SB2018022217 - Privilege escalation in Cisco Elastic Services Controller
Published: February 22, 2018 Updated: February 26, 2018
Security Bulletin ID
SB2018022217
Severity
Low
Patch available
YES
Number of vulnerabilities
2
Exploitation vector
Remote access
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 2 secuirty vulnerabilities.
1) Privilege escalation (CVE-ID: CVE-2018-0130)
The vulnerability allows a remote attacker to gain elevated privileges on the target system.The weakness exists in the use of JSON web tokens by the web-based service portal of Cisco Elastic Services Controller Software due to the presence of static default credentials for the web-based service portal. A remote attacker can extract the credentials from an image, us those credentials to generate a valid administrative session token for the web-based service portal and gain administrative access to the web-based service portal.
2) Privilege escalation (CVE-ID: CVE-2018-0121)
The vulnerability allows a remote attacker to gain elevated privileges on the target system.The weakness exists in the authentication functionality of the web-based service portal of Cisco Elastic Services Controller Software due to improper security restrictions that are imposed by the web-based service portal. A remote attacker can submit an empty password value to an affected portal when prompted to enter an administrative password for the portal, bypass authentication and gain administrator privileges for the web-based service portal.
Remediation
Install update from vendor's website.