Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistCiscoCVELIST:CVE-2018-0096
HistoryJan 18, 2018 - 6:00 a.m.

CVE-2018-0096

2018-01-1806:00:00
CWE-264
cisco
www.cve.org
6

AI Score

6

Confidence

High

EPSS

0.001

Percentile

44.2%

JSON

A vulnerability in the role-based access control (RBAC) functionality of Cisco Prime Infrastructure could allow an authenticated, remote attacker to perform a privilege escalation in which one virtual domain user can view and modify another virtual domain configuration. The vulnerability is due to a failure to properly enforce RBAC for virtual domains. An attacker could exploit this vulnerability by sending an authenticated, crafted HTTP request to a targeted application. An exploit could allow the attacker to bypass RBAC policies on the targeted system to modify a virtual domain and access resources that are not normally accessible. Cisco Bug IDs: CSCvg36875.

CNA Affected

[
  {
    "product": "Cisco Prime Infrastructure",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Cisco Prime Infrastructure"
      }
    ]
  }
]

Related

cve 1
cisco 1
prion 1
nvd 1
cve
cve
CVE-2018-0096
2018-01-18 06:29:00
cisco
cisco
Cisco Prime Infrastructure Privilege Escalation Vulnerability
2018-01-17 16:00:00
prion
prion
Design/Logic Flaw
2018-01-18 06:29:00
nvd
nvd
CVE-2018-0096
2018-01-18 06:29:00

AI Score

6

Confidence

High

EPSS

0.001

Percentile

44.2%

JSON
Related for CVELIST:CVE-2018-0096
cve1cisco1prion1nvd1