CVE-2017-6792

Name of the Vulnerable Software and Affected Versions Cisco Prime Collaboration Provisioning Tool (affected versions not specified)

Description A vulnerability in the batch provisioning feature could allow an authenticated, remote attacker to overwrite system files as root. This issue is due to a lack of input validation of the parameters in BatchFileName and Directory. An attacker could exploit this by manipulating the parameters of the batch action file function.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.