Vulnerabilities > Cisco > Prime Collaboration > 11.0.0

DATE CVE VULNERABILITY TITLE RISK
2018-06-07 CVE-2018-0322 Missing Authorization vulnerability in Cisco products
A vulnerability in the web management interface of Cisco Prime Collaboration Provisioning (PCP) could allow an authenticated, remote attacker to modify sensitive data that is associated with arbitrary accounts on an affected device.
network
low complexity
cisco CWE-862
8.8
2018-06-07 CVE-2018-0321 Improper Authentication vulnerability in Cisco products
A vulnerability in Cisco Prime Collaboration Provisioning (PCP) could allow an unauthenticated, remote attacker to access the Java Remote Method Invocation (RMI) system.
network
low complexity
cisco CWE-287
critical
9.8
2018-06-07 CVE-2018-0320 SQL Injection vulnerability in Cisco products
A vulnerability in the web framework code of Cisco Prime Collaboration Provisioning (PCP) could allow an unauthenticated, remote attacker to execute arbitrary SQL queries.
network
low complexity
cisco CWE-89
critical
9.8
2018-06-07 CVE-2018-0319 Improper Authentication vulnerability in Cisco products
A vulnerability in the password recovery function of Cisco Prime Collaboration Provisioning (PCP) could allow an unauthenticated, remote attacker to gain unauthorized access to an affected device.
network
low complexity
cisco CWE-287
critical
9.8
2018-06-07 CVE-2018-0318 Improper Authentication vulnerability in Cisco products
A vulnerability in the password reset function of Cisco Prime Collaboration Provisioning (PCP) could allow an unauthenticated, remote attacker to gain unauthorized access to an affected device.
network
low complexity
cisco CWE-287
critical
9.8
2018-06-07 CVE-2018-0317 Missing Authorization vulnerability in Cisco products
A vulnerability in the web interface of Cisco Prime Collaboration Provisioning (PCP) could allow an authenticated, remote attacker to escalate their privileges.
network
low complexity
cisco CWE-862
8.8
2016-02-12 CVE-2016-1320 OS Command Injection vulnerability in Cisco Prime Collaboration 11.0.0/9.0.0/9.0.5
The CLI in Cisco Prime Collaboration 9.0 and 11.0 allows local users to execute arbitrary OS commands as root by leveraging administrator privileges, aka Bug ID CSCux69286.
local
low complexity
cisco CWE-78
6.7