What is CVE-2018-0317?

CVE-2018-0317 is a vulnerability in the web interface of Cisco Prime Collaboration Provisioning (PCP) that allows an authenticated, remote attacker to escalate their privileges.

What is the severity of CVE-2018-0317?

CVE-2018-0317 is classified as a high severity vulnerability with a severity value of 8.8.

How does the vulnerability in CVE-2018-0317 occur?

The vulnerability in CVE-2018-0317 occurs due to insufficient web portal access control checks.

How can an attacker exploit CVE-2018-0317?

An attacker can exploit CVE-2018-0317 by modifying an account profile.

Are there any references available for CVE-2018-0317?

Yes, you can find references for CVE-2018-0317 at the following links: [SecurityFocus](http://www.securityfocus.com/bid/104432), [SecurityTracker](http://www.securitytracker.com/id/1041080), [Cisco Security Advisory](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-prime-bypass)

Vulnerability/
CVE-2018-0317

high

8.8

CWE

862 264

7/6/2018

5/8/2024

CVE-2018-0317

First published: Thu Jun 07 2018(Updated: )

A vulnerability in the web interface of Cisco Prime Collaboration Provisioning (PCP) could allow an authenticated, remote attacker to escalate their privileges. The vulnerability is due to insufficient web portal access control checks. An attacker could exploit this vulnerability by modifying an access request. An exploit could allow the attacker to promote their account to any role defined on the system. This vulnerability affects Cisco Prime Collaboration Provisioning (PCP) Releases 12.2 and prior. Cisco Bug IDs: CSCvc90286.

Credit: ykramarz@cisco.com

Affected Software	Affected Version	How to fix
Cisco Prime Collaboration	<=12.1
Cisco Prime Collaboration Provisioning	<=12.2

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2018-0317?
CVE-2018-0317 is a vulnerability in the web interface of Cisco Prime Collaboration Provisioning (PCP) that allows an authenticated, remote attacker to escalate their privileges.
What is the severity of CVE-2018-0317?
CVE-2018-0317 is classified as a high severity vulnerability with a severity value of 8.8.
How does the vulnerability in CVE-2018-0317 occur?
The vulnerability in CVE-2018-0317 occurs due to insufficient web portal access control checks.
How can an attacker exploit CVE-2018-0317?
An attacker can exploit CVE-2018-0317 by modifying an account profile.
Are there any references available for CVE-2018-0317?
Yes, you can find references for CVE-2018-0317 at the following links: [SecurityFocus](http://www.securityfocus.com/bid/104432), [SecurityTracker](http://www.securitytracker.com/id/1041080), [Cisco Security Advisory](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-prime-bypass)

collector/nvd-index
agent/references
agent/severity
agent/author
agent/type
agent/weakness
agent/tags
agent/event
agent/description
agent/last-modified-date
agent/softwarecombine
agent/first-publish-date
collector/mitre-cve
source/MITRE
vendor/cisco
canonical/cisco prime collaboration
version/cisco prime collaboration/12.1
canonical/cisco prime collaboration provisioning
version/cisco prime collaboration provisioning/12.2

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.