ID de Prueba:	1.3.6.1.4.1.25623.1.0.105739
Categoría:	CISCO
Título:	Cisco Prime Collaboration Provisioning SQL Injection Vulnerability (cisco-sa-20151008-pcp)
Resumen:	A vulnerability in web framework of Cisco Prime Collaboration; Provisioning (PCP) could allow an authenticated, remote attacker to execute unauthorized SQL; queries.
Descripción:	Summary: A vulnerability in web framework of Cisco Prime Collaboration Provisioning (PCP) could allow an authenticated, remote attacker to execute unauthorized SQL queries. Vulnerability Insight: The vulnerability is due to a failure to validate user-supplied input used in SQL queries. Vulnerability Impact: An attacker could exploit this vulnerability by sending a crafted SQL statement to an affected system. Successful exploitation could allow the attacker to read, modify, or delete entries in some database tables. Affected Software/OS: Cisco Prime Collaboration Provisioning versions 10.6 and 11.0 are vulnerable. Solution: Update to version 11.0.0.582 or later. CVSS Score: 6.5 CVSS Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-6329 Cisco Security Advisory: 20151008 Cisco Prime Collaboration Provisioning SQL Injection Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151008-pcp http://www.securitytracker.com/id/1033783
Copyright	Copyright (C) 2016 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.