Cisco

Prime Collaboration Assurance

19 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2016-9200

  • EPSS 0.31%
  • Veröffentlicht 14.12.2016 00:59:20
  • Zuletzt bearbeitet 12.04.2025 10:46:40

A vulnerability in the web framework code of Cisco Prime Collaboration Assurance could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface. More Information: CSCut43268. Known...

7.4

CVE-2016-1392

  • EPSS 0.22%
  • Veröffentlicht 05.05.2016 21:59:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Open redirect vulnerability in Cisco Prime Collaboration Assurance Software 10.5 through 11.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka Bug ID CSCuu34121.

9

CVE-2015-6389

  • EPSS 0.55%
  • Veröffentlicht 13.12.2015 03:59:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cisco Prime Collaboration Assurance before 11.0 has a hardcoded cmuser account, which allows remote attackers to obtain access by establishing an SSH session and leveraging knowledge of this account's password, aka Bug ID CSCus62707.

6.8

CVE-2015-6330

  • EPSS 0.12%
  • Veröffentlicht 18.11.2015 11:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cross-site request forgery (CSRF) vulnerability in Cisco Prime Collaboration Assurance 10.5(1) and 10.6 allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCus62712.

6.8

CVE-2015-6328

  • EPSS 0.17%
  • Veröffentlicht 13.10.2015 00:59:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The web framework in Cisco Prime Collaboration Assurance (PCA) 10.5(1) allows remote authenticated users to bypass intended access restrictions and read arbitrary files via a crafted URL, aka Bug ID CSCus88380.

6.5

CVE-2015-6331

  • EPSS 0.29%
  • Veröffentlicht 12.10.2015 10:59:12
  • Zuletzt bearbeitet 12.04.2025 10:46:40

SQL injection vulnerability in the web framework in Cisco Prime Collaboration Assurance 10.5(1) allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCus39887.

8.5

CVE-2015-4306

  • EPSS 0.37%
  • Veröffentlicht 20.09.2015 01:59:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The web framework in Cisco Prime Collaboration Assurance before 10.5.1.53684-1 allows remote authenticated users to bypass intended login-session read restrictions, and impersonate administrators of arbitrary tenant domains, by discovering a session ...

4

CVE-2015-4305

  • EPSS 0.17%
  • Veröffentlicht 20.09.2015 01:59:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The web framework in Cisco Prime Collaboration Assurance before 10.5.1.53684-1 allows remote authenticated users to bypass intended system-database read restrictions, and discover credentials or SNMP communities for arbitrary tenant domains, via a cr...

9

CVE-2015-4304

  • EPSS 0.36%
  • Veröffentlicht 20.09.2015 01:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The web framework in Cisco Prime Collaboration Assurance before 10.5.1.53684-1 allows remote authenticated users to bypass intended access restrictions, and create administrative accounts or read data from arbitrary tenant domains, via a crafted URL,...