Privilege escalation in Cisco Web Security Appliance - CVE-2018-0428
Published: August 15, 2018 / Updated: August 16, 2018
Vulnerability identifier: #VU14427
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2018-0428
CWE-ID: CWE-264
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Cisco Systems, Inc
Affected software:
Cisco Web Security Appliance
Cisco Web Security Appliance
Detailed vulnerability description
The vulnerability allows a local attacker to gain elevated privileges on the target system.
The vulnerability exists in the account management subsystem of Cisco Web Security Appliance (WSA) due to improper implementation of access controls. A local attacker can authenticate to the device, escape the CLI subshell and execute system-level commands on the underlying operating system as root.
How to mitigate CVE-2018-0428
The vulnerability has been fixed in the versions 10.1.3-054, 10.5.2-072.