CVE-2018-15379

Cisco Prime Infrastructure Arbitrary File Upload and Command Execution Vulnerability

Severity Score

9.8

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

A vulnerability in which the HTTP web server for Cisco Prime Infrastructure (PI) has unrestricted directory permissions could allow an unauthenticated, remote attacker to upload an arbitrary file. This file could allow the attacker to execute commands at the privilege level of the user prime. This user does not have administrative or root privileges. The vulnerability is due to an incorrect permission setting for important system directories. An attacker could exploit this vulnerability by uploading a malicious file by using TFTP, which can be accessed via the web-interface GUI. A successful exploit could allow the attacker to run commands on the targeted application without authentication.

Una vulnerabilidad por la cual el servidor web HTTP para Cisco Prime Infrastructure (PI) tiene permisos sin restricción en directorios podría permitir que un atacante remoto no autenticado suba un archivo arbitrario. Este archivo podría permitir que el atacante ejecute comandos al nivel de privilegios del usuario prime. Este usuario no tiene privilegios root o administrativos. La vulnerabilidad se debe a una configuración de permisos incorrecta para directorios importantes del sistema. Un atacante podría explotar esta vulnerabilidad subiendo un archivo malicioso mediante TFTP, al cual se puede acceder mediante la interfaz web gráfica. Su explotación con éxito podría permitir que el atacante ejecute comandos en la aplicación objetivo sin autenticación.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2018-08-17 CVE Reserved
2018-10-05 CVE Published
2024-09-12 EPSS Updated
2024-09-16 CVE Updated
2024-09-16 First Exploit
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-275: Permission Issues
CWE-732: Incorrect Permission Assignment for Critical Resource

CAPEC

References (4)

URL	Tag	Source
http://www.securityfocus.com/bid/105506	Third Party Advisory
http://www.securitytracker.com/id/1041816	Third Party Advisory

URL	Date	SRC
https://www.exploit-db.com/exploits/45555	2024-09-16

URL	Date	SRC

URL	Date	SRC
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-pi-tftp	2019-10-09

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Cisco Search vendor "Cisco"		Prime Infrastructure Search vendor "Cisco" for product "Prime Infrastructure"				3.2 Search vendor "Cisco" for product "Prime Infrastructure" and version "3.2"		-		Affected
Cisco Search vendor "Cisco"		Prime Infrastructure Search vendor "Cisco" for product "Prime Infrastructure"				3.2 Search vendor "Cisco" for product "Prime Infrastructure" and version "3.2"		fips		Affected
Cisco Search vendor "Cisco"		Prime Infrastructure Search vendor "Cisco" for product "Prime Infrastructure"				3.2\(0.0\) Search vendor "Cisco" for product "Prime Infrastructure" and version "3.2\(0.0\)"		-		Affected
Cisco Search vendor "Cisco"		Prime Infrastructure Search vendor "Cisco" for product "Prime Infrastructure"				3.2\(1.0\) Search vendor "Cisco" for product "Prime Infrastructure" and version "3.2\(1.0\)"		-		Affected
Cisco Search vendor "Cisco"		Prime Infrastructure Search vendor "Cisco" for product "Prime Infrastructure"				3.2\(2.0\) Search vendor "Cisco" for product "Prime Infrastructure" and version "3.2\(2.0\)"		-		Affected
Cisco Search vendor "Cisco"		Prime Infrastructure Search vendor "Cisco" for product "Prime Infrastructure"				3.3 Search vendor "Cisco" for product "Prime Infrastructure" and version "3.3"		-		Affected
Cisco Search vendor "Cisco"		Prime Infrastructure Search vendor "Cisco" for product "Prime Infrastructure"				3.3\(0.0\) Search vendor "Cisco" for product "Prime Infrastructure" and version "3.3\(0.0\)"		-		Affected
Cisco Search vendor "Cisco"		Prime Infrastructure Search vendor "Cisco" for product "Prime Infrastructure"				3.4 Search vendor "Cisco" for product "Prime Infrastructure" and version "3.4"		-		Affected
Cisco Search vendor "Cisco"		Prime Infrastructure Search vendor "Cisco" for product "Prime Infrastructure"				3.4\(0.0\) Search vendor "Cisco" for product "Prime Infrastructure" and version "3.4\(0.0\)"		-		Affected
Cisco Search vendor "Cisco"		Prime Infrastructure Search vendor "Cisco" for product "Prime Infrastructure"				3.5\(0.0\) Search vendor "Cisco" for product "Prime Infrastructure" and version "3.5\(0.0\)"		-		Affected