CVE-2018-0391
Severity
6.5MEDIUM
EPSS
0.4%
top 36.65%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedAug 1
Latest updateMay 13
Description
A vulnerability in the password change function of Cisco Prime Collaboration Provisioning could allow an authenticated, remote attacker to cause the system to become inoperable. The vulnerability is due to insufficient validation of a password change request. An attacker could exploit this vulnerability by changing a specific administrator account password. A successful exploit could allow the attacker to cause the affected device to become inoperable, resulting in a denial of service (DoS) cond…
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6
Affected Packages3 packages
▶CVEListV5cisco_prime_collaboration_provisioning_unknownCisco Prime Collaboration Provisioning unknown
🔴Vulnerability Details
2GHSA▶
GHSA-j78h-xf75-9x37: A vulnerability in the password change function of Cisco Prime Collaboration Provisioning could allow an authenticated, remote attacker to cause the s↗2022-05-13
CVEList▶
CVE-2018-0391: A vulnerability in the password change function of Cisco Prime Collaboration Provisioning could allow an authenticated, remote attacker to cause the s↗2018-08-01
📋Vendor Advisories
1Cisco▶
Cisco Prime Collaboration Provisioning Unauthorized Password Change Denial of Service Vulnerability↗2018-08-01