Multiple vulnerabilities in Cisco Policy Suite
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 6 |
| CVE-ID | CVE-2018-0392 CVE-2018-0393 CVE-2018-0376 CVE-2018-0377 CVE-2018-0374 CVE-2018-0375 |
| CWE-ID | CWE-200 CWE-285 CWE-306 CWE-798 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Policy Suite Client/Desktop applications / File managers, FTP clients |
| Vendor | Cisco Systems, Inc |
Security Bulletin
This security bulletin contains information about 6 vulnerabilities.
1) Information disclosure
EUVDB-ID: #VU13943
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-0392
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to obtain potentially sensitive information.
The vulnerability exists due to insufficient access control permissions. A local attacker can log in to the CLI and access potentially sensitive files that are owned by a different user.
MitigationUpdate to version 18.0.0.
Policy Suite: 14.0.0
External linksQ & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Improper authorization
EUVDB-ID: #VU13944
Risk: Low
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-0393
CWE-ID:
CWE-285 - Improper Authorization
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to make policy changes in the Policy Builder interface.
The vulnerability exists in the Policy Builder interface of Cisco Policy Suite due to insufficient authorization controls. A remote attacker can access the Policy Builder interface, modify an HTTP request and make changes to existing policies.
MitigationUpdate to version 18.0.2.
Policy Suite: 18.0.0
External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Authentication bypass
EUVDB-ID: #VU13945
Risk: Low
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-0376
CWE-ID:
CWE-306 - Missing Authentication for Critical Function
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authentication on the target system.
The vulnerability exists in the Policy Builder interface of Cisco Policy Suite due to lack of authentication. A remote attacker can bypass authentication, access the Policy Builder interface and make changes to existing repositories and create new repositories.
MitigationUpdate to version 18.0.2.
Policy Suite: 18.0.0
External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Authentication bypass
EUVDB-ID: #VU13946
Risk: Low
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-0377
CWE-ID:
CWE-306 - Missing Authentication for Critical Function
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authentication on the target system.
The vulnerability exists in the Open Systems Gateway initiative (OSGi) interface of Cisco Policy Suite due to lack of authentication. A remote attacker can bypass authentication, directly connect to the OSGi interface to access or change any files that are accessible by the OSGi process.
MitigationUpdate to version 18.1.0.
Policy Suite: 14.0.0
External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Authentication bypass
EUVDB-ID: #VU13947
Risk: Low
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-0374
CWE-ID:
CWE-306 - Missing Authentication for Critical Function
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authentication on the target system.
The vulnerability exists in the Policy Builder database of Cisco Policy Suite due to lack of authentication. A remote attacker can bypass authentication, directly connect to the to the Policy Builder database to access and change any data in the Policy Builder database.
MitigationUpdate to version 18.1.0.
Policy Suite: 14.0.0
External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Use of hard-coded credentials
EUVDB-ID: #VU13948
Risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-0375
CWE-ID:
CWE-798 - Use of Hard-coded Credentials
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary commands on the target system.
The vulnerability exists in the Cluster Manager of Cisco Policy Suite due to the presence of undocumented, static user credentials for the root account. A remote attacker can use the account to log in to the system execute arbitrary commands with root privileges.
Update to version 18.1.0, 18.2.0.
Policy Suite: 14.0.0
External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
