Main Vulnerability Database Vulnerabilities #VU12793

Privilege escalation in Cisco Digital Network Architecture Center - CVE-2018-0268

Published: May 17, 2018

Vulnerability identifier: #VU12793

CSH Severity: High

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber

CVE-ID: CVE-2018-0268

CWE-ID: CWE-358

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Cisco Systems, Inc

Affected software:
Cisco Digital Network Architecture Center

Detailed vulnerability description

The vulnerability allows a remote attacker to bypass authentication and gain elevated privileges on the target system.

The weakness exist in the container management subsystem due to an insecure default configuration of the Kubernetes container management subsystem within DNA Center. A remote attacker can access the Kubernetes service port and execute arbitrary commands with elevated privileges within provisioned containers.

Successful exploitation of the vulnerability may result in system compromise.

How to mitigate CVE-2018-0268

Update to version 1.1.4.

Sources

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180516-dna

Privilege escalation in Cisco Digital Network Architecture Center - CVE-2018-0268

Detailed vulnerability description

How to mitigate CVE-2018-0268

Sources

Please verify you're human