Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
CiscoPrime Collaboration Provisioning

15 matches found

CVE
CVEadded 2017/11/02 4:29 p.m.75 views

CVE-2017-12276

A vulnerability in the web framework code for the SQL database interface of the Cisco Prime Collaboration Provisioning application could allow an authenticated, remote attacker to impact the confidentiality and integrity of the application by executing arbitrary SQL queries, aka SQL Injection. The ...

8.1CVSS8.1AI score0.0036EPSS
CVE
CVEadded 2017/05/18 7:29 p.m.48 views

CVE-2017-6621

A vulnerability in the web interface of Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to access sensitive data. The attacker could use this information to conduct additional reconnaissance attacks. The vulnerability is due to insufficient protection of sensi...

7.5CVSS7.3AI score0.03823EPSS
CVE
CVEadded 2017/05/18 7:29 p.m.43 views

CVE-2017-6622

A vulnerability in the web interface for Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to bypass authentication and perform command injection with root privileges. The vulnerability is due to missing security constraints in certain HTTP request methods, whic...

10CVSS9.7AI score0.77352EPSS
CVE
CVEadded 2017/05/22 1:29 a.m.43 views

CVE-2017-6637

A vulnerability in the web interface of Cisco Prime Collaboration Provisioning Software (prior to Release 11.1) could allow an authenticated, remote attacker to delete any file from an affected system. The vulnerability exists because the affected software does not perform proper input validation o...

6.5CVSS6.4AI score0.01136EPSS
CVE
CVEadded 2017/05/22 1:29 a.m.42 views

CVE-2017-6635

A vulnerability in the web interface of Cisco Prime Collaboration Provisioning Software (prior to Release 12.1) could allow an authenticated, remote attacker to delete any file from an affected system. The vulnerability exists because the affected software does not perform proper input validation o...

6.8CVSS6.5AI score0.04886EPSS
CVE
CVEadded 2017/07/25 7:29 p.m.40 views

CVE-2017-6755

A vulnerability in the web portal of the Cisco Prime Collaboration Provisioning (PCP) Tool could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system. More Information: CSCvc90312. Known Affected Releases:...

6.1CVSS5.9AI score0.00349EPSS
CVE
CVEadded 2017/08/07 6:29 a.m.40 views

CVE-2017-6756

A vulnerability in the Web UI Application of the Cisco Prime Collaboration Provisioning Tool through 12.2 could allow an unauthenticated, remote attacker to execute unwanted actions. The vulnerability is due to a lack of defense against cross-site request forgery (CSRF) attacks. An attacker could e...

8.8CVSS8.8AI score0.00329EPSS
CVE
CVEadded 2017/09/07 9:29 p.m.40 views

CVE-2017-6793

A vulnerability in the Inventory Management feature of Cisco Prime Collaboration Provisioning Tool could allow an authenticated, remote attacker to view sensitive information on the system. The vulnerability is due to insufficient protection of restricted information. An attacker could exploit this...

6.5CVSS6.2AI score0.00213EPSS
CVE
CVEadded 2017/07/04 12:29 a.m.39 views

CVE-2017-6704

A vulnerability in the web application in the Cisco Prime Collaboration Provisioning tool could allow an authenticated, remote attacker to perform arbitrary file downloads that could allow the attacker to read files from the underlying filesystem. More Information: CSCvc90335. Known Affected Releas...

6.5CVSS6.4AI score0.00965EPSS
CVE
CVEadded 2017/09/07 9:29 p.m.39 views

CVE-2017-6792

A vulnerability in the batch provisioning feature in Cisco Prime Collaboration Provisioning Tool could allow an authenticated, remote attacker to overwrite system files as root. The vulnerability is due to lack of input validation of the parameters in BatchFileName and Directory. An attacker could ...

8.5CVSS6.4AI score0.00398EPSS
CVE
CVEadded 2017/07/04 12:29 a.m.38 views

CVE-2017-6703

A vulnerability in the web application in the Cisco Prime Collaboration Provisioning tool could allow an unauthenticated, remote attacker to hijack another user's session. More Information: CSCvc90346. Known Affected Releases: 12.1.

5.9CVSS5.8AI score0.00977EPSS
CVE
CVEadded 2017/05/22 1:29 a.m.37 views

CVE-2017-6636

A vulnerability in the web interface of Cisco Prime Collaboration Provisioning Software (prior to Release 11.1) could allow an authenticated, remote attacker to view any file on an affected system. The vulnerability exists because the affected software does not perform proper input validation of HT...

6.5CVSS6.4AI score0.03768EPSS
CVE
CVEadded 2017/08/07 6:29 a.m.35 views

CVE-2017-6759

A vulnerability in the UpgradeManager of the Cisco Prime Collaboration Provisioning Tool 12.1 could allow an authenticated, remote attacker to write arbitrary files as root on the system. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by trig...

6.8CVSS6.5AI score0.0027EPSS
CVE
CVEadded 2017/07/04 12:29 a.m.33 views

CVE-2017-6706

A vulnerability in the logging subsystem of the Cisco Prime Collaboration Provisioning tool could allow an unauthenticated, local attacker to acquire sensitive information. More Information: CSCvd07260. Known Affected Releases: 12.1.

5.1CVSS5.1AI score0.00068EPSS
CVE
CVEadded 2017/07/04 12:29 a.m.32 views

CVE-2017-6705

A vulnerability in the filesystem of the Cisco Prime Collaboration Provisioning tool could allow an authenticated, local attacker to acquire sensitive information. More Information: CSCvc82973. Known Affected Releases: 12.1.

5.5CVSS5.3AI score0.00078EPSS