Vulnerabilities > Cisco > Prime Collaboration Provisioning
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2016-11-03 | CVE-2016-6451 | Cross-site Scripting vulnerability in Cisco Prime Collaboration Provisioning 10.6.0 Multiple vulnerabilities in the web framework code of the Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface of the affected system. | 4.3 |
2016-07-02 | CVE-2016-1416 | Permissions, Privileges, and Access Controls vulnerability in Cisco Prime Collaboration Provisioning 10.6.2 Cisco Prime Collaboration Provisioning 10.6 SP2 (aka 10.6.0.10602) mishandles LDAP authentication, which allows remote attackers to obtain administrator privileges via a crafted login attempt, aka Bug ID CSCuv37513. | 10.0 |
2015-10-12 | CVE-2015-6329 | SQL Injection vulnerability in Cisco Prime Collaboration Provisioning 10.6.0/11.0.0 SQL injection vulnerability in Cisco Prime Collaboration Provisioning 10.6 and 11.0 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCut64074. | 6.5 |
2015-09-20 | CVE-2015-4307 | Permissions, Privileges, and Access Controls vulnerability in Cisco Prime Collaboration Provisioning The web framework in Cisco Prime Collaboration Provisioning before 11.0 allows remote authenticated users to bypass intended access restrictions and create administrative accounts via a crafted URL, aka Bug ID CSCut64111. | 9.0 |