CVE-2017-6703

MEDIUM

Cisco Prime Collaboration Provisioning - Authentication Bypass

Title source: rule

Description

A vulnerability in the web application in the Cisco Prime Collaboration Provisioning tool could allow an unauthenticated, remote attacker to hijack another user's session. More Information: CSCvc90346. Known Affected Releases: 12.1.

References (3)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/99224

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1038744

[Vendor Advisory] https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-pcp1

Scores

CVSS v3 5.9

EPSS 0.0098

EPSS Percentile 76.5%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N

Details

CWE

CWE-287

Status published

Products (5)

cisco/prime_collaboration_provisioning

n/a/Cisco Prime Collaboration Provisioning Tool < Cisco Prime Collaboration Provisioning Tool

Published Jul 04, 2017

Tracked Since Feb 18, 2026