CVE-2019-1662

Name of the Vulnerable Software and Affected Versions Cisco Prime Collaboration Assurance (PCA) Software versions prior to 12.1 SP2

Description The issue is related to insufficient authentication controls in the Quality of Voice Reporting (QOVR) service, allowing an unauthenticated, remote attacker to access the system as a valid user. An attacker could exploit this by connecting to the QOVR service with a valid username, potentially performing actions with the privileges of the accessed user.

Recommendations For versions prior to 12.1 SP2, update to version 12.1 SP2 or later to resolve the issue. As a temporary workaround, consider restricting access to the QOVR service to minimize the risk of exploitation.