#VU67740 File and Directory Information Exposure in Cisco Systems, Inc Operating systems & Components
Vulnerability identifier: #VU67740
Vulnerability risk: Low
CVSSv3.1: 4 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-538
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
Catalyst 3600 Series Switches
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Catalyst 3800 Series Switches
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Catalyst 9200 Series Switches
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Catalyst 9300 Series Switches
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Catalyst 9400 Series Switches
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Catalyst 9500 Series Switches
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Catalyst 9600 Series Switches
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Cisco IOS XE ROM Monitor
Operating systems & Components /
Operating system
Vendor: Cisco Systems, Inc
Description
The vulnerability allows a local attacker to gain access to potentially sensitive information.
The vulnerability exists due to a problem with the file and boot variable permissions in the password-recovery disable feature. An attacker with physical access can gain unauthorized access to sensitive information on the system.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
Catalyst 3600 Series Switches: All versions
Catalyst 3800 Series Switches: All versions
Catalyst 9200 Series Switches: All versions
Catalyst 9300 Series Switches: All versions
Catalyst 9400 Series Switches: All versions
Catalyst 9500 Series Switches: All versions
Catalyst 9600 Series Switches: All versions
External links
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-info-disc-nrORXjO
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
