VYPR

Prime Collaboration Provisioning

by Cisco Systems, Inc.

CVEs (36)

  • CVE-2017-6793MedSep 7, 2017
    risk 0.42cvss 6.5epss 0.01

    A vulnerability in the Inventory Management feature of Cisco Prime Collaboration Provisioning Tool could allow an authenticated, remote attacker to view sensitive information on the system. The vulnerability is due to insufficient protection of restricted information. An…

  • CVE-2017-6792MedSep 7, 2017
    risk 0.42cvss 6.5epss 0.02

    A vulnerability in the batch provisioning feature in Cisco Prime Collaboration Provisioning Tool could allow an authenticated, remote attacker to overwrite system files as root. The vulnerability is due to lack of input validation of the parameters in BatchFileName and…

  • CVE-2017-6759MedAug 7, 2017
    risk 0.42cvss 6.5epss 0.02

    A vulnerability in the UpgradeManager of the Cisco Prime Collaboration Provisioning Tool 12.1 could allow an authenticated, remote attacker to write arbitrary files as root on the system. The vulnerability is due to insufficient input validation. An attacker could exploit this…

  • CVE-2017-6704MedJul 4, 2017
    risk 0.42cvss 6.5epss 0.03

    A vulnerability in the web application in the Cisco Prime Collaboration Provisioning tool could allow an authenticated, remote attacker to perform arbitrary file downloads that could allow the attacker to read files from the underlying filesystem. More Information: CSCvc90335.…

  • CVE-2018-0205MedFeb 22, 2018
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the User Provisioning tab in the Cisco Prime Collaboration Provisioning Tool could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack. The vulnerability is due to improper input validation. An attacker could exploit this…

  • CVE-2017-6755MedJul 25, 2017
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web portal of the Cisco Prime Collaboration Provisioning (PCP) Tool could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system. More Information: CSCvc90312.…

  • CVE-2016-6451MedNov 3, 2016
    risk 0.40cvss 6.1epss 0.01

    Multiple vulnerabilities in the web framework code of the Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface of the affected system. More Information:…

  • CVE-2017-6703MedJul 4, 2017
    risk 0.38cvss 5.9epss 0.02

    A vulnerability in the web application in the Cisco Prime Collaboration Provisioning tool could allow an unauthenticated, remote attacker to hijack another user's session. More Information: CSCvc90346. Known Affected Releases: 12.1.

  • CVE-2017-6705MedJul 4, 2017
    risk 0.36cvss 5.5epss 0.00

    A vulnerability in the filesystem of the Cisco Prime Collaboration Provisioning tool could allow an authenticated, local attacker to acquire sensitive information. More Information: CSCvc82973. Known Affected Releases: 12.1.

  • CVE-2017-6706MedJul 4, 2017
    risk 0.33cvss 5.1epss 0.00

    A vulnerability in the logging subsystem of the Cisco Prime Collaboration Provisioning tool could allow an unauthenticated, local attacker to acquire sensitive information. More Information: CSCvd07260. Known Affected Releases: 12.1.

  • CVE-2021-34732Sep 2, 2021
    risk 0.00cvss epss 0.01

    A vulnerability in the web-based management interface of Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient validation of…

  • CVE-2020-3184May 22, 2020
    risk 0.00cvss epss 0.01

    A vulnerability in the web-based management interface of Cisco Prime Collaboration Provisioning Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. The vulnerability exists because the web-based management interface…

  • CVE-2020-3193Mar 4, 2020
    risk 0.00cvss epss 0.01

    A vulnerability in the web-based management interface of Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to obtain sensitive information about an affected device. The vulnerability exists because replies from the web-based management…

  • CVE-2020-3192Mar 4, 2020
    risk 0.00cvss epss 0.01

    A vulnerability in the web-based management interface of Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. The vulnerability is due to…

  • CVE-2015-6329Oct 12, 2015
    risk 0.00cvss epss 0.02

    SQL injection vulnerability in Cisco Prime Collaboration Provisioning 10.6 and 11.0 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCut64074.

  • CVE-2015-4307Sep 20, 2015
    risk 0.00cvss epss 0.03

    The web framework in Cisco Prime Collaboration Provisioning before 11.0 allows remote authenticated users to bypass intended access restrictions and create administrative accounts via a crafted URL, aka Bug ID CSCut64111.

Page 2 of 2