Vulnerabilities > Cisco > Prime Collaboration > Critical

DATE CVE VULNERABILITY TITLE RISK
2018-10-05 CVE-2018-15389 Use of Hard-coded Credentials vulnerability in Cisco Prime Collaboration 12.1
A vulnerability in the install function of Cisco Prime Collaboration Provisioning (PCP) could allow an unauthenticated, remote attacker to access the administrative web interface using a default hard-coded username and password that are used during install.
network
low complexity
cisco CWE-798
critical
 9.8
9.8
2018-06-07 CVE-2018-0318 Improper Authentication vulnerability in Cisco products
A vulnerability in the password reset function of Cisco Prime Collaboration Provisioning (PCP) could allow an unauthenticated, remote attacker to gain unauthorized access to an affected device.
network
low complexity
cisco CWE-287
critical
 9.8
9.8
2018-06-07 CVE-2018-0319 Improper Authentication vulnerability in Cisco products
A vulnerability in the password recovery function of Cisco Prime Collaboration Provisioning (PCP) could allow an unauthenticated, remote attacker to gain unauthorized access to an affected device.
network
low complexity
cisco CWE-287
critical
 9.8
9.8
2018-06-07 CVE-2018-0320 SQL Injection vulnerability in Cisco products
A vulnerability in the web framework code of Cisco Prime Collaboration Provisioning (PCP) could allow an unauthenticated, remote attacker to execute arbitrary SQL queries.
network
low complexity
cisco CWE-89
critical
 9.8
9.8
2018-06-07 CVE-2018-0321 Improper Authentication vulnerability in Cisco products
A vulnerability in Cisco Prime Collaboration Provisioning (PCP) could allow an unauthenticated, remote attacker to access the Java Remote Method Invocation (RMI) system.
network
low complexity
cisco CWE-287
critical
 9.8
9.8