Описание
A vulnerability in the web-based UI of Cisco Prime Collaboration Assurance could allow an authenticated, remote attacker to overwrite files on the file system. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by using a specific UI input field to provide a custom path location. A successful exploit could allow the attacker to overwrite files on the file system.
Ссылки
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Vendor Advisory
Уязвимые конфигурации
EPSS
6.5 Medium
CVSS3
6.5 Medium
CVSS3
5.5 Medium
CVSS2
Дефекты
Связанные уязвимости
A vulnerability in the web-based UI of Cisco Prime Collaboration Assurance could allow an authenticated, remote attacker to overwrite files on the file system. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by using a specific UI input field to provide a custom path location. A successful exploit could allow the attacker to overwrite files on the file system.
Уязвимость веб-интерфейса программного средства управления унифицированными коммуникациями Cisco Prime Collaboration Assurance, вызванная ошибками при обработке входных данных, позволяющая нарушителю перезаписывать файлы в файловой системе
EPSS
6.5 Medium
CVSS3
6.5 Medium
CVSS3
5.5 Medium
CVSS2