CVE-2018-0317

Name of the Vulnerable Software and Affected Versions: Cisco Prime Collaboration Provisioning (PCP) versions prior to 12.2

Description: A vulnerability in the web interface could allow an authenticated, remote attacker to escalate their privileges due to insufficient web portal access control checks. An attacker could exploit this by modifying an access request, potentially promoting their account to any role defined on the system.

Recommendations: For versions prior to 12.2, update to a version later than 12.2 to resolve the issue. As a temporary workaround, consider restricting access to the web interface to minimize the risk of exploitation.