Cisco says its server management tool has a serious security flaw


Cisco has reported discovering a zero-day flaw in one among its merchandise, which might end in menace actors operating malicious code remotely, or stealing delicate knowledge from goal endpoints (opens in new tab).

The vulnerability was present in a product known as Prime Collaboration Deployment (PCD), a device utilized by IT groups emigrate, or improve their servers. The flaw is now tracked as CVE-2023-20060, and is deemed of “Medium” severity with a 6.1 rating. It’s described as a cross-site scripting vulnerability that may be abused to launch arbitrary code.