PT-2017-1542 · Cisco · Cisco Prime Infrastructure

Published

2017-03-17

Updated

2019-10-03

CVE-2017-3869

CVSS v2.0

5.5

Medium

Vector

AV:N/AC:L/Au:S/C:P/I:P/A:N

Name of the Vulnerable Software and Affected Versions Cisco Prime Infrastructure versions 3.1(1)

Description The issue is related to errors in managing registration data in the Credentials Management interface of Cisco Prime Infrastructure. This could allow a remote attacker with valid credentials to access beyond their privileges. The attacker must have valid mandates to exploit this issue.

Recommendations For version 3.1(1), update to a version that includes the fix for this issue, as indicated by reference CSCuy36192.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-255

Related Identifiers

BDU:2017-00687

CVE-2017-3869

Affected Products

Cisco Prime Infrastructure

PT-2017-1542 · Cisco · Cisco Prime Infrastructure

CVE-2017-3869

Weakness Enumeration

Related Identifiers

Affected Products

References · 6