#VU13221 Privilege escalation in Cisco Wide Area Application Services
Vulnerability identifier: #VU13221
Vulnerability risk: Low
CVSSv3.1: 5.8 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-119
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
Cisco Wide Area Application Services
Server applications /
Other server solutions
Vendor: Cisco Systems, Inc
Description
The vulnerability allows a local high-privileged ttacker to gain elevated privileges the target system.
The vulnerability exists n the Disk Check Tool (disk-check.sh) for Cisco Wide Area Application Services (WAAS) Software due to insufficient validation of script files executed in the context of the Disk Check Tool. A local attacker with super user privileges (level 15) can replace one script file with a malicious script file while the affected tool is running, gain root-level privileges and take full control of the device.
Mitigation
Update to versions 6.4(3.66), 6.4(1c)12, 6.4(1b)9, 6.2(3e)40.
Vulnerable software versions
Cisco Wide Area Application Services: 6.2.3
External links
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-waas-priv-es...
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
