cisco-sa-20181107-pca-overwrite

Cisco Prime Collaboration Assurance File Overwrite Vulnerability

cisco-sa-20181107-pca-overwrite · Medium · Published 7 years ago · Updated 7 years ago

A vulnerability in the web-based UI of Cisco Prime Collaboration Assurance could allow an authenticated, remote attacker to overwrite files on the file system. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by using a specific UI input field to provide a custom path location. A successful exploit could allow the attacker to overwrite files on the file system. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-pca-overwrite

Cisco advisory ·CSAF JSON

Workarounds

There are no workarounds that address this vulnerability.

CVEs	CVE-2018-15450
Cisco Bug IDs	CSCvj07247
CVSS Score	Base 6.5 Base 6.5 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:X/RL:X/RC:X
Product Names From Source	Cisco Prime Collaboration Assurance

Related Products

Product	CVE	Evidence
Cisco Prime Collaboration	CVE-2018-15450	Cisco OpenVuln
Cisco Prime Collaboration Assurance	CVE-2018-15450	Cisco OpenVuln

Vulnslist

find the latest Cisco vulnerabilities

Cisco Prime Collaboration Assurance File Overwrite Vulnerability

Workarounds

Related Products