#VU53746 Improper Authorization in Cisco Virtualized Packet Core and Cisco StarOS
Vulnerability identifier: #VU53746
Vulnerability risk: Medium
CVSSv3.1: 7.1 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-285
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
Cisco Virtualized Packet Core
Client/Desktop applications /
Virtualization software
Cisco StarOS
Operating systems & Components /
Operating system
Vendor: Cisco Systems, Inc
Description
The vulnerability allows a remote user to gain unauthorized access to the system.
The vulnerability exists in the authorization process of Cisco ASR 5000 Series Software (StarOS) due to incorrect authorization of non-interactive CLI commands. A remote authenticate user can bypass TACACS authorization by sending a crafted Secure Shell (SSH) request to an affected device and execute a certain CLI commands.
Successful exploitation of the vulnerability may result in unauthorized access to sensitive information or denial of service condition.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
Cisco Virtualized Packet Core: All versions
External links
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-autho-bypass-mJDF5S7n
http://bst.cloudapps.cisco.com/bugsearch/bug/CSCvu85001
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
