CVE-2018-0319 vulnerability in Cisco Products
Published on June 7, 2018
A vulnerability in the password recovery function of Cisco Prime Collaboration Provisioning (PCP) could allow an unauthenticated, remote attacker to gain unauthorized access to an affected device. The vulnerability is due to insufficient validation of a password recovery request. An attacker could exploit this vulnerability by submitting a password recovery request and changing the password for any user on an affected system. An exploit could allow the attacker to gain administrative-level privileges on the affected system. This vulnerability affects Cisco Prime Collaboration Provisioning (PCP) Releases 11.6 and prior. Cisco Bug IDs: CSCvd07253.
Weakness Type
Credentials Management Errors
Weaknesses in this category are related to the management of credentials.
Products Associated with CVE-2018-0319
stack.watch emails you whenever new vulnerabilities are published in Cisco Prime Collaboration or Cisco Prime Collaboration Provisioning. Just hit a watch button to start following.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.