cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2019-1856,https://securityvulnerability.io/vulnerability/CVE-2019-1856,Cisco Prime Collaboration Assurance Cross-Site Scripting Vulnerability,"A vulnerability in the web-based management interface of Cisco Prime Collaboration Assurance (PCA) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability is due to the insufficient validation of data supplied by external devices to the web-based management interface of an affected PCA device. An attacker in control of devices integrated with an affected PCA device could exploit this vulnerability by using crafted data in certain fields of the controlled devices. A successful exploit could allow the attacker to execute arbitrary script code in the context of the PCA web-based management interface or allow the attacker to access sensitive browser-based information.",Cisco,Cisco Prime Collaboration Assurance,6.1,MEDIUM,0.0016199999954551458,false,,false,false,true,2024-08-04T19:16:14.000Z,,false,false,,2019-05-03T17:29:00.000Z,0
CVE-2019-1662,https://securityvulnerability.io/vulnerability/CVE-2019-1662,Cisco Prime Collaboration Assurance Software Unauthenticated Access Vulnerability,"A vulnerability in the Quality of Voice Reporting (QOVR) service of Cisco Prime Collaboration Assurance (PCA) Software could allow an unauthenticated, remote attacker to access the system as a valid user. The vulnerability is due to insufficient authentication controls. An attacker could exploit this vulnerability by connecting to the QOVR service with a valid username. A successful exploit could allow the attacker to perform actions with the privileges of the user that is used for access. This vulnerability affects Cisco PCA Software Releases prior to 12.1 SP2.",Cisco,Cisco Prime Collaboration Assurance,8.2,HIGH,0.0026499999221414328,false,,false,false,true,2024-08-04T19:16:03.000Z,,false,false,,2019-02-21T17:29:00.000Z,0
CVE-2018-15450,https://securityvulnerability.io/vulnerability/CVE-2018-15450,Cisco Prime Collaboration Assurance File Overwrite Vulnerability,"A vulnerability in the web-based UI of Cisco Prime Collaboration Assurance could allow an authenticated, remote attacker to overwrite files on the file system. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by using a specific UI input field to provide a custom path location. A successful exploit could allow the attacker to overwrite files on the file system.",Cisco,Cisco Prime Collaboration Assurance,6.5,MEDIUM,0.0006600000197067857,false,,false,false,true,2024-08-05T10:17:53.000Z,,false,false,,2018-11-08T20:29:00.000Z,0
CVE-2018-15438,https://securityvulnerability.io/vulnerability/CVE-2018-15438,Cisco Prime Collaboration Assurance Cross-Site Request Forgery Vulnerability,"A vulnerability in the web-based management interface of Cisco Prime Collaboration Assurance could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected system. The vulnerability is due to insufficient CSRF protections for the web-based management interface of the affected software. An attacker could exploit this vulnerability by persuading a user of the interface to follow a malicious link. A successful exploit could allow the attacker to use a web browser to perform arbitrary actions with the privileges of the user on an affected system.",Cisco,Cisco Prime Collaboration Assurance,6.5,MEDIUM,0.0011899999808520079,false,,false,false,true,2024-08-05T10:17:52.000Z,,false,false,,2018-10-17T00:00:00.000Z,0
CVE-2018-0458,https://securityvulnerability.io/vulnerability/CVE-2018-0458,Cisco Prime Collaboration Assurance Cross-Site Scripting Vulnerability,"A vulnerability in the web-based management interface of Cisco Prime Collaboration Assurance could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by persuading a user of the interface to click a customized link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive browser-based information.",Cisco,Cisco Prime Collaboration Assurance,6.1,MEDIUM,0.0008999999845400453,false,,false,false,false,,,false,false,,2018-10-05T14:29:00.000Z,0
CVE-2017-6659,https://securityvulnerability.io/vulnerability/CVE-2017-6659,,"A vulnerability in the web-based management interface of Cisco Prime Collaboration Assurance could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. More Information: CSCvc91800. Known Affected Releases: 11.5(0) 11.6.",Cisco,Cisco Prime Collaboration Assurance,8.8,HIGH,0.0018100000452250242,false,,false,false,false,,,false,false,,2017-06-13T06:00:00.000Z,0
CVE-2017-3845,https://securityvulnerability.io/vulnerability/CVE-2017-3845,,"A vulnerability in the web-based management interface of Cisco Prime Collaboration Assurance could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. Affected Products: Cisco Prime Collaboration Assurance software versions 11.0, 11.1, and 11.5 are vulnerable. Cisco Prime Collaboration Assurance software versions prior to 11.0 are not vulnerable. More Information: CSCvc77783. Known Affected Releases: 11.5(0).",Cisco,Cisco Prime Collaboration Assurance,6.1,MEDIUM,0.0023900000378489494,false,,false,false,false,,,false,false,,2017-02-22T02:00:00.000Z,0
CVE-2017-3843,https://securityvulnerability.io/vulnerability/CVE-2017-3843,,"A vulnerability in the file download functions for Cisco Prime Collaboration Assurance could allow an authenticated, remote attacker to download system files that should be restricted. More Information: CSCvc99446. Known Affected Releases: 11.5(0).",Cisco,Cisco Prime Collaboration Assurance,4.3,MEDIUM,0.0009800000116229057,false,,false,false,false,,,false,false,,2017-02-22T02:00:00.000Z,0
CVE-2017-3844,https://securityvulnerability.io/vulnerability/CVE-2017-3844,,"A vulnerability in exporting functions of the user interface for Cisco Prime Collaboration Assurance could allow an authenticated, remote attacker to view file directory listings and download files. Affected Products: Cisco Prime Collaboration Assurance software versions 11.0, 11.1, and 11.5 are vulnerable. Cisco Prime Collaboration Assurance software versions prior to 11.0 are not vulnerable. More Information: CSCvc86238. Known Affected Releases: 11.5(0).",Cisco,Cisco Prime Collaboration Assurance,4.3,MEDIUM,0.0010100000072270632,false,,false,false,false,,,false,false,,2017-02-22T02:00:00.000Z,0
CVE-2016-9200,https://securityvulnerability.io/vulnerability/CVE-2016-9200,,"A vulnerability in the web framework code of Cisco Prime Collaboration Assurance could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface. More Information: CSCut43268. Known Affected Releases: 10.5(1) 10.6.",Cisco,Cisco Prime Collaboration Assurance,6.1,MEDIUM,0.0010000000474974513,false,,false,false,false,,,false,false,,2016-12-14T00:37:00.000Z,0
CVE-2016-1392,https://securityvulnerability.io/vulnerability/CVE-2016-1392,,"Open redirect vulnerability in Cisco Prime Collaboration Assurance Software 10.5 through 11.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka Bug ID CSCuu34121.",Cisco,Prime Collaboration Assurance,7.4,HIGH,0.0014100000262260437,false,,false,false,false,,,false,false,,2016-05-05T21:00:00.000Z,0
CVE-2015-6389,https://securityvulnerability.io/vulnerability/CVE-2015-6389,,"Cisco Prime Collaboration Assurance before 11.0 has a hardcoded cmuser account, which allows remote attackers to obtain access by establishing an SSH session and leveraging knowledge of this account's password, aka Bug ID CSCus62707.",Cisco,Prime Collaboration Assurance,,,0.005549999885261059,false,,false,false,false,,,false,false,,2015-12-13T02:00:00.000Z,0
CVE-2015-6330,https://securityvulnerability.io/vulnerability/CVE-2015-6330,,"Cross-site request forgery (CSRF) vulnerability in Cisco Prime Collaboration Assurance 10.5(1) and 10.6 allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCus62712.",Cisco,Prime Collaboration Assurance,,,0.0010900000343099236,false,,false,false,false,,,false,false,,2015-11-18T11:00:00.000Z,0
CVE-2015-6328,https://securityvulnerability.io/vulnerability/CVE-2015-6328,,"The web framework in Cisco Prime Collaboration Assurance (PCA) 10.5(1) allows remote authenticated users to bypass intended access restrictions and read arbitrary files via a crafted URL, aka Bug ID CSCus88380.",Cisco,Prime Collaboration Assurance,,,0.0007200000109151006,false,,false,false,false,,,false,false,,2015-10-13T00:00:00.000Z,0
CVE-2015-6331,https://securityvulnerability.io/vulnerability/CVE-2015-6331,,"SQL injection vulnerability in the web framework in Cisco Prime Collaboration Assurance 10.5(1) allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCus39887.",Cisco,Prime Collaboration Assurance,,,0.0010900000343099236,false,,false,false,false,,,false,false,,2015-10-12T10:00:00.000Z,0
CVE-2015-4304,https://securityvulnerability.io/vulnerability/CVE-2015-4304,,"The web framework in Cisco Prime Collaboration Assurance before 10.5.1.53684-1 allows remote authenticated users to bypass intended access restrictions, and create administrative accounts or read data from arbitrary tenant domains, via a crafted URL, aka Bug IDs CSCus62671 and CSCus62652.",Cisco,Prime Collaboration Assurance,,,0.0010900000343099236,false,,false,false,false,,,false,false,,2015-09-20T01:00:00.000Z,0
CVE-2015-4306,https://securityvulnerability.io/vulnerability/CVE-2015-4306,,"The web framework in Cisco Prime Collaboration Assurance before 10.5.1.53684-1 allows remote authenticated users to bypass intended login-session read restrictions, and impersonate administrators of arbitrary tenant domains, by discovering a session identifier and constructing a crafted URL, aka Bug IDs CSCus88343 and CSCus88334.",Cisco,Prime Collaboration Assurance,,,0.0010900000343099236,false,,false,false,false,,,false,false,,2015-09-20T01:00:00.000Z,0
CVE-2015-4305,https://securityvulnerability.io/vulnerability/CVE-2015-4305,,"The web framework in Cisco Prime Collaboration Assurance before 10.5.1.53684-1 allows remote authenticated users to bypass intended system-database read restrictions, and discover credentials or SNMP communities for arbitrary tenant domains, via a crafted URL, aka Bug ID CSCus62656.",Cisco,Prime Collaboration Assurance,,,0.0011500000255182385,false,,false,false,false,,,false,false,,2015-09-20T01:00:00.000Z,0
CVE-2015-4292,https://securityvulnerability.io/vulnerability/CVE-2015-4292,,"Cross-site scripting (XSS) vulnerability in the management interface in Cisco Prime Central for Hosted Collaboration Solution (PC4HCS) 10.6(2) allows remote attackers to inject arbitrary web script or HTML via an unspecified value, aka Bug ID CSCuv45818.",Cisco,Prime Central For Hosted Collaboration Solution Assurance,,,0.0013500000350177288,false,,false,false,false,,,false,false,,2015-08-01T01:00:00.000Z,0
CVE-2013-3473,https://securityvulnerability.io/vulnerability/CVE-2013-3473,,"The web framework in Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance before 9.1.1 does not properly determine the existence of an authenticated session, which allows remote attackers to discover usernames and passwords via an HTTP request, aka Bug ID CSCud32600.",Cisco,Prime Central For Hosted Collaboration Solution Assurance,,,0.0035200000274926424,false,,false,false,false,,,false,false,,2013-09-20T18:55:00.000Z,0
CVE-2013-3390,https://securityvulnerability.io/vulnerability/CVE-2013-3390,,"Memory leak in Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance 8.6 and 9.x before 9.2(1) allows remote attackers to cause a denial of service (memory consumption) via a flood of TCP packets, aka Bug ID CSCub59158.",Cisco,Prime Central For Hosted Collaboration Solution Assurance,,,0.001610000035725534,false,,false,false,false,,,false,false,,2013-08-25T03:27:00.000Z,0
CVE-2013-3387,https://securityvulnerability.io/vulnerability/CVE-2013-3387,,"Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance 8.6 and 9.x before 9.2(1) allows remote attackers to cause a denial of service (disk consumption) via a flood of TCP packets to port 5400, leading to large error-log files, aka Bug ID CSCua42724.",Cisco,Prime Central For Hosted Collaboration Solution Assurance,,,0.001610000035725534,false,,false,false,false,,,false,false,,2013-08-25T03:27:00.000Z,0
CVE-2013-3389,https://securityvulnerability.io/vulnerability/CVE-2013-3389,,"Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance 8.6 and 9.x before 9.2(1) allows remote attackers to cause a denial of service (memory consumption) via a flood of TCP packets to port (1) 61615 or (2) 61616, aka Bug ID CSCtz90114.",Cisco,Prime Central For Hosted Collaboration Solution Assurance,,,0.001610000035725534,false,,false,false,false,,,false,false,,2013-08-25T03:27:00.000Z,0
CVE-2013-3388,https://securityvulnerability.io/vulnerability/CVE-2013-3388,,"Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance 8.6 and 9.x before 9.2(1) allows remote attackers to cause a denial of service (memory consumption) via a flood of TCP packets to port 44444, aka Bug ID CSCtz92776.",Cisco,Prime Central For Hosted Collaboration Solution Assurance,,,0.001610000035725534,false,,false,false,false,,,false,false,,2013-08-25T03:27:00.000Z,0
CVE-2013-1135,https://securityvulnerability.io/vulnerability/CVE-2013-1135,,"Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance 8.6 and 9.0 allows remote attackers to cause a denial of service (CPU consumption and monitoring outage) via malformed TLS messages to TCP port (1) 9043 or (2) 9443, aka Bug ID CSCuc07155.",Cisco,Prime Central For Hosted Collaboration Solution Assurance,,,0.0018100000452250242,false,,false,false,false,,,false,false,,2013-02-27T21:00:00.000Z,0