Vulnerabilities > Cisco > Prime Collaboration Provisioning > 12.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-02 | CVE-2021-34732 | Cross-site Scripting vulnerability in Cisco Prime Collaboration Provisioning A vulnerability in the web-based management interface of Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. | 6.1 |
| 2020-05-22 | CVE-2020-3184 | SQL Injection vulnerability in Cisco Prime Collaboration Provisioning A vulnerability in the web-based management interface of Cisco Prime Collaboration Provisioning Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. | 7.2 |
| 2020-03-04 | CVE-2020-3193 | Information Exposure vulnerability in Cisco Prime Collaboration Provisioning A vulnerability in the web-based management interface of Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to obtain sensitive information about an affected device. | 5.3 |
| 2020-03-04 | CVE-2020-3192 | Cross-site Scripting vulnerability in Cisco Prime Collaboration Provisioning A vulnerability in the web-based management interface of Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. | 6.1 |
| 2018-08-01 | CVE-2018-0391 | Unspecified vulnerability in Cisco products A vulnerability in the password change function of Cisco Prime Collaboration Provisioning could allow an authenticated, remote attacker to cause the system to become inoperable. | 6.5 |
| 2018-06-07 | CVE-2018-0317 | Missing Authorization vulnerability in Cisco products A vulnerability in the web interface of Cisco Prime Collaboration Provisioning (PCP) could allow an authenticated, remote attacker to escalate their privileges. | 8.8 |
| 2017-11-02 | CVE-2017-12276 | SQL Injection vulnerability in Cisco Prime Collaboration Provisioning A vulnerability in the web framework code for the SQL database interface of the Cisco Prime Collaboration Provisioning application could allow an authenticated, remote attacker to impact the confidentiality and integrity of the application by executing arbitrary SQL queries, aka SQL Injection. | 8.1 |
| 2017-08-07 | CVE-2017-6756 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Prime Collaboration Provisioning 12.2 A vulnerability in the Web UI Application of the Cisco Prime Collaboration Provisioning Tool through 12.2 could allow an unauthenticated, remote attacker to execute unwanted actions. | 8.8 |