 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.811056 |
| Category: | CISCO |
| Title: | Cisco Prime Collaboration Provisioning Multiple Directory Traversal Vulnerabilities (May 2017) |
| Summary: | cisco prime collaboration provisioning is prone to multiple directory traversal vulnerabilities. |
| Description: | Summary: cisco prime collaboration provisioning is prone to multiple directory traversal vulnerabilities. Vulnerability Insight: Multiple flaws exist as the affected software does not perform proper input validation of HTTP requests and fails to apply role-based access controls (RBACs) to requested HTTP URLs. Vulnerability Impact: Successful exploitation will allow an authenticated, remote attacker to view or delete any file on an affected system. Affected Software/OS: Cisco Prime Collaboration Provisioning Software Releases 9.0.0, 9.5.0, 10.0.0, 10.5.0, 10.5.1 and 10.6 through 11.0 Solution: Upgrade to Cisco Prime Collaboration Provisioning Software Release 11.1 or later. Please see the references for more information. CVSS Score: 4.0 CVSS Vector: AV:N/AC:L/Au:S/C:N/I:P/A:N |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2017-6637 BugTraq ID: 98530 http://www.securityfocus.com/bid/98530 http://www.securitytracker.com/id/1038515 Common Vulnerability Exposure (CVE) ID: CVE-2017-6636 BugTraq ID: 98526 http://www.securityfocus.com/bid/98526 |
| Copyright | Copyright (C) 2017 Greenbone AG |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |