CVE-2018-15389 vulnerability in Cisco Products
Published on October 5, 2018
Cisco Prime Collaboration Provisioning Intermittent Hard-Coded Password Vulnerability
A vulnerability in the install function of Cisco Prime Collaboration Provisioning (PCP) could allow an unauthenticated, remote attacker to access the administrative web interface using a default hard-coded username and password that are used during install. The vulnerability is due to a hard-coded password that, in some cases, is not replaced with a unique password. A successful exploit could allow the attacker to access the administrative web interface with administrator-level privileges.
Weakness Type
Credentials Management Errors
Weaknesses in this category are related to the management of credentials.
Products Associated with CVE-2018-15389
stack.watch emails you whenever new vulnerabilities are published in Cisco Prime Collaboration or Cisco Prime Collaboration Provisioning. Just hit a watch button to start following.
Affected Versions
Cisco Prime Collaboration Provisioning Version n/a is affected by CVE-2018-15389Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.