ID de Prueba:	1.3.6.1.4.1.25623.1.0.811050
Categoría:	CISCO
Título:	Cisco Prime Provisioning Multiple Vulnerabilities (May 2017)
Resumen:	cisco prime collaboration provisioning is prone to multiple vulnerabilities.
Descripción:	Summary: cisco prime collaboration provisioning is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws exist due to: - Missing security constraints in certain HTTP request methods, which could allow access to files via the web interface. - The affected software does not perform proper input validation of HTTP requests and fails to apply role-based access controls (RBACs) to requested HTTP URLs. Vulnerability Impact: Successful exploitation will allow an unauthenticated, remote attacker to bypass authentication and perform command injection with root privileges. Also an authenticated remote attacker can delete any file from an affected system. Affected Software/OS: Cisco Prime Collaboration Provisioning Software Releases 9.0.0, 9.5.0, 10.0.0, 10.5.0, 10.5.1 and 10.6 through 11.5 Solution: Upgrade to Cisco Prime Collaboration Provisioning Software Release 12.1 or later. Please see the references for more information. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2017-6622 BugTraq ID: 98520 http://www.securityfocus.com/bid/98520 https://www.exploit-db.com/exploits/42888/ http://www.securitytracker.com/id/1038507 Common Vulnerability Exposure (CVE) ID: CVE-2017-6635 BugTraq ID: 98535 http://www.securityfocus.com/bid/98535 http://www.securitytracker.com/id/1038514
Copyright	Copyright (C) 2017 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.