Unrated severityNVD Advisory· Published Jun 7, 2018· Updated Nov 29, 2024

CVE-2018-0336

Description

A vulnerability in the batch provisioning feature of Cisco Prime Collaboration Provisioning could allow an authenticated, remote attacker to escalate privileges to the Administrator level. The vulnerability is due to insufficient authorization enforcement on batch processing. An attacker could exploit this vulnerability by uploading a batch file and having the batch file processed by the system. A successful exploit could allow the attacker to escalate privileges to the Administrator level. Cisco Bug IDs: CSCvd86578.

Affected products

Chatwoot/Cisco Prime Collaboration Provisioning Unknownv5
Range: Cisco Prime Collaboration Provisioning unknown

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/104429mitrevdb-entryx_refsource_BID
www.securitytracker.com/id/1041083mitrevdb-entryx_refsource_SECTRACK
tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-prime-escalationmitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000