81 matches found
VulnCheck KEV: CVE-2013-6720
Directory traversal vulnerability in download.php in the Passive Capture Application PCA web console in IBM Tealeaf CX 7.x, 8.x through 8.6, 8.7 before FP2, and 8.8 before FP2 allows remote authenticated users to bypass intended access restrictions via a .. dot dot in the log parameter, as...
pca-services.fr Cross Site Scripting vulnerability OBB-1380412
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
CVE-2019-1856
Cisco Prime Collaboration Assurance (PCA) web-based management interface vulnerability (CVE-2019-1856) allows unauthenticated remote attackers to perform cross-site scripting (XSS) by abusing insufficient validation of data from external devices. A successful exploit could execute arbitrary scrip...
CVE-2015-1012
Wireless keys are stored in plain text on version 5 of the Hospira LifeCare PCA Infusion System. According to Hospira, version 3 of the LifeCare PCA Infusion System is not indicated for wireless use, is not shipped with wireless capabilities, and should not be modified to be used in a wireless...
CVE-2015-1012
Wireless keys are stored in plain text on version 5 of the Hospira LifeCare PCA Infusion System. According to Hospira, version 3 of the LifeCare PCA Infusion System is not indicated for wireless use, is not shipped with wireless capabilities, and should not be modified to be used in a wireless...
CVE-2015-1012
The CVE-2015-1012 entry concerns the Hospira LifeCare PCA Infusion System. Vulnerabilities include cleartext storage of wireless network keys and hardcoded credentials, with multiple related issues (e.g., improper authorization, insufficient verification of data authenticity) that could enable un...
Authentication flaw
A vulnerability in the Quality of Voice Reporting QOVR service of Cisco Prime Collaboration Assurance PCA Software could allow an unauthenticated, remote attacker to access the system as a valid user. The vulnerability is due to insufficient authentication controls. An attacker could exploit this...
CVE-2019-1662
A vulnerability in the Quality of Voice Reporting QOVR service of Cisco Prime Collaboration Assurance PCA Software could allow an unauthenticated, remote attacker to access the system as a valid user. The vulnerability is due to insufficient authentication controls. An attacker could exploit this...
CVE-2019-1662
CVE-2019-1662 concerns Cisco Prime Collaboration Assurance (PCA) software, specifically the Quality of Voice Reporting (QOVR) service. Affected releases are PCA before 12.1 SP2. The vulnerability stems from insufficient authentication controls, allowing an unauthenticated, remote attacker to conn...
September 11, 2018—KB4457128 (OS Build 17134.285)
September 11, 2018—KB4457128 OS Build 17134.285 Note This release also contains updates for Microsoft HoloLens OS Build 17134.285 released September 11, 2018. Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Ke...
Security Bulletin: Multiple Security Issues in IBM Tealeaf Customer Experience PCA
Summary Multiple vulnerabilities in Apache HTTPD can cause denial of service and allow a remote attacker to bypass security restrictions and obtain sensitive information in IBM Tealeaf Customer Experience PCA. A Vulnerability in the Memcached library used by the IBM Tealeaf Customer Experience PC...
Security Bulletin: Multiple Security Issues in IBM Tealeaf Customer Experience on Cloud Network Capture Add-On
Summary BlueZ is vulnerable to a denial of service, caused by a buffer over-read issue. By using a specially-crafted dump file, an attacker could exploit this vulnerability to cause the application to crash. IBM Tealeaf contains hard-coded credentials. A remote attacker could exploit this...
Security Bulletin: Vulnerability in the OpenSSL library affects IBM Tealeaf Customer Experience PCA (CVE-2017-3730).
Summary A Vulnerability in the OpenSSL library used by the IBM Tealeaf Customer Experience PCA could permit a denial of service attack. Vulnerability Details CVEID: CVE-2017-3730 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference. By sending specially...
Security Bulletin: Multiple vulnerabilities in PHP and memcached libraries affect IBM Tealeaf Customer Experience
Summary The IBM Tealeaf Customer Experience PCA component uses versions of PHP and memcached with reported security issues. Vulnerability Details CVEID: CVE-2013-0179 DESCRIPTION: memcached is vulnerable to a denial of service, caused by an error in the processbindelete function within memcached....
Security Bulletin: IBM Tealeaf Customer Experience is affected by a vulnerability in the Apache HTTP server, caused by an error in the mod_log_config module (CVE-2014-0098)
Summary Apache HTTP Server is vulnerable to a denial of service, caused by an error in the modlogconfig module. Vulnerability Details CVE-ID: CVE-2014-0098 DESCRIPTION: IBM Tealeaf Customer Experience’s PCA uses the Apache HTTP server to render its web console. Apache HTTP server is vulnerable to...
pca-one.com XSS vulnerability
Open Bug Bounty ID: OBB-548404 Description| Value ---|--- Affected Website:| pca-one.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
Cisco Prime Collaboration Assurance 10.5.x / 10.6.x / 11.0.x / 11.1.x < 11.1.66527 Open Redirect (cisco-sa-20160503-pca)
According to its self-reported version number, the remote Cisco Prime Collaboration Assurance device is 10.5.x, 10.6.x, 11.0.x, or 11.1.x prior to 11.1.66527. It is, therefore, affected by an open redirect vulnerability in the web interface component due to improper sanitization of user-supplied...
Stack overflow
Stack-based buffer overflow in Hospira Communication Engine CE before 1.2 in LifeCare PCA Infusion System 5.07, Plum A+ Infusion System 13.40, and Plum A+3 Infusion System 13.40 allows remote attackers to cause a denial of service or possibly have unspecified other impact via traffic on TCP port...
CVE-2015-7909
Stack-based buffer overflow in Hospira Communication Engine CE before 1.2 in LifeCare PCA Infusion System 5.07, Plum A+ Infusion System 13.40, and Plum A+3 Infusion System 13.40 allows remote attackers to cause a denial of service or possibly have unspecified other impact via traffic on TCP port...
CVE-2015-7909
Hospira LifeCare PCA Infusion System (v5.07) and Plum A+/A+3 Infusion Systems (CE prior to v1.2) are affected by a stack-based buffer overflow in the Hospira Communication Engine (CE) exposed on TCP port 5000. The vulnerability enables a remote attacker to cause a denial of service (and potential...