Vulnerabilities > Cisco > Prime Infrastructure > 3.3.0.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-10-05 | CVE-2018-15379 | Incorrect Permission Assignment for Critical Resource vulnerability in Cisco Prime Infrastructure A vulnerability in which the HTTP web server for Cisco Prime Infrastructure (PI) has unrestricted directory permissions could allow an unauthenticated, remote attacker to upload an arbitrary file. | 7.5 |
2018-05-02 | CVE-2018-0258 | Path Traversal vulnerability in Cisco products A vulnerability in the Cisco Prime File Upload servlet affecting multiple Cisco products could allow a remote attacker to upload arbitrary files to any directory of a vulnerable device (aka Path Traversal) and execute those files. | 10.0 |
2018-01-18 | CVE-2018-0096 | Incorrect Authorization vulnerability in Cisco Prime Infrastructure 3.2(0.0)/3.3(0.0) A vulnerability in the role-based access control (RBAC) functionality of Cisco Prime Infrastructure could allow an authenticated, remote attacker to perform a privilege escalation in which one virtual domain user can view and modify another virtual domain configuration. | 4.9 |