Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco prime collaboration 11.6 vulnerabilities and exploits
(subscribe to this query)
8.4
CVSSv3
CVE-2018-0141
A vulnerability in Cisco Prime Collaboration Provisioning (PCP) Software 11.6 could allow an unauthenticated, local malicious user to log in to the underlying Linux operating system. The vulnerability is due to a hard-coded account password on the system. An attacker could exploi...
Cisco Prime Collaboration Assurance 11.6
Cisco Prime Collaboration Provisioning 11.6
Cisco Prime Collaboration 11.6
1 Article
8.8
CVSSv3
CVE-2017-6659
A vulnerability in the web-based management interface of Cisco Prime Collaboration Assurance could allow an unauthenticated, remote malicious user to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. More Information: CSCvc918...
Cisco Prime Collaboration Assurance 11.5(0)
Cisco Prime Collaboration Assurance 11.6
5.1
CVSSv3
CVE-2017-6706
A vulnerability in the logging subsystem of the Cisco Prime Collaboration Provisioning tool could allow an unauthenticated, local malicious user to acquire sensitive information. More Information: CSCvd07260. Known Affected Releases: 12.1.
Cisco Prime Collaboration Provisioning 11.6 Base
Cisco Prime Collaboration Provisioning 12.1 Base
Cisco Prime Collaboration Provisioning 11.5.0
Cisco Prime Collaboration Provisioning 11.2 Base
5.9
CVSSv3
CVE-2017-6703
A vulnerability in the web application in the Cisco Prime Collaboration Provisioning tool could allow an unauthenticated, remote malicious user to hijack another user's session. More Information: CSCvc90346. Known Affected Releases: 12.1.
Cisco Prime Collaboration Provisioning 11.6 Base
Cisco Prime Collaboration Provisioning 12.1 Base
Cisco Prime Collaboration Provisioning 11.5.0
Cisco Prime Collaboration Provisioning 11.2 Base
9.8
CVSSv3
CVE-2018-0321
A vulnerability in Cisco Prime Collaboration Provisioning (PCP) could allow an unauthenticated, remote malicious user to access the Java Remote Method Invocation (RMI) system. The vulnerability is due to an open port in the Network Interface and Configuration Engine (NICE) servic...
Cisco Prime Collaboration
Cisco Prime Collaboration Assurance
Cisco Prime Collaboration Provisioning
9.8
CVSSv3
CVE-2018-0318
A vulnerability in the password reset function of Cisco Prime Collaboration Provisioning (PCP) could allow an unauthenticated, remote malicious user to gain unauthorized access to an affected device. The vulnerability is due to insufficient validation of a password reset request....
Cisco Prime Collaboration
Cisco Prime Collaboration Provisioning
9.8
CVSSv3
CVE-2018-0319
A vulnerability in the password recovery function of Cisco Prime Collaboration Provisioning (PCP) could allow an unauthenticated, remote malicious user to gain unauthorized access to an affected device. The vulnerability is due to insufficient validation of a password recovery re...
Cisco Prime Collaboration
Cisco Prime Collaboration Provisioning
3.7
CVSSv3
CVE-2016-0701
The DH_check_pub_key function in crypto/dh/dh_check.c in OpenSSL 1.0.2 prior to 1.0.2f does not ensure that prime numbers are appropriate for Diffie-Hellman (DH) key exchange, which makes it easier for remote malicious users to discover a private DH exponent by making multiple ha...
Openssl Openssl 1.0.2a
Openssl Openssl 1.0.2e
Openssl Openssl 1.0.2b
Openssl Openssl 1.0.2c
Openssl Openssl 1.0.2
Openssl Openssl 1.0.2d
1 Article
7.5
CVSSv3
CVE-2017-3733
During a renegotiation handshake if the Encrypt-Then-Mac extension is negotiated where it was not in the original handshake (or vice-versa) then this can cause OpenSSL 1.1.0 prior to 1.1.0e to crash (dependent on ciphersuite). Both clients and servers are affected.
Openssl Openssl 1.1.0c
Openssl Openssl 1.1.0b
Openssl Openssl 1.1.0d
Openssl Openssl 1.1.0
Openssl Openssl 1.1.0a
Hp Operations Agent 11.15
Hp Operations Agent 11.14
1 Github repository
7.5
CVSSv3
CVE-2017-3730
In OpenSSL 1.1.0 prior to 1.1.0d, if a malicious server supplies bad parameters for a DHE or ECDHE key exchange then this can result in the client attempting to dereference a NULL pointer leading to a client crash. This could be exploited in a Denial of Service attack.
Openssl Openssl 1.1.0c
Openssl Openssl 1.1.0b
Openssl Openssl 1.1.0
Openssl Openssl 1.1.0a
Oracle Jd Edwards Enterpriseone Tools 9.2
Oracle Agile Engineering Data Management 6.1.3
Oracle Agile Engineering Data Management 6.2.0
Oracle Jd Edwards World Security A9.1
Oracle Jd Edwards World Security A9.2
Oracle Jd Edwards World Security A9.3
Oracle Jd Edwards World Security A9.4
Oracle Communications Operations Monitor 3.4
Oracle Communications Operations Monitor 4.0
Oracle Communications Eagle Lnp Application Processor 10.0
Oracle Communications Eagle Lnp Application Processor 10.1
Oracle Communications Eagle Lnp Application Processor 10.2
Oracle Communications Application Session Controller 3.7.1
Oracle Communications Application Session Controller 3.8.0
1 EDB exploit
1 Github repository
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »