite Vulnerability

A vulnerability in the batch provisioning feature in Cisco Prime Collaboration Provisioning Tool could allow an authenticated, remote attacker to overwrite system files as root. The vulnerability is due to lack of input validation of the parameters in BatchFileName and Directory. An attacker coul...

6.5CVSS6.5AI score0.01921EPSS
Exploits0References1
NVD
NVD
added 2017/08/07 6:29 a.m.14 views

CVE-2017-6756

A vulnerability in the Web UI Application of the Cisco Prime Collaboration Provisioning Tool through 12.2 could allow an unauthenticated, remote attacker to execute unwanted actions. The vulnerability is due to a lack of defense against cross-site request forgery CSRF attacks. An attacker could...

8.8CVSS8.9AI score0.00831EPSS
Exploits0References3
CVE
CVE
added 2017/08/07 6:0 a.m.50 views

CVE-2017-6759

CVE-2017-6759 affects Cisco Prime Collaboration Provisioning Tool (PCPT) 12.1 UpgradeManager. The flaw stems from insufficient input validation in the upgrade package installation functionality, allowing an authenticated, remote attacker to write arbitrary files as root on the system. Documents c...

6.8CVSS6.5AI score0.01543EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder