Lucene search
K

81 matches found

VulnCheck KEV
VulnCheck KEV
added 2022/01/12 12:0 a.m.3 views

VulnCheck KEV: CVE-2013-6720

Directory traversal vulnerability in download.php in the Passive Capture Application PCA web console in IBM Tealeaf CX 7.x, 8.x through 8.6, 8.7 before FP2, and 8.8 before FP2 allows remote authenticated users to bypass intended access restrictions via a .. dot dot in the log parameter, as...

5.5CVSS7.3AI score0.28583EPSS
Exploits5References1
Openbugbounty
Openbugbounty
added 2020/10/04 5:10 a.m.9 views

pca-services.fr Cross Site Scripting vulnerability OBB-1380412

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

0.7AI score
Exploits0
CVE
CVE
added 2019/05/03 4:40 p.m.61 views

CVE-2019-1856

Cisco Prime Collaboration Assurance (PCA) web-based management interface vulnerability (CVE-2019-1856) allows unauthenticated remote attackers to perform cross-site scripting (XSS) by abusing insufficient validation of data from external devices. A successful exploit could execute arbitrary scrip...

6.1CVSS6.2AI score0.01067EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2019/03/25 7:29 p.m.17 views

CVE-2015-1012

Wireless keys are stored in plain text on version 5 of the Hospira LifeCare PCA Infusion System. According to Hospira, version 3 of the LifeCare PCA Infusion System is not indicated for wireless use, is not shipped with wireless capabilities, and should not be modified to be used in a wireless...

7.5CVSS7.5AI score0.00771EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/03/25 6:20 p.m.19 views

CVE-2015-1012

Wireless keys are stored in plain text on version 5 of the Hospira LifeCare PCA Infusion System. According to Hospira, version 3 of the LifeCare PCA Infusion System is not indicated for wireless use, is not shipped with wireless capabilities, and should not be modified to be used in a wireless...

7.5AI score0.00771EPSS
Exploits0References1
CVE
CVE
added 2019/03/25 6:20 p.m.44 views

CVE-2015-1012

The CVE-2015-1012 entry concerns the Hospira LifeCare PCA Infusion System. Vulnerabilities include cleartext storage of wireless network keys and hardcoded credentials, with multiple related issues (e.g., improper authorization, insufficient verification of data authenticity) that could enable un...

7.5CVSS7.5AI score0.00771EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/02/21 5:29 p.m.14 views

Authentication flaw

A vulnerability in the Quality of Voice Reporting QOVR service of Cisco Prime Collaboration Assurance PCA Software could allow an unauthenticated, remote attacker to access the system as a valid user. The vulnerability is due to insufficient authentication controls. An attacker could exploit this...

6.4CVSS9.1AI score0.01781EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2019/02/21 5:29 p.m.27 views

CVE-2019-1662

A vulnerability in the Quality of Voice Reporting QOVR service of Cisco Prime Collaboration Assurance PCA Software could allow an unauthenticated, remote attacker to access the system as a valid user. The vulnerability is due to insufficient authentication controls. An attacker could exploit this...

9.1CVSS8.6AI score0.01781EPSS
Exploits0References2
CVE
CVE
added 2019/02/21 5:0 p.m.56 views

CVE-2019-1662

CVE-2019-1662 concerns Cisco Prime Collaboration Assurance (PCA) software, specifically the Quality of Voice Reporting (QOVR) service. Affected releases are PCA before 12.1 SP2. The vulnerability stems from insufficient authentication controls, allowing an unauthenticated, remote attacker to conn...

9.1CVSS8.5AI score0.01781EPSS
Exploits0References2Affected Software1
Microsoft KB
Microsoft KB
added 2018/09/11 7:0 a.m.96 views

September 11, 2018—KB4457128 (OS Build 17134.285)

September 11, 2018—KB4457128 OS Build 17134.285 Note This release also contains updates for Microsoft HoloLens OS Build 17134.285 released September 11, 2018. Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Ke...

10CVSS8.3AI score0.74041EPSS
Exploits25
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/23 3:45 a.m.45 views

Security Bulletin: Multiple Security Issues in IBM Tealeaf Customer Experience PCA

Summary Multiple vulnerabilities in Apache HTTPD can cause denial of service and allow a remote attacker to bypass security restrictions and obtain sensitive information in IBM Tealeaf Customer Experience PCA. A Vulnerability in the Memcached library used by the IBM Tealeaf Customer Experience PC...

9.8CVSS1.1AI score0.94999EPSS
Exploits14Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 8:10 p.m.37 views

Security Bulletin: Multiple Security Issues in IBM Tealeaf Customer Experience on Cloud Network Capture Add-On

Summary BlueZ is vulnerable to a denial of service, caused by a buffer over-read issue. By using a specially-crafted dump file, an attacker could exploit this vulnerability to cause the application to crash. IBM Tealeaf contains hard-coded credentials. A remote attacker could exploit this...

9.8CVSS1.3AI score0.13314EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 8:8 p.m.25 views

Security Bulletin: Vulnerability in the OpenSSL library affects IBM Tealeaf Customer Experience PCA (CVE-2017-3730).

Summary A Vulnerability in the OpenSSL library used by the IBM Tealeaf Customer Experience PCA could permit a denial of service attack. Vulnerability Details CVEID: CVE-2017-3730 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference. By sending specially...

7.5CVSS0.9AI score0.55294EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 8:3 p.m.54 views

Security Bulletin: Multiple vulnerabilities in PHP and memcached libraries affect IBM Tealeaf Customer Experience

Summary The IBM Tealeaf Customer Experience PCA component uses versions of PHP and memcached with reported security issues. Vulnerability Details CVEID: CVE-2013-0179 DESCRIPTION: memcached is vulnerable to a denial of service, caused by an error in the processbindelete function within memcached....

10CVSS8.5AI score0.10997EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 7:37 p.m.31 views

Security Bulletin: IBM Tealeaf Customer Experience is affected by a vulnerability in the Apache HTTP server, caused by an error in the mod_log_config module (CVE-2014-0098)

Summary Apache HTTP Server is vulnerable to a denial of service, caused by an error in the modlogconfig module. Vulnerability Details CVE-ID: CVE-2014-0098 DESCRIPTION: IBM Tealeaf Customer Experience’s PCA uses the Apache HTTP server to render its web console. Apache HTTP server is vulnerable to...

5CVSS0.7AI score0.25999EPSS
Exploits2Affected Software1
Openbugbounty
Openbugbounty
added 2018/01/27 10:10 p.m.16 views

pca-one.com XSS vulnerability

Open Bug Bounty ID: OBB-548404 Description| Value ---|--- Affected Website:| pca-one.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/05/09 12:0 a.m.16 views

Cisco Prime Collaboration Assurance 10.5.x / 10.6.x / 11.0.x / 11.1.x < 11.1.66527 Open Redirect (cisco-sa-20160503-pca)

According to its self-reported version number, the remote Cisco Prime Collaboration Assurance device is 10.5.x, 10.6.x, 11.0.x, or 11.1.x prior to 11.1.66527. It is, therefore, affected by an open redirect vulnerability in the web interface component due to improper sanitization of user-supplied...

7.4CVSS7.4AI score0.01002EPSS
Exploits0References2
Prion
Prion
added 2016/01/22 11:59 a.m.12 views

Stack overflow

Stack-based buffer overflow in Hospira Communication Engine CE before 1.2 in LifeCare PCA Infusion System 5.07, Plum A+ Infusion System 13.40, and Plum A+3 Infusion System 13.40 allows remote attackers to cause a denial of service or possibly have unspecified other impact via traffic on TCP port...

7.5CVSS8.6AI score0.01112EPSS
Exploits0References1Affected Software2
ATTACKERKB
ATTACKERKB
added 2016/01/22 11:59 a.m.2 views

CVE-2015-7909

Stack-based buffer overflow in Hospira Communication Engine CE before 1.2 in LifeCare PCA Infusion System 5.07, Plum A+ Infusion System 13.40, and Plum A+3 Infusion System 13.40 allows remote attackers to cause a denial of service or possibly have unspecified other impact via traffic on TCP port...

7.5CVSS6.2AI score0.01112EPSS
Exploits0References2
CVE
CVE
added 2016/01/22 11:0 a.m.45 views

CVE-2015-7909

Hospira LifeCare PCA Infusion System (v5.07) and Plum A+/A+3 Infusion Systems (CE prior to v1.2) are affected by a stack-based buffer overflow in the Hospira Communication Engine (CE) exposed on TCP port 5000. The vulnerability enables a remote attacker to cause a denial of service (and potential...

7.5CVSS8AI score0.01112EPSS
Exploits0References1Affected Software2
Rows per page
Query Builder