SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   Cisco Prime Collaboration Vendors:   Cisco
Cisco Prime Collaboration Provisioning Open NICE Port Lets Remote Users Access the Target System
SecurityTracker Alert ID:  1041085
SecurityTracker URL:  http://securitytracker.com/id/1041085
CVE Reference:   CVE-2018-0321   (Links to External Site)
Date:  Jun 12 2018
Impact:   User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): PCP 11.6 and before
Description:   A vulnerability was reported in Cisco Prime Collaboration Provisioning. A remote user can gain access to the target system.

A remote user can connect to an open port in the Network Interface and Configuration Engine (NICE) service to gain access to the Java Remote Method Invocation (RMI) system and take actions on the target system and the managed devices.

The vendor has assigned bug ID CSCvd61746 to this vulnerability.

Impact:   A remote user can take actions on the target system and the managed devices.
Solution:   The vendor has issued a fix.

The vendor advisory is available at:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-prime-rmi

Vendor URL:  tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-prime-rmi (Links to External Site)
Cause:   Access control error

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, SecurityGlobal.net LLC