Cisco Content Security Management Appliance Network Configuration Flaw Lets Local Users Obtain Root Privileges - SecurityTracker

Home | View Topics | Search | Contact Us |

SecurityTracker
Archives

Category: Device (Embedded Server/Appliance) > Cisco Content Security Management Appliance

Cisco Content Security Management Appliance Network Configuration Flaw Lets Local Users Obtain Root Privileges

SecurityTracker Alert ID: 1040221

SecurityTracker URL: http://securitytracker.com/id/1040221

CVE Reference: CVE-2018-0095 (Links to External Site)

Date: Jan 17 2018

Impact: Root access via local system

Fix Available: Yes Vendor Confirmed: Yes

Description: A vulnerability was reported in Cisco Content Security Management Appliance. A local user can obtain root privileges on the target system.

A local user with guest user privileges can supply specially crafted commands via the administrative shell command line interface to exploit a network configuration flaw and gain root privileges.

The vendor has assigned bug ID CSCvb35726 to this vulnerability.

Impact: A local user can obtain root privileges on the target system.

Solution: The vendor has issued a fix.

The vendor advisory is available at:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180117-esasma

Vendor URL: tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180117-esasma (Links to External Site)

Cause: Configuration error

Message History: None.

Source Message Contents

Subject: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180117-esasma

Go to the Top of This SecurityTracker Archive Page

Home | View Topics | Search | Contact Us
This web site uses cookies for web analytics. Learn More
Copyright 2019, SecurityGlobal.net LLC