A vulnerability in the web framework of Cisco Prime Collaboration Provisioning could allow an
authenticated, remote attacker to access higher-privileged functions.

An exploit could
allow the attacker to access functions, some of which should be accessible only to users who have administrative privileges. This includes creating an administrative user.

Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.
This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150916-pcp

Leave a Reply