Vulnerabilities > Cisco > Prime Collaboration Assurance > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-05-03 | CVE-2019-1856 | Cross-site Scripting vulnerability in Cisco Prime Collaboration Assurance 12.1 A vulnerability in the web-based management interface of Cisco Prime Collaboration Assurance (PCA) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 6.1 |
| 2018-10-17 | CVE-2018-15438 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Prime Collaboration Assurance 12.1 A vulnerability in the web-based management interface of Cisco Prime Collaboration Assurance could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected system. | 6.5 |
| 2018-10-05 | CVE-2018-0458 | Cross-site Scripting vulnerability in Cisco Prime Collaboration Assurance 11.6.0 A vulnerability in the web-based management interface of Cisco Prime Collaboration Assurance could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 6.1 |
| 2017-02-22 | CVE-2017-3845 | Cross-site Scripting vulnerability in Cisco Prime Collaboration Assurance 11.0.0/11.1.0/11.5.0 A vulnerability in the web-based management interface of Cisco Prime Collaboration Assurance could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 6.1 |
| 2017-02-22 | CVE-2017-3844 | Improper Input Validation vulnerability in Cisco Prime Collaboration Assurance 11.0.0/11.1.0/11.5.0 A vulnerability in exporting functions of the user interface for Cisco Prime Collaboration Assurance could allow an authenticated, remote attacker to view file directory listings and download files. | 4.3 |
| 2017-02-22 | CVE-2017-3843 | Improper Input Validation vulnerability in Cisco Prime Collaboration Assurance 11.0.0/11.1.0/11.5.0 A vulnerability in the file download functions for Cisco Prime Collaboration Assurance could allow an authenticated, remote attacker to download system files that should be restricted. | 4.3 |
| 2016-12-14 | CVE-2016-9200 | Cross-site Scripting vulnerability in Cisco Prime Collaboration Assurance 10.5.1/10.6.0 A vulnerability in the web framework code of Cisco Prime Collaboration Assurance could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface. | 6.1 |