Home / Early Warning / Vulnerabilidades / CVE-2018-15450

CVE-2018-15450

Type: 
Path Traversal
Severity: 
Medium
Publication date: 
11/08/2018
Last modified: 
09/16/2020
Description
A vulnerability in the web-based UI of Cisco Prime Collaboration Assurance could allow an authenticated, remote attacker to overwrite files on the file system. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by using a specific UI input field to provide a custom path location. A successful exploit could allow the attacker to overwrite files on the file system.
Impact
Access Vector: Through network
Access Complexity: Low
Authentication: Requires a single instance to exploit
Impact Type: Partially affects on system integrity + No impact on system confidentiality + Partially affects on system availability
Vulnerable software and versions
  • cpe:2.3:a:cisco:prime_collaboration:12.1:*:*:*:*:*:*:*
To consult the complete list of products and versions see this page
References to Advisories, Solutions, and Tools
Explanation of fields