Cross-Site Scripting Vulnerability in Cisco Prime Collaboration Provisioning Tool
CVE-2017-6755

6.1MEDIUM

Key Information:

Vendor
Cisco
Status
Cisco Prime Collaboration Provisioning Tool
Vendor
CVE Published:
25 July 2017

Summary

A flaw in the web portal of the Cisco Prime Collaboration Provisioning Tool allows an unauthenticated remote attacker to execute a cross-site scripting (XSS) attack. This can compromise the security of users interacting with the affected web interface, potentially exposing sensitive information or enabling unauthorized access. The vulnerability affects version 12.1 of the tool, highlighting the importance of securing web applications against XSS threats.

Affected Version(s)

Cisco Prime Collaboration Provisioning Tool Cisco Prime Collaboration Provisioning Tool

References

https://tools.cisco.com/security/center/content/CiscoSecu...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/99878
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1038960
vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.