A vulnerability in the web framework of Cisco Prime Collaboration
Assurance could allow an authenticated, remote attacker to access
information about any device imported into the system database.

The
vulnerability is due to improper implementation of authorization and
access controls. An attacker could exploit this vulnerability by sending
crafted URLs to the system. The attacker would need to be logged in to
the system to exploit this vulnerability.

An exploit could
allow the attacker to access information about devices imported into the
system database, including devices for other customers or domains.
The information that an attacker could retrieve includes SNMP
community strings and devices’ administrative credentials. This would allow the attacker to gain administrative access to these devices.

Cisco has confirmed the vulnerability in a security advisory and released software updates.

To exploit this vulnerability, an attacker must authenticate to the targeted device. This access requirement may reduce the likelihood of a successful exploit.

Although a successful exploit of this vulnerability could result in a partial confidentiality impact of an affected system, the secondary impact of this vulnerability could allow an attacker to gain administrative access to any device imported into the targeted system’s database.

Cisco indicates through the CVSS score that functional exploit code exists; however, the code is not known to be publicly available.

Leave a Reply