2015 m. rugsėjo 22 d., antradienis

Cisco Security Advisory: Cisco Prime Collaboration Provisioning Web Framework Access Controls Bypass Vulnerability

Cisco Security Advisory: Cisco Prime Collaboration Provisioning Web Framework Access Controls Bypass Vulnerability


Advisory ID: cisco-sa-20150916-pcp

Revision 1.0

For Public Release 2015 September 16 16:00  UTC (GMT)

+-----------------------------------------------------------
----------

Summary
=======
A vulnerability in the web framework of Cisco Prime Collaboration Provisioning could allow an authenticated, remote attacker to access higher-privileged functions.

An exploit could allow the attacker to access functions some of which should be accessible only to users who have administrative privileges. This includes creating an administrative user.

Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150916-pcp
Pranešimą parašė ties

Komentarų nėra:

Rašyti komentarą

Užsisakykite: Rašyti komentarus (Atom)