1 results (0.005 seconds)
CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0
CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0CVE-2017-3791
https://notcve.org/view.php?id=CVE-2017-3791
01 Feb 2017 — A vulnerability in the web-based GUI of Cisco Prime Home could allow an unauthenticated, remote attacker to bypass authentication and execute actions with administrator privileges. The vulnerability is due to a processing error in the role-based access control (RBAC) of URLs. An attacker could exploit this vulnerability by sending API commands via HTTP to a particular URL without prior authentication. An exploit could allow the attacker to perform any actions in Cisco Prime Home with administrator privilege... • http://www.securityfocus.com/bid/95933 • CWE-287: Improper Authentication •