Cisco Prime Collaboration Provisioning Tool Session Hijacking Vulnerability

A vulnerability in the web application in the Cisco Prime Collaboration Provisioning tool could allow an unauthenticated, remote attacker to hijack another user's session.

The vulnerability is due to insufficient session management during user authentication. An attacker could exploit this vulnerability by performing a session fixation attack against the web application.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
http://ift.tt/2rVb17U A vulnerability in the web application in the Cisco Prime Collaboration Provisioning tool could allow an unauthenticated, remote attacker to hijack another user's session.

The vulnerability is due to insufficient session management during user authentication. An attacker could exploit this vulnerability by performing a session fixation attack against the web application.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
http://ift.tt/2rVb17U
Security Impact Rating: Medium
CVE: CVE-2017-6703

from Cisco Security Advisory http://ift.tt/2rVb17U