Critical severity9.8NVD Advisory· Published Jun 7, 2018· Updated Jun 17, 2026
CVE-2018-0320
CVE-2018-0320
Description
A vulnerability in the web framework code of Cisco Prime Collaboration Provisioning (PCP) could allow an unauthenticated, remote attacker to execute arbitrary SQL queries. The vulnerability is due to a lack of proper validation on user-supplied input in SQL queries. An attacker could exploit this vulnerability by sending crafted URLs that contain malicious SQL statements to the affected application. This vulnerability affects Cisco Prime Collaboration Provisioning (PCP) Releases 12.1 and prior. Cisco Bug IDs: CSCvd61754.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <=12.1
Patches
Vulnerability mechanics
References
3- www.securityfocus.com/bid/104416nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1041084nvdThird Party AdvisoryVDB Entry
- tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-prime-sqlnvdVendor Advisory
News mentions
0No linked articles in our index yet.