Command injection in Cisco Secure Access Control

#VU10897 Command injection in Cisco Secure Access Control

Published: 2018-03-09 | Updated: 2022-03-25

Vulnerability identifier: #VU10897

Vulnerability risk: Low

CVSSv3.1: 9.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C]

CVE-ID: CVE-2018-0147

CWE-ID: CWE-77

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Cisco Secure Access Control
Server applications / Directory software, identity management

Vendor: Cisco Systems, Inc

Description

The vulnerability allows a remote attacker to execute arbitrary commands on the target system.

The weakness exists in Java deserialization due to insecure deserialization of user-supplied content. A remote attacker can send a specially crafted serialized Java object and execute arbitrary commands on the device with root privileges.

Mitigation
Update to version 5.8 patch 9.

Vulnerable software versions

Cisco Secure Access Control: 5.2.0.3

External links
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180307-acs2

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Cisco Secure Access Control