Test Kennung:	1.3.6.1.4.1.25623.1.0.106970
Kategorie:	CISCO
Titel:	Cisco Prime Collaboration Provisioning Tool Web Portal Cross-Site Scripting Vulnerability
Zusammenfassung:	A vulnerability in the web portal of the Cisco Prime Collaboration;Provisioning (PCP) Tool could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS);attack against a user of the web interface of an affected system.
Beschreibung:	Summary: A vulnerability in the web portal of the Cisco Prime Collaboration Provisioning (PCP) Tool could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system. Vulnerability Insight: The vulnerability is due to insufficient input validation of a user-supplied value. An attacker could exploit this vulnerability by sending malicious JavaScript code to the PCP administrative UI. Vulnerability Impact: A successful exploit could allow the attacker to perform actions as a higher-level administrator. Solution: Update to version 12.1.0.692 or later. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2017-6755 BugTraq ID: 99878 http://www.securityfocus.com/bid/99878 http://www.securitytracker.com/id/1038960
Copyright	Copyright (C) 2017 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.