Vulnerabilities > Cisco > Prime Collaboration Provisioning > 12.1.base

DATE CVE VULNERABILITY TITLE RISK
2021-09-02 CVE-2021-34732 Cross-site Scripting vulnerability in Cisco Prime Collaboration Provisioning
A vulnerability in the web-based management interface of Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.
network
low complexity
cisco CWE-79
6.1
6.1
2020-05-22 CVE-2020-3184 SQL Injection vulnerability in Cisco Prime Collaboration Provisioning
A vulnerability in the web-based management interface of Cisco Prime Collaboration Provisioning Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system.
network
low complexity
cisco CWE-89
6.5
6.5
2020-03-04 CVE-2020-3193 Information Exposure vulnerability in Cisco Prime Collaboration Provisioning
A vulnerability in the web-based management interface of Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to obtain sensitive information about an affected device.
network
low complexity
cisco CWE-200
5.0
5.0
2020-03-04 CVE-2020-3192 Cross-site Scripting vulnerability in Cisco Prime Collaboration Provisioning
A vulnerability in the web-based management interface of Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface.
network
cisco CWE-79
4.3
4.3
2018-08-01 CVE-2018-0391 Unspecified vulnerability in Cisco products
A vulnerability in the password change function of Cisco Prime Collaboration Provisioning could allow an authenticated, remote attacker to cause the system to become inoperable.
network
low complexity
cisco
6.8
6.8
2018-06-07 CVE-2018-0317 Missing Authorization vulnerability in Cisco products
A vulnerability in the web interface of Cisco Prime Collaboration Provisioning (PCP) could allow an authenticated, remote attacker to escalate their privileges.
network
low complexity
cisco CWE-862
6.5
6.5
2017-11-02 CVE-2017-12276 SQL Injection vulnerability in Cisco Prime Collaboration Provisioning
A vulnerability in the web framework code for the SQL database interface of the Cisco Prime Collaboration Provisioning application could allow an authenticated, remote attacker to impact the confidentiality and integrity of the application by executing arbitrary SQL queries, aka SQL Injection.
network
low complexity
cisco CWE-89
5.5
5.5
2017-07-04 CVE-2017-6706 Information Exposure vulnerability in Cisco Prime Collaboration Provisioning
A vulnerability in the logging subsystem of the Cisco Prime Collaboration Provisioning tool could allow an unauthenticated, local attacker to acquire sensitive information.
local
low complexity
cisco CWE-200
3.6
3.6
2017-07-04 CVE-2017-6703 Improper Authentication vulnerability in Cisco Prime Collaboration Provisioning
A vulnerability in the web application in the Cisco Prime Collaboration Provisioning tool could allow an unauthenticated, remote attacker to hijack another user's session.
network
high complexity
cisco CWE-287
4.0
4.0