Multiple vulnerabilities in Cisco Policy Suite



Published: 2019-01-10
Risk Low
Patch available YES
Number of vulnerabilities 2
CVE-ID CVE-2018-15466
CVE-2018-0181
CWE-ID CWE-200
CWE-287
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe 		Policy Suite
Client/Desktop applications / File managers, FTP clients

Vendor Cisco Systems, Inc

Security Bulletin

This security bulletin contains information about 2 vulnerabilities.

1) Information disclosure

EUVDB-ID: #VU16901

Risk: Low

CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-15466

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The vulnerability exists in the Graphite web interface of the Policy and Charging Rules Function (PCRF) due to lack of authentication. A remote attacker with access to the internal VLAN where CPS is deployed can directly connect to the Graphite web interface and access various statistics and Key Performance Indicators (KPIs) regarding the Cisco Policy Suite environment.

Mitigation

Update to version 18.5.0.

Vulnerable software versions

Policy Suite: 12.0.0

External links

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-cps-graphite...


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Improper authentication

EUVDB-ID: #VU16902

Risk: Low

CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-0181

CWE-ID: CWE-287 - Improper Authentication

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass authentication.

The vulnerability exists in the Redis implementation due to improper authentication when accessing the Redis server. A remote attacker can modify key-value pairs stored within the Redis server database and reduce the efficiency of the software.

Mitigation

Update to version 18.3.0.

Vulnerable software versions

Policy Suite: 13.0.0

External links

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-cps-redis


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###