CVE-2019-1662

CVE Database · CVE-2019-1662

CVE-2019-1662

· N/AModified

CVSS v3.1

N/A

EPSS

1.78%

Published

Feb 21, 2019

Modified

Nov 21, 2024

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A vulnerability in the Quality of Voice Reporting (QOVR) service of Cisco Prime Collaboration Assurance (PCA) Software could allow an unauthenticated, remote attacker to access the system as a valid user. The vulnerability is due to insufficient authentication controls. An attacker could exploit this vulnerability by connecting to the QOVR service with a valid username. A successful exploit could allow the attacker to perform actions with the privileges of the user that is used for access. This vulnerability affects Cisco PCA Software Releases prior to 12.1 SP2.

Weaknesses (CWE)

CWE-287CWE-287

Affected Products (3)

cisco · prime_collaboration_assurance (up to 12.1)vulnerable

cisco · prime_collaboration_assurancevulnerable

References (4)

http://www.securityfocus.com/bid/107096

Third Party Advisory

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-pca-access

Vendor Advisory

http://www.securityfocus.com/bid/107096

Third Party Advisory

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-pca-access

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs