CVE-2016-1320

MEDIUM

Cisco Prime Collaboration <11.0 - Command Injection

Title source: llm

Description

The CLI in Cisco Prime Collaboration 9.0 and 11.0 allows local users to execute arbitrary OS commands as root by leveraging administrator privileges, aka Bug ID CSCux69286.

References (2)

[Vendor Advisory] http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160209-pcp

[Third Party Advisory] https://www.tenable.com/security/research/tra-2016-38

Scores

CVSS v3 6.7

EPSS 0.0019

EPSS Percentile 40.6%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-78 CWE-264

Status draft

Affected Products (3)

cisco/prime_collaboration

Timeline

Published Feb 12, 2016

Tracked Since Feb 18, 2026