CVE-2018-0096

Name of the Vulnerable Software and Affected Versions: Cisco Prime Infrastructure (affected versions not specified)

Description: A vulnerability in the role-based access control (RBAC) functionality could allow an authenticated, remote attacker to perform a privilege escalation. This is due to a failure to properly enforce RBAC for virtual domains. An attacker could exploit this by sending an authenticated, crafted HTTP request to a targeted application, potentially bypassing RBAC policies to modify a virtual domain and access normally inaccessible resources.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.