Cisco Prime Collaboration Deployment
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Cisco Prime Collaboration Deployment.
Recent Cisco Prime Collaboration Deployment Security Advisories
| Advisory | Title | Published |
|---|---|---|
| 2023-04-26 | Cisco Prime Collaboration Deployment Cross-Site Scripting Vulnerability | April 26, 2023 |
By the Year
In 2026 there have been 0 vulnerabilities in Cisco Prime Collaboration Deployment. Last year, in 2025 Prime Collaboration Deployment had 1 security vulnerability published. Right now, Prime Collaboration Deployment is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 1 | 5.10 |
| 2024 | 1 | 6.10 |
| 2023 | 1 | 7.50 |
It may take a day or so for new Prime Collaboration Deployment vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Cisco Prime Collaboration Deployment Security Vulnerabilities
Priv Escalation in Cisco Unified Comm via Local Auth on ESXi
CVE-2025-20112
5.1 - Medium
- May 21, 2025
A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products could allow an authenticated, local attacker to elevate privileges to root on an affected device. This vulnerability is due to excessive permissions that have been assigned to system commands. An attacker could exploit this vulnerability by executing crafted commands on the underlying operating system. A successful exploit could allow the attacker to escape the restricted shell and gain root privileges on the underlying operating system of an affected device. To successfully exploit this vulnerability, an attacker would need administrative access to the ESXi hypervisor.
Privilege Chaining
Cisco Prime Collaboration Deployment XSS via Web UI
CVE-2023-20060
6.1 - Medium
- November 15, 2024
A vulnerability in the web-based management interface of Cisco Prime Collaboration Deployment could allow an unauthenticated, remote attacker to conduct a cross-site scripting attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco plans to release software updates that address this vulnerability. There are no workarounds that address this vulnerability.
XSS
Cisco Unified Communications API Improper Auth Causing High CPU DoS
CVE-2023-20259
7.5 - High
- October 04, 2023
A vulnerability in an API endpoint of multiple Cisco Unified Communications Products could allow an unauthenticated, remote attacker to cause high CPU utilization, which could impact access to the web-based management interface and cause delays with call processing. This API is not used for device management and is unlikely to be used in normal operations of the device. This vulnerability is due to improper API authentication and incomplete validation of the API request. An attacker could exploit this vulnerability by sending a crafted HTTP request to a specific API on the device. A successful exploit could allow the attacker to cause a denial of service (DoS) condition due to high CPU utilization, which could negatively impact user traffic and management access. When the attack stops, the device will recover without manual intervention.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Cisco Prime Collaboration Deployment or by Cisco? Click the Watch button to subscribe.
