Cisco Prime Collaboration Assurance File Overwrite Vulnerability
CVE-2018-15450

6.5MEDIUM

Key Information:

Vendor: Cisco
Status: Cisco Prime Collaboration Assurance
Vendor: CVE Published:; 8 November 2018

Badges

👾 Exploit Exists

Summary

A vulnerability in the web-based UI of Cisco Prime Collaboration Assurance could allow an authenticated, remote attacker to overwrite files on the file system. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by using a specific UI input field to provide a custom path location. A successful exploit could allow the attacker to overwrite files on the file system.

Affected Version(s)

Cisco Prime Collaboration Assurance

References

http://www.securityfocus.com/bid/105864

vdb-entryx_refsource_BID

https://tools.cisco.com/security/center/content/CiscoSecu...

vendor-advisoryx_refsource_CISCO

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

👾
Exploit known to exist
Aug 5, 2024
Vulnerability published
Nov 8, 2018
Vulnerability Reserved
Aug 17, 2018