Product:

Prime_collaboration

(Cisco)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 18
Date Id Summary Products Score Patch Annotated
2018-06-07 CVE-2018-0317 A vulnerability in the web interface of Cisco Prime Collaboration Provisioning (PCP) could allow an authenticated, remote attacker to escalate their privileges. The vulnerability is due to insufficient web portal access control checks. An attacker could exploit this vulnerability by modifying an access request. An exploit could allow the attacker to promote their account to any role defined on the system. This vulnerability affects Cisco Prime Collaboration Provisioning (PCP) Releases 12.2... Prime_collaboration, Prime_collaboration_provisioning 8.8
2018-03-08 CVE-2018-0141 A vulnerability in Cisco Prime Collaboration Provisioning (PCP) Software 11.6 could allow an unauthenticated, local attacker to log in to the underlying Linux operating system. The vulnerability is due to a hard-coded account password on the system. An attacker could exploit this vulnerability by connecting to the affected system via Secure Shell (SSH) using the hard-coded credentials. A successful exploit could allow the attacker to access the underlying operating system as a low-privileged... Prime_collaboration, Prime_collaboration_assurance, Prime_collaboration_provisioning 8.4
2016-02-12 CVE-2016-1320 The CLI in Cisco Prime Collaboration 9.0 and 11.0 allows local users to execute arbitrary OS commands as root by leveraging administrator privileges, aka Bug ID CSCux69286. Prime_collaboration 6.7
2015-07-18 CVE-2015-4280 Cisco Prime Collaboration Assurance 10.0 allows remote attackers to cause a denial of service (HTTP service outage) via a crafted HTTP request, aka Bug ID CSCum38844. Prime_collaboration N/A
2015-06-17 CVE-2015-4188 SQL injection vulnerability in the Manager interface in Cisco Prime Collaboration 10.5(1) allows remote attackers to execute arbitrary SQL commands via a crafted URL, aka Bug IDs CSCuu29910, CSCuu29928, and CSCuu59104. Prime_collaboration N/A
2013-12-03 CVE-2013-6690 Multiple cross-site scripting (XSS) vulnerabilities in the web interface in the Assurance component in Cisco Prime Collaboration allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug IDs CSCui92643, CSCui94038, and CSCui94161. Prime_collaboration N/A
2013-04-29 CVE-2013-1196 The command-line interface in Cisco Secure Access Control System (ACS), Identity Services Engine Software, Context Directory Agent, Application Networking Manager (ANM), Prime Network Control System, Prime LAN Management Solution (LMS), Prime Collaboration, Unified Provisioning Manager, Network Services Manager, Prime Data Center Network Manager (DCNM), and Quad does not properly validate input, which allows local users to obtain root privileges via unspecified vectors, aka Bug IDs... Application_networking_manager, Context_directory_agent, Identity_services_engine_software, Network_services_manager, Prime_collaboration, Prime_data_center_network_manager, Prime_lan_management_solution, Prime_network_control_system, Quad, Secure_access_control_system, Unified_provisioning_manager N/A
2013-02-19 CVE-2013-1125 The command-line interface in Cisco Identity Services Engine Software, Secure Access Control System (ACS), Application Networking Manager (ANM), Prime LAN Management Solution (LMS), Prime Network Control System, Quad, Context Directory Agent, Prime Collaboration, Unified Provisioning Manager, and Network Services Manager does not properly validate input, which allows local users to obtain root privileges via unspecified vectors, aka Bug IDs CSCue46001, CSCud95790, CSCue46021, CSCue46025,... Application_networking_manager, Context_directory_agent, Identity_services_engine_software, Network_services_manager, Prime_collaboration, Prime_lan_management_solution, Prime_network_control_system, Quad, Secure_access_control_system, Unified_provisioning_manager N/A