A vulnerability in the logging subsystem of the Cisco Prime Collaboration Provisioning tool could allow an unauthenticated, local attacker to acquire sensitive information.
The vulnerability is due to the logging of sensitive details of specific user actions. An attacker could exploit this vulnerability by accessing specific system log files.
There are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-pcp4 [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-pcp4”]
Vendor | Product | Version | CPE |
---|---|---|---|
cisco | prime_collaboration_provisioning | any | cpe:2.3:a:cisco:prime_collaboration_provisioning:any:*:*:*:*:*:*:* |