Patch/Configuration Management, Vulnerability Management

Cisco patches password-related vulnerability

Cisco has issued an update that patches a vulnerability, rated high, in the password change function of Cisco Prime Collaboration Provisioning.

The issue, CVE-2018-0391, is due to insufficient validation of a password change request that would allow an attacker to exploit the vulnerability by changing a specific administrator account password that could lead to the affected device becoming inoperable, resulting in a denial of service condition, the company said.

This vulnerability affects Cisco Prime Collaboration Provisioning version 12.2 and prior and there are no workarounds for the issue.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.