#VU11345 Command injection in Cisco IOS XE - CVE-2018-0183
Published: March 29, 2018
Vulnerability identifier: #VU11345
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2018-0183
CWE-ID: CWE-77
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Cisco IOS XE
Cisco IOS XE
Software vendor:
Cisco Systems, Inc
Cisco Systems, Inc
Description
The vulnerability allows a local attacker to gain elevated privileges on the target system.
The weakness exists in the CLI parser of Cisco IOS XE Software due to the affected software improperly sanitizing command arguments to prevent access to internal data structures on a device. A local attacker with privileged EXEC mode (privilege level 15) access can execute CLI commands that contain crafted arguments, gain access to the underlying Linux shell and execute arbitrary commands with root privileges.
The weakness exists in the CLI parser of Cisco IOS XE Software due to the affected software improperly sanitizing command arguments to prevent access to internal data structures on a device. A local attacker with privileged EXEC mode (privilege level 15) access can execute CLI commands that contain crafted arguments, gain access to the underlying Linux shell and execute arbitrary commands with root privileges.
Remediation
Update to version 16.8(0.130), 16.7(1.42), 16.6(2.37), 16.5(1.230), 16.3(5.38), 15.6(2)S, 15.6(1)S2, 15.5(3)S3a, 15.5(3)S3.