Vulnerabilities > Cisco > Prime Collaboration Provisioning
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-07 | CVE-2018-0317 | Missing Authorization vulnerability in Cisco products A vulnerability in the web interface of Cisco Prime Collaboration Provisioning (PCP) could allow an authenticated, remote attacker to escalate their privileges. | 6.5 |
| 2018-06-07 | CVE-2017-6779 | Resource Exhaustion vulnerability in Cisco products Multiple Cisco products are affected by a vulnerability in local file management for certain system log files of Cisco collaboration products that could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a denial of service (DoS) condition. | 7.8 |
| 2018-03-08 | CVE-2018-0141 | Use of Hard-coded Credentials vulnerability in Cisco products A vulnerability in Cisco Prime Collaboration Provisioning (PCP) Software 11.6 could allow an unauthenticated, local attacker to log in to the underlying Linux operating system. | 7.2 |
| 2018-02-22 | CVE-2018-0205 | Cross-site Scripting vulnerability in Cisco Prime Collaboration Provisioning 12.1 A vulnerability in the User Provisioning tab in the Cisco Prime Collaboration Provisioning Tool could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack. | 4.3 |
| 2018-02-22 | CVE-2018-0204 | Weak Password Requirements vulnerability in Cisco Prime Collaboration Provisioning 12.1 A vulnerability in the web portal of the Cisco Prime Collaboration Provisioning Tool could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition for individual users. | 5.0 |
| 2017-11-02 | CVE-2017-12276 | SQL Injection vulnerability in Cisco Prime Collaboration Provisioning A vulnerability in the web framework code for the SQL database interface of the Cisco Prime Collaboration Provisioning application could allow an authenticated, remote attacker to impact the confidentiality and integrity of the application by executing arbitrary SQL queries, aka SQL Injection. | 5.5 |
| 2017-09-07 | CVE-2017-6793 | Information Exposure vulnerability in Cisco Prime Collaboration Provisioning A vulnerability in the Inventory Management feature of Cisco Prime Collaboration Provisioning Tool could allow an authenticated, remote attacker to view sensitive information on the system. | 4.0 |
| 2017-09-07 | CVE-2017-6792 | Improper Input Validation vulnerability in Cisco Prime Collaboration Provisioning A vulnerability in the batch provisioning feature in Cisco Prime Collaboration Provisioning Tool could allow an authenticated, remote attacker to overwrite system files as root. | 8.5 |
| 2017-08-07 | CVE-2017-6759 | Improper Input Validation vulnerability in Cisco Prime Collaboration Provisioning 12.1 A vulnerability in the UpgradeManager of the Cisco Prime Collaboration Provisioning Tool 12.1 could allow an authenticated, remote attacker to write arbitrary files as root on the system. | 6.8 |
| 2017-08-07 | CVE-2017-6756 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Prime Collaboration Provisioning 12.2 A vulnerability in the Web UI Application of the Cisco Prime Collaboration Provisioning Tool through 12.2 could allow an unauthenticated, remote attacker to execute unwanted actions. | 6.8 |