11.0

DATE	CVE	VULNERABILITY TITLE	RISK
2018-06-07	CVE-2018-0322	Missing Authorization vulnerability in Cisco products A vulnerability in the web management interface of Cisco Prime Collaboration Provisioning (PCP) could allow an authenticated, remote attacker to modify sensitive data that is associated with arbitrary accounts on an affected device. network low complexity cisco CWE-862	8.8
2018-06-07	CVE-2018-0321	Improper Authentication vulnerability in Cisco products A vulnerability in Cisco Prime Collaboration Provisioning (PCP) could allow an unauthenticated, remote attacker to access the Java Remote Method Invocation (RMI) system. network low complexity cisco CWE-287 critical	9.8
2018-06-07	CVE-2018-0320	SQL Injection vulnerability in Cisco products A vulnerability in the web framework code of Cisco Prime Collaboration Provisioning (PCP) could allow an unauthenticated, remote attacker to execute arbitrary SQL queries. network low complexity cisco CWE-89 critical	9.8
2018-06-07	CVE-2018-0319	Improper Authentication vulnerability in Cisco products A vulnerability in the password recovery function of Cisco Prime Collaboration Provisioning (PCP) could allow an unauthenticated, remote attacker to gain unauthorized access to an affected device. network low complexity cisco CWE-287 critical	9.8
2018-06-07	CVE-2018-0318	Improper Authentication vulnerability in Cisco products A vulnerability in the password reset function of Cisco Prime Collaboration Provisioning (PCP) could allow an unauthenticated, remote attacker to gain unauthorized access to an affected device. network low complexity cisco CWE-287 critical	9.8
2018-06-07	CVE-2018-0317	Missing Authorization vulnerability in Cisco products A vulnerability in the web interface of Cisco Prime Collaboration Provisioning (PCP) could allow an authenticated, remote attacker to escalate their privileges. network low complexity cisco CWE-862	8.8