Main Vulnerability Database Vulnerabilities #VU13222

#VU13222 Information disclosure (backdoor) in Cisco Wide Area Application Services - CVE-2018-0329

Published: June 7, 2018 / Updated: June 8, 2018

Vulnerability identifier: #VU13222

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2018-0329

CWE-ID: CWE-798

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Cisco Wide Area Application Services

Software vendor:
Cisco Systems, Inc

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information the target system.

The vulnerability exists in the default configuration of the Simple Network Management Protocol (SNMP) feature of Cisco Wide Area Application Services (WAAS) Software due to a hard-coded, read-only community string in the configuration file for the SNMP daemon. A remote attacker can use a backdoor account and the static community string in SNMP version 2c queries and read any data that is accessible via SNMP.

Note: The static credentials are defined in an internal configuration file and are not visible in the current operation configuration ('running-config') or the startup configuration ('startup-config').

Remediation

The vulnerability is addressed in the following versions: 6.4(3.46), 6.4(1b)15, 6.2(3e)31.

External links

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-waas-snmp

#VU13222 Information disclosure (backdoor) in Cisco Wide Area Application Services - CVE-2018-0329

Description

Remediation

External links

Please verify you're human