CVE-2018-0321

Name of the Vulnerable Software and Affected Versions Cisco Prime Collaboration Provisioning versions 11.6 and prior

Description A vulnerability in Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to access the Java Remote Method Invocation (RMI) system due to an open port in the Network Interface and Configuration Engine (NICE) service. An attacker could exploit this vulnerability by accessing the open RMI system, allowing them to perform malicious actions that affect the system and connected devices.

Recommendations For versions 11.6 and prior, update to a version later than 11.6 to resolve the issue. As a temporary workaround, consider restricting access to the open RMI system in the NICE service to minimize the risk of exploitation.