Privilege escalation in Cisco Identity Services Engine

Published: 2017-11-02 10:11:36
Severity Low
Patch available YES
Number of vulnerabilities 1
CVSSv2 3.4 (AV:L/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
CVSSv3 6.7 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE ID CVE-2017-12261
CWE ID CWE-20
Exploitation vector Local
Public exploit Not available
Vulnerable software Cisco Identity Services Engine
Vulnerable software versions Cisco Identity Services Engine 2.2
Cisco Identity Services Engine 2.0.1
Cisco Identity Services Engine 2.1.0
Cisco Identity Services Engine 2.0.0
Cisco Identity Services Engine 1.4
Vendor URL Cisco Systems, Inc
Advisory type Public

Security Advisory

1) Privilege escalation

Description

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The weakness exists in the restricted shell of the Cisco Identity Services Engine (ISE) that is accessible via SSH due to incomplete input validation of the user input for CLI commands issued at the restricted shell. A local attacker can use valid user credentials and run arbitrary CLI commands with elevated privileges.

Remediation

Install update from vendor's website (1.4 patch 12, 2.0 patch 6, 2.1 patch 5, 2.2.0 patch 2).

External links

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171101-ise

Back to List