Vulnerability in Cisco Prime Home
Severity Rating: High
System Affected:
· Cisco Prime Home 6.3
· Cisco Prime Home 6.4
Description:
A vulnerability was identified in the web-based GUI of Cisco Prime Home which could allow an unauthenticated, remote attacker to bypass authentication and perform unauthorized actions.
The vulnerability exists due to a processing error in the role-based access control (RBAC) of URLs.This vulnerability allows an attacker to send API commands via HTTP to a particular URL without prior authentication.
Source:
Solution
Users are advised to apply updates.
More information is available on:
Cisco Security Advisory
Vendor Information
Cisco
CVE Information
References
Security Focus
Cisco Security Advisory
Contact Information
Postal address
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street
Port Louis