Cross-Site Scripting Vulnerability in Cisco Prime Collaboration Provisioning Tool
CVE-2018-0205

6.1MEDIUM

Key Information:

Vendor

Cisco
Status
Cisco Prime Collaboration Provisioning Tool
Vendor
CVE Published:
22 February 2018

What is CVE-2018-0205?

A vulnerability in the User Provisioning tab of Cisco's Prime Collaboration Provisioning Tool arises from insufficient input validation. An unauthenticated, remote attacker could exploit this by inserting malicious strings into the database, potentially granting unauthorized access. This allows attackers to execute scripts in the context of the web application, leading to further exploits and data exposure. It is crucial for organizations using this tool to apply fixes and implement security best practices to mitigate risks associated with this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Cisco Prime Collaboration Provisioning Tool Cisco Prime Collaboration Provisioning Tool

References

http://www.securityfocus.com/bid/103145
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1040409
vdb-entryx_refsource_SECTRACK
https://tools.cisco.com/security/center/content/CiscoSecu...
x_refsource_CONFIRM

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.