Page 4 of 17 results (0.003 seconds)

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-6704

https://notcve.org/view.php?id=CVE-2017-6704

A vulnerability in the web application in the Cisco Prime Collaboration Provisioning tool could allow an authenticated, remote attacker to perform arbitrary file downloads that could allow the attacker to read files from the underlying filesystem. More Information: CSCvc90335. Known Affected Releases: 12.1. Una vulnerabilidad en la aplicación web en la herramienta Prime Collaboration Provisioning de Cisco, podría permitir a un atacante remoto identificado conducir descargas de archivos arbitrarias que podrían permitir que el atacante lea archivos del sistema de archivos subyacente. Más información: CSCvc90335. • http://www.securityfocus.com/bid/99223 http://www.securitytracker.com/id/1038744 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-pcp2 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 5.9EPSS: 0%CPEs: 4EXPL: 0

CVE-2017-6703

https://notcve.org/view.php?id=CVE-2017-6703

A vulnerability in the web application in the Cisco Prime Collaboration Provisioning tool could allow an unauthenticated, remote attacker to hijack another user's session. More Information: CSCvc90346. Known Affected Releases: 12.1. Una vulnerabilidad en la aplicación web en la herramienta Prime Collaboration Provisioning de Cisco, podría permitir a un atacante remoto no identificado secuestrar la sesión de otro usuario. Más información: CSCvc90346. • http://www.securityfocus.com/bid/99224 http://www.securitytracker.com/id/1038744 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-pcp1 • CWE-287: Improper Authentication •