Test Kennung:	1.3.6.1.4.1.25623.1.0.105739
Kategorie:	CISCO
Titel:	Cisco Prime Collaboration Provisioning SQL Injection Vulnerability
Zusammenfassung:	A vulnerability in web framework of Cisco Prime Collaboration Provisioning (PCP) could allow an authenticated,; remote attacker to execute unauthorized SQL queries.
Beschreibung:	Summary: A vulnerability in web framework of Cisco Prime Collaboration Provisioning (PCP) could allow an authenticated, remote attacker to execute unauthorized SQL queries. Vulnerability Insight: The vulnerability is due to a failure to validate user-supplied input used in SQL queries. Vulnerability Impact: An attacker could exploit this vulnerability by sending a crafted SQL statement to an affected system. Successful exploitation could allow the attacker to read, modify, or delete entries in some database tables. Affected Software/OS: Cisco Prime Collaboration Provisioning versions 10.6 and 11.0 are vulnerable. Solution: Update to 11.0.0.582 or later. CVSS Score: 6.5 CVSS Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P
Querverweis:	BugTraq ID: 77050 Common Vulnerability Exposure (CVE) ID: CVE-2015-6329 Cisco Security Advisory: 20151008 Cisco Prime Collaboration Provisioning SQL Injection Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151008-pcp http://www.securitytracker.com/id/1033783
Copyright	This script is Copyright (C) 2016 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.