Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Prime_license_manager
(Cisco)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 6 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-01-13 | CVE-2021-1226 | A vulnerability in the audit logging component of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM & Presence Service, Cisco Unity Connection, Cisco Emergency Responder, and Cisco Prime License Manager could allow an authenticated, remote attacker to view sensitive information in clear text on an affected system. The vulnerability is due to the storage of certain unencrypted credentials. An... | Emergency_responder, Prime_license_manager, Unified_communications_manager, Unified_communications_manager_im_\&_presence_service, Unity_connection | 6.5 | ||
| 2021-04-08 | CVE-2021-1362 | A vulnerability in the SOAP API endpoint of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM & Presence Service, Cisco Unity Connection, and Cisco Prime License Manager could allow an authenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to improper sanitization of user-supplied input. An attacker could exploit this vulnerability by sending a... | Prime_license_manager, Unified_communications_manager, Unified_communications_manager_im_\&_presence_service, Unity_connection | 8.8 | ||
| 2020-07-16 | CVE-2020-3140 | A vulnerability in the web management interface of Cisco Prime License Manager (PLM) Software could allow an unauthenticated, remote attacker to gain unauthorized access to an affected device. The vulnerability is due to insufficient validation of user input on the web management interface. An attacker could exploit this vulnerability by submitting a malicious request to an affected system. An exploit could allow the attacker to gain administrative-level privileges on the system. The... | Prime_license_manager | N/A | ||
| 2018-11-28 | CVE-2018-15441 | A vulnerability in the web framework code of Cisco Prime License Manager (PLM) could allow an unauthenticated, remote attacker to execute arbitrary SQL queries. The vulnerability is due to a lack of proper validation of user-supplied input in SQL queries. An attacker could exploit this vulnerability by sending crafted HTTP POST requests that contain malicious SQL statements to an affected application. A successful exploit could allow the attacker to modify and delete arbitrary data in the... | Prime_license_manager | 9.8 | ||
| 2018-06-07 | CVE-2017-6779 | Multiple Cisco products are affected by a vulnerability in local file management for certain system log files of Cisco collaboration products that could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a denial of service (DoS) condition. The vulnerability occurs because a certain system log file does not have a maximum size restriction. Therefore, the file is allowed to consume the majority of available disk space on the appliance. An attacker could... | Emergency_responder, Finesse, Hosted_collaboration_mediation_fulfillment, Mediasense, Prime_collaboration_assurance, Prime_collaboration_provisioning, Prime_license_manager, Socialminer, Unified_communications_manager, Unified_contact_center_express, Unified_intelligence_center, Unity_connection, Virtualized_voice_browser | 7.5 | ||
| 2017-11-16 | CVE-2017-12337 | A vulnerability in the upgrade mechanism of Cisco collaboration products based on the Cisco Voice Operating System software platform could allow an unauthenticated, remote attacker to gain unauthorized, elevated access to an affected device. The vulnerability occurs when a refresh upgrade (RU) or Prime Collaboration Deployment (PCD) migration is performed on an affected device. When a refresh upgrade or PCD migration is completed successfully, an engineering flag remains enabled and could... | Emergency_responder, Finesse, Hosted_collaboration_solution, Mediasense, Prime_license_manager, Socialminer, Unified_communications_manager, Unified_communications_manager_im_and_presence_service, Unified_contact_center_express, Unified_intelligence_center, Unity_connection | 9.8 |