Multiple vulnerabilities in Cisco Prime Collaboration Provisioning
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 8 |
| CVE-ID | CVE-2018-0320 CVE-2018-0336 CVE-2018-0322 CVE-2018-0321 CVE-2018-0318 CVE-2018-0319 CVE-2018-0317 CVE-2018-0335 |
| CWE-ID | CWE-89 CWE-264 CWE-200 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Cisco Prime Collaboration Provisioning Server applications / Other server solutions |
| Vendor | Cisco Systems, Inc |
Security Bulletin
This security bulletin contains information about 8 vulnerabilities.
1) SQL injection
EUVDB-ID: #VU13206
Risk: Low
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-0320
CWE-ID:
CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary SQL commands in web application database.
The vulnerability exists in the web framework code of Cisco Prime Collaboration Provisioning (PCP) due to insufficient validation on user-supplied input in SQL queries. A remote attacker can send a specially crafted HTTP request to vulnerable script and execute arbitrary SQL commands in web application database.
Successful exploitation of the vulnerability may allow an attacker to gain administrative access to vulnerable web application.
MitigationInstall update from vendor's website.
Vulnerable software versionsCisco Prime Collaboration Provisioning: 12.1
CPE2.3 External linkshttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-prime-sql
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Privilege escalation
EUVDB-ID: #VU13207
Risk: Low
CVSSv4.0: 6.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-0336
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to gain elevated privileges on the target system.
The vulnerability exists in the batch provisioning feature of Cisco Prime Collaboration Provisioning due to insufficient authorization enforcement on batch processing. A remote attacker can upload a batch file, have the batch file processed by the system and escalate his privileges to the Administrator level.
MitigationInstall update from vendor's website.
Vulnerable software versionsCisco Prime Collaboration Provisioning: 12.1
CPE2.3 External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Privilege escalation
EUVDB-ID: #VU13208
Risk: Low
CVSSv4.0: 6.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-0322
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to gain elevated privileges on the target system.
The vulnerability exists in the web management interface of Cisco Prime Collaboration Provisioning (PCP) due to a failure to enforce access restrictions on the Help Desk and User Provisioning roles that are assigned to authenticated users. A remote attacker can modify critical attributes of higher-privileged accounts on the device and gain elevated privileges on the device.
MitigationUpdate to version 12.2.
Vulnerable software versionsCisco Prime Collaboration Provisioning: 12.1
CPE2.3 External linkshttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-prime-access
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Security restrictions bypass
EUVDB-ID: #VU13209
Risk: Low
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-0321
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass security restrictions and access the Java Remote Method Invocation (RMI) system.
The vulnerability exists in Cisco Prime Collaboration Provisioning (PCP) due to an open port in the Network Interface and Configuration Engine (NICE) service. A remote attacker can access the open RMI system on an affected PCP instance and perform malicious actions that affect PCP and the devices that are connected to it.
MitigationUpdate to version 12.1.
Vulnerable software versionsCisco Prime Collaboration Provisioning: 11.6
CPE2.3 External linkshttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-prime-access
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Privilege escalation
EUVDB-ID: #VU13210
Risk: Low
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-0318
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain elevated privileges on the target system.
The vulnerability exists in the password reset function of Cisco Prime Collaboration Provisioning (PCP) due to insufficient validation of a password reset request.. A remote attacker can submit a specially crafted password reset request, change the password for any user and gain administrative-level privileges on the affected system.
MitigationUpdate to version 12.1.
Vulnerable software versionsCisco Prime Collaboration Provisioning: 11.6
CPE2.3 External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Privilege escalation
EUVDB-ID: #VU13211
Risk: Low
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-0319
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain elevated privileges on the target system.
The vulnerability exists in the password recovery function of Cisco Prime Collaboration Provisioning (PCP) due to insufficient validation of a password recovery request. A remote attacker can submit a specially crafted password recovery request, change the password for any user and gain administrative-level privileges on the affected system.
MitigationUpdate to version 12.1.
Vulnerable software versionsCisco Prime Collaboration Provisioning: 11.6
CPE2.3 External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Privilege escalation
EUVDB-ID: #VU13212
Risk: Low
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-0317
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to gain elevated privileges on the target system.
The vulnerability exists in the web interface of Cisco Prime Collaboration Provisioning (PCP) due to insufficient web portal access control checks. A remote attacker can modify an access request, promote their account to any role defined on the system and gain elevated privileges.
MitigationUpdate to version 12.3.
Vulnerable software versionsCisco Prime Collaboration Provisioning: 12.2
CPE2.3 External linkshttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-prime-bypass
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Information disclosure
EUVDB-ID: #VU13213
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-0335
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: No
DescriptionThe vulnerability allows a local unauthenticated attacker to obtain potentially sensitive information on the target system.
The vulnerability exists in the web portal authentication process of Cisco Prime Collaboration Provisioning due to improper logging of authentication data. A local attacker can monitor a specific file for this authentication data and gain authentication information for other users.
MitigationInstall update from vendor's website.
Vulnerable software versionsCisco Prime Collaboration Provisioning: 12.2
CPE2.3 External linkshttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-cpcp-id
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
