Wednesday, August 2, 2017

Cisco Prime Collaboration Provisioning Tool UpgradeManager File Write Vulnerability

A vulnerability in the UpgradeManager of the Cisco Prime Collaboration Provisioning Tool could allow an authenticated, remote attacker to write arbitrary files as root on the system.

The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by triggering the upgrade package installation functionality.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
http://ift.tt/2wm5eum A vulnerability in the UpgradeManager of the Cisco Prime Collaboration Provisioning Tool could allow an authenticated, remote attacker to write arbitrary files as root on the system.

The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by triggering the upgrade package installation functionality.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
http://ift.tt/2wm5eum
Security Impact Rating: Medium
CVE: CVE-2017-6759

from Cisco Security Advisory http://ift.tt/2wm5eum
Posted by at

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Subscribe to: Post Comments (Atom)