Vulnetix
Try Vulnetix Request Demo
CVE-2018-0317 PUBLISHED CVSS 8.800000190734863 HIGH

A vulnerability in the web interface of Cisco Prime Collaboration Provisioning (PCP) could allow an authenticated, remote attacker to escalate their privileges. The vulnerability is due to insufficient web portal access control checks. An attacker could exploit this vulnerability by modifying an access request. An exploit could allow the attacker to promote their account to any role defined on the system. This vulnerability affects Cisco Prime Collaboration Provisioning (PCP) Releases 12.2 and prior. Cisco Bug IDs: CSCvc90286.

EPSS 1.15% · 78.4th percentile

Risk Scores

CVSS v3.0
8.800000190734863
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
1.15%
78.4th percentile

Affected Products

VendorProductVersions
n/aCisco Prime Collaboration Provisioning unknownCisco Prime Collaboration Provisioning unknown
ciscoprime_collaboration_provisioning0
ciscoprime_collaboration0

Timeline

References

Open in Interactive Console →