#VU13211 Privilege escalation in Cisco Prime Collaboration Provisioning - CVE-2018-0319

Cybersecurity Help s.r.o.

Published: 2018-06-07

Vulnerability identifier: #VU13211

Vulnerability risk: Low

CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2018-0319

CWE-ID: CWE-264

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Cisco Prime Collaboration Provisioning
Server applications / Other server solutions

Vendor: Cisco Systems, Inc

Description

The vulnerability allows a remote attacker to gain elevated privileges on the target system.

The vulnerability exists in the password recovery function of Cisco Prime Collaboration Provisioning (PCP) due to insufficient validation of a password recovery request. A remote attacker can submit a specially crafted password recovery request, change the password for any user and gain administrative-level privileges on the affected system.

Mitigation
Update to version 12.1.

Vulnerable software versions

Cisco Prime Collaboration Provisioning: 11.6

External links
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-prime-password-recovery

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Cisco Prime Collaboration Provisioning