#VU15214 Command injection in Cisco Prime Infrastructure - CVE-2018-15379
Published: October 9, 2018
Vulnerability identifier: #VU15214
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:A/U:Clear
CVE-ID: CVE-2018-15379
CWE-ID: CWE-77
Exploitation vector: Remote access
Exploit availability:
Public exploit is available
Vulnerable software:
Cisco Prime Infrastructure
Cisco Prime Infrastructure
Software vendor:
Cisco Systems, Inc
Cisco Systems, Inc
Description
The vulnerability allows a remote unauthenticated attacker to execute arbitrary command on the target system.
The weakness exists in the HTTP web server for Cisco Prime Infrastructure (PI) due to incorrect permission setting for important system directories. A remote attacker can upload a malicious file by using TFTP, which can be accessed via the web-interface GUI, run arbitrary commands at the privilege level of the user prime and without authentication.
Remediation
Install update from vendor's website.