Skip Ribbon Commands
Skip to main content
Computer Security Incident Response Team of Mauritius (CERT-MU)

VN-2017-20


Vulnerability in Cisco Prime Home
Severity Rating: High
System Affected:  
·         Cisco Prime Home 6.3
·         Cisco Prime Home 6.4
  • Cisco Prime Home 6.5
 
Description:
A vulnerability was identified in the web-based GUI of Cisco Prime Home which could allow an unauthenticated, remote attacker to bypass authentication and perform unauthorized actions.
 
The vulnerability exists due to a processing error in the role-based access control (RBAC) of URLs.This vulnerability allows an attacker to send API commands via HTTP to a particular URL without prior authentication.
Source:
Solution
Users are advised to apply updates.
More information is available on:
Cisco Security Advisory
 
 
Vendor Information
Cisco
 
CVE Information
 
References
Security Focus
 
Cisco Security Advisory
 
 
Contact Information
 
Postal address
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street
Port Louis