Vulnerabilities > Cisco > Prime Collaboration Provisioning
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-07-25 | CVE-2017-6755 | Cross-site Scripting vulnerability in Cisco Prime Collaboration Provisioning 12.1 A vulnerability in the web portal of the Cisco Prime Collaboration Provisioning (PCP) Tool could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system. | 6.1 |
2017-07-04 | CVE-2017-6706 | Information Exposure vulnerability in Cisco Prime Collaboration Provisioning A vulnerability in the logging subsystem of the Cisco Prime Collaboration Provisioning tool could allow an unauthenticated, local attacker to acquire sensitive information. | 5.1 |
2017-07-04 | CVE-2017-6705 | Information Exposure vulnerability in Cisco Prime Collaboration Provisioning 12.1 A vulnerability in the filesystem of the Cisco Prime Collaboration Provisioning tool could allow an authenticated, local attacker to acquire sensitive information. | 5.5 |
2017-07-04 | CVE-2017-6704 | Path Traversal vulnerability in Cisco Prime Collaboration Provisioning 12.1 A vulnerability in the web application in the Cisco Prime Collaboration Provisioning tool could allow an authenticated, remote attacker to perform arbitrary file downloads that could allow the attacker to read files from the underlying filesystem. | 6.5 |
2017-07-04 | CVE-2017-6703 | Improper Authentication vulnerability in Cisco Prime Collaboration Provisioning A vulnerability in the web application in the Cisco Prime Collaboration Provisioning tool could allow an unauthenticated, remote attacker to hijack another user's session. | 5.9 |
2017-05-22 | CVE-2017-6637 | Improper Input Validation vulnerability in Cisco Prime Collaboration Provisioning A vulnerability in the web interface of Cisco Prime Collaboration Provisioning Software (prior to Release 11.1) could allow an authenticated, remote attacker to delete any file from an affected system. | 6.5 |
2017-05-22 | CVE-2017-6636 | Path Traversal vulnerability in Cisco Prime Collaboration Provisioning A vulnerability in the web interface of Cisco Prime Collaboration Provisioning Software (prior to Release 11.1) could allow an authenticated, remote attacker to view any file on an affected system. | 6.5 |
2017-05-22 | CVE-2017-6635 | Missing Authorization vulnerability in Cisco Prime Collaboration Provisioning A vulnerability in the web interface of Cisco Prime Collaboration Provisioning Software (prior to Release 12.1) could allow an authenticated, remote attacker to delete any file from an affected system. | 6.5 |
2017-05-18 | CVE-2017-6622 | Missing Authorization vulnerability in Cisco Prime Collaboration Provisioning A vulnerability in the web interface for Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to bypass authentication and perform command injection with root privileges. | 9.8 |
2017-05-18 | CVE-2017-6621 | Information Exposure vulnerability in Cisco Prime Collaboration Provisioning A vulnerability in the web interface of Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to access sensitive data. | 7.5 |