Authentication Flaw in Cisco Prime Central for Hosted Collaboration Solution
CVE-2013-3473

Currently unrated

Key Information:

Vendor: Cisco
Status: Prime Central For Hosted Collaboration Solution Assurance
Vendor: CVE Published:; 20 September 2013

Summary

The web framework in Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance prior to version 9.1.1 contains a vulnerability that fails to verify authenticated sessions correctly. This oversight enables remote attackers to exploit the system and enumerate usernames and passwords through crafted HTTP requests, potentially leading to unauthorized access and compromise of user accounts.

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Sep 20, 2013