Vulnerabilities > Cisco > Prime Collaboration Provisioning

DATE CVE VULNERABILITY TITLE RISK
2016-11-03 CVE-2016-6451 Cross-site Scripting vulnerability in Cisco Prime Collaboration Provisioning 10.6.0
Multiple vulnerabilities in the web framework code of the Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface of the affected system.
network
low complexity
cisco CWE-79
6.1
2016-07-02 CVE-2016-1416 Permissions, Privileges, and Access Controls vulnerability in Cisco Prime Collaboration Provisioning 10.6.2
Cisco Prime Collaboration Provisioning 10.6 SP2 (aka 10.6.0.10602) mishandles LDAP authentication, which allows remote attackers to obtain administrator privileges via a crafted login attempt, aka Bug ID CSCuv37513.
network
low complexity
cisco CWE-264
critical
9.8