ID
VAR-202003-1189
CVE
CVE-2020-3193
TITLE
Cisco Prime Collaboration Provisioning Vulnerability regarding information leakage in
Trust: 0.8
sources:
JVNDB: JVNDB-2020-002481
DESCRIPTION
A vulnerability in the web-based management interface of Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to obtain sensitive information about an affected device. The vulnerability exists because replies from the web-based management interface include unnecessary server information. An attacker could exploit this vulnerability by inspecting replies received from the web-based management interface. A successful exploit could allow the attacker to obtain details about the operating system, including the web server version that is running on the device, which could be used to perform further attacks. The software provides IP communications services functionality for IP telephony, voice mail, and unified communications environments
Trust: 1.71
sources:
NVD: CVE-2020-3193 //
JVNDB: JVNDB-2020-002481 //
VULHUB: VHN-181318
AFFECTED PRODUCTS
| vendor: | cisco | model: | prime collaboration provisioning | scope: | lt | version: | 12.6 | Trust: 1.0 |
| vendor: | cisco | model: | prime collaboration provisioning | scope: | eq | version: | 12.6 | Trust: 1.0 |
| vendor: | cisco | model: | prime collaboration provisioning | scope: | - | version: | - | Trust: 0.8 |
| vendor: | cisco | model: | prime collaboration provisioning | scope: | eq | version: | 11.2 | Trust: 0.6 |
| vendor: | cisco | model: | prime collaboration provisioning | scope: | eq | version: | 11.1.0 | Trust: 0.6 |
| vendor: | cisco | model: | prime collaboration provisioning | scope: | eq | version: | 10.6.2 | Trust: 0.6 |
| vendor: | cisco | model: | prime collaboration provisioning | scope: | eq | version: | 11.2_base | Trust: 0.6 |
| vendor: | cisco | model: | prime collaboration provisioning | scope: | eq | version: | 10.5 | Trust: 0.6 |
| vendor: | cisco | model: | prime collaboration provisioning | scope: | eq | version: | 11.1 | Trust: 0.6 |
| vendor: | cisco | model: | prime collaboration provisioning | scope: | eq | version: | 11.5 | Trust: 0.6 |
| vendor: | cisco | model: | prime collaboration provisioning | scope: | eq | version: | 11.0 | Trust: 0.6 |
| vendor: | cisco | model: | prime collaboration provisioning | scope: | eq | version: | 11.5.0 | Trust: 0.6 |
| vendor: | cisco | model: | prime collaboration provisioning | scope: | eq | version: | 11.0.0 | Trust: 0.6 |
sources:
JVNDB: JVNDB-2020-002481 //
CNNVD: CNNVD-202003-175 //
NVD: CVE-2020-3193
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
sources:
VULHUB: VHN-181318 //
JVNDB: JVNDB-2020-002481 //
CNNVD: CNNVD-202003-175 //
NVD: CVE-2020-3193 //
NVD: CVE-2020-3193
PROBLEMTYPE DATA
| problemtype: | CWE-200 | Trust: 1.9 |
sources:
VULHUB: VHN-181318 //
JVNDB: JVNDB-2020-002481 //
NVD: CVE-2020-3193
THREAT TYPE
remote
Trust: 0.6
sources:
CNNVD: CNNVD-202003-175
TYPE
information disclosure
Trust: 0.6
sources:
CNNVD: CNNVD-202003-175
CONFIGURATIONS
sources:
JVNDB: JVNDB-2020-002481
PATCH
| title: | cisco-sa-prim-collab-disclo-FAnX4DKB | url: | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-prim-collab-disclo-FAnX4DKB | Trust: 0.8 |
| title: | Cisco Prime Collaboration Provisioning Repair measures for information disclosure vulnerabilities | url: | http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=111110 | Trust: 0.6 |
sources:
JVNDB: JVNDB-2020-002481 //
CNNVD: CNNVD-202003-175
EXTERNAL IDS
| db: | NVD | id: | CVE-2020-3193 | Trust: 2.5 |
| db: | JVNDB | id: | JVNDB-2020-002481 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-202003-175 | Trust: 0.7 |
| db: | NSFOCUS | id: | 46086 | Trust: 0.6 |
| db: | AUSCERT | id: | ESB-2020.0806 | Trust: 0.6 |
| db: | CNVD | id: | CNVD-2020-15571 | Trust: 0.1 |
| db: | VULHUB | id: | VHN-181318 | Trust: 0.1 |
sources:
VULHUB: VHN-181318 //
JVNDB: JVNDB-2020-002481 //
CNNVD: CNNVD-202003-175 //
NVD: CVE-2020-3193
REFERENCES
| url: | https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-prim-collab-disclo-fanx4dkb | Trust: 1.7 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2020-3193 | Trust: 1.4 |
| url: | https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3193 | Trust: 0.8 |
| url: | https://www.auscert.org.au/bulletins/esb-2020.0806/ | Trust: 0.6 |
| url: | http://www.nsfocus.net/vulndb/46086 | Trust: 0.6 |
sources:
VULHUB: VHN-181318 //
JVNDB: JVNDB-2020-002481 //
CNNVD: CNNVD-202003-175 //
NVD: CVE-2020-3193
SOURCES
| db: | VULHUB | id: | VHN-181318 |
| db: | JVNDB | id: | JVNDB-2020-002481 |
| db: | CNNVD | id: | CNNVD-202003-175 |
| db: | NVD | id: | CVE-2020-3193 |
LAST UPDATE DATE
2024-11-23T22:48:03.375000+00:00
SOURCES UPDATE DATE
| db: | VULHUB | id: | VHN-181318 | date: | 2020-03-06T00:00:00 |
| db: | JVNDB | id: | JVNDB-2020-002481 | date: | 2020-03-17T00:00:00 |
| db: | CNNVD | id: | CNNVD-202003-175 | date: | 2020-03-13T00:00:00 |
| db: | NVD | id: | CVE-2020-3193 | date: | 2024-11-21T05:30:31.247 |
SOURCES RELEASE DATE
| db: | VULHUB | id: | VHN-181318 | date: | 2020-03-04T00:00:00 |
| db: | JVNDB | id: | JVNDB-2020-002481 | date: | 2020-03-17T00:00:00 |
| db: | CNNVD | id: | CNNVD-202003-175 | date: | 2020-03-04T00:00:00 |
| db: | NVD | id: | CVE-2020-3193 | date: | 2020-03-04T19:15:13.727 |