Vulnerabilities > Cisco > Prime Collaboration Assurance > 11.0.0

DATE CVE VULNERABILITY TITLE RISK
2019-02-21 CVE-2019-1662 Improper Authentication vulnerability in Cisco Prime Collaboration Assurance
A vulnerability in the Quality of Voice Reporting (QOVR) service of Cisco Prime Collaboration Assurance (PCA) Software could allow an unauthenticated, remote attacker to access the system as a valid user.
network
low complexity
cisco CWE-287
critical
 9.1
9.1
2018-06-07 CVE-2018-0321 Improper Authentication vulnerability in Cisco products
A vulnerability in Cisco Prime Collaboration Provisioning (PCP) could allow an unauthenticated, remote attacker to access the Java Remote Method Invocation (RMI) system.
network
low complexity
cisco CWE-287
critical
 9.8
9.8
2017-02-22 CVE-2017-3845 Cross-site Scripting vulnerability in Cisco Prime Collaboration Assurance 11.0.0/11.1.0/11.5.0
A vulnerability in the web-based management interface of Cisco Prime Collaboration Assurance could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.
network
low complexity
cisco CWE-79
6.1
6.1
2017-02-22 CVE-2017-3844 Improper Input Validation vulnerability in Cisco Prime Collaboration Assurance 11.0.0/11.1.0/11.5.0
A vulnerability in exporting functions of the user interface for Cisco Prime Collaboration Assurance could allow an authenticated, remote attacker to view file directory listings and download files.
network
low complexity
cisco CWE-20
4.3
4.3
2017-02-22 CVE-2017-3843 Improper Input Validation vulnerability in Cisco Prime Collaboration Assurance 11.0.0/11.1.0/11.5.0
A vulnerability in the file download functions for Cisco Prime Collaboration Assurance could allow an authenticated, remote attacker to download system files that should be restricted.
network
low complexity
cisco CWE-20
4.3
4.3
2016-05-05 CVE-2016-1392 Unspecified vulnerability in Cisco Prime Collaboration Assurance
Open redirect vulnerability in Cisco Prime Collaboration Assurance Software 10.5 through 11.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka Bug ID CSCuu34121.
network
low complexity
cisco
7.4
7.4