4 matches found
CVE-2020-3193
CVE-2020-3193 concerns Cisco Prime Collaboration Provisioning; the web-based management interface reveals unnecessary server information in responses, allowing unauthenticated remote attackers to obtain details about the OS and web server version. Root cause: information disclosure via standard i...
CVE-2017-12276
Cisco Prime Collaboration Provisioning (before v12.3) is affected by an authenticated SQL injection in the web framework’s SQL database interface (CVE-2017-12276). Exploitation requires valid user credentials and can lead to disclosure/integrity impact by executing arbitrary SQL queries through c...
CVE-2020-3192
CVE-2020-3192 affects Cisco Prime Collaboration Provisioning web-based management interface. Root cause: insufficient validation of user-supplied input enabling cross-site scripting (XSS). An unauthenticated, remote attacker could entice a user to click a crafted link to execute arbitrary script ...
CVE-2020-3184
The CVE-2020-3184 entry relates to Cisco Prime Collaboration Provisioning Software. The vulnerability exists in the web-based management interface where input for certain SQL queries is not properly validated. An authenticated attacker with valid admin credentials could exploit this to perform SQ...