3 matches found
CVE-2023-20060
CVE-2023-20060 relates to Cisco Prime Collaboration Deployment’s web-based management interface. The issue arises from improper validation of user-supplied input, enabling an unauthenticated, remote attacker to lure a user into clicking a crafted link and execute arbitrary script code in the inte...
CVE-2023-20259
CVE-2023-20259 concerns Cisco Unified Communications products exposing an unauthenticated API that can be abused to cause high CPU utilization and DoS, potentially impacting web management access and call processing. The issue arises from improper API authentication and incomplete validation of A...
CVE-2016-1437
CVE-2016-1437 is a SQL injection vulnerability in the SQL database of Cisco Prime Collaboration Deployment, affecting versions prior to 11.5.1. The flaw allows remote authenticated users to execute arbitrary SQL commands via a crafted URL (Bug CSCuy92549). Exploitation relies on inadequate input ...