CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0CVE-2016-1320
https://notcve.org/view.php?id=CVE-2016-1320
The CLI in Cisco Prime Collaboration 9.0 and 11.0 allows local users to execute arbitrary OS commands as root by leveraging administrator privileges, aka Bug ID CSCux69286. El CLI en Cisco Prime Collaboration 9.0 y 11.0 permite a usuarios locales ejecutar comandos SO arbitrarios como root aprovechando privilegios de administrador, también conocida como Bug ID CSCux69286. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160209-pcp https://www.tenable.com/security/research/tra-2016-38 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2015-6329
https://notcve.org/view.php?id=CVE-2015-6329
SQL injection vulnerability in Cisco Prime Collaboration Provisioning 10.6 and 11.0 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCut64074. Vulnerabilidad de inyección SQL en Cisco Prime Collaboration Provisioning 10.6 y 11.0 permite a usuarios remotos autenticados ejecutar comandos SQL arbitrarios a través de vectores no especificados, también conocido como Bug ID CSCut64074. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151008-pcp http://www.securitytracker.com/id/1033783 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •