Detections
Analytics

Cisco Cloud Services Platform 2.x < 2.1.0 Multiple Vulnerabilities

high Nessus Plugin ID 94054

Language:

Synopsis

The remote network virtual services management device is affected by multiple vulnerabilities.

Description

According to its self-reported version number, the remote Cisco Cloud Services Platform (CSP) device is 2.x prior to 2.1.0. It is, therefore, affected by the following vulnerabilities :

 - A command injection vulnerability exists in the web-based GUI due to improper sanitization of user-supplied input. An authenticated, remote attacker can exploit this to execute arbitrary operating system commands with root privileges. (CVE-2016-6373)

 - A remote code execution vulnerability exists in the web-based GUI due to improper sanitization of user-supplied data from HTTP requests. An unauthenticated, remote attacker can exploit this, via a crafted dnslookup command in an HTTP request, to execute arbitrary code. (CVE-2016-6374)

Solution

Upgrade to Cisco Cloud Services Platform version 2.1.0 or later.

See Also

http://www.nessus.org/u?f34d1428

http://www.nessus.org/u?6eb17f5f

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCva00541

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCuz89093

Plugin Details

Severity: High

ID: 94054

File Name: cisco-sa-20160921-csp2100.nasl

Version: 1.5

Type: local

Family: CISCO

Published: 10/13/2016

Updated: 7/6/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 9

Temporal Score: 6.7

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

CVSS v3

Risk Factor: High

Base Score: 7.2

Temporal Score: 6.3

Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:cisco:cloud_services_platform_2100

Required KB Items: Host/Cisco/CloudServicesPlatform/version, Host/Cisco/CloudServicesPlatform/model

Exploit Ease: No known exploits are available

Patch Publication Date: 9/21/2016

Vulnerability Publication Date: 9/21/2016

Reference Information

CVE: CVE-2016-6373, CVE-2016-6374

BID: 93093, 93095