Cisco Prime Infrastructure TFTP Arbitrary File Upload and Command Execution Vulnerability (cisco-sa-20181003-pi-tftp)

High Nessus Plugin ID 118088

Synopsis

The remote Cisco Prime Infrastructure application running on the remote host is affected by multiple vulnerabilities.

Description

The Cisco Prime Infrastructure application running on the remote host is affected by an arbitrary file upload flaw, which could lead to a remote code execution vulnerability. This is due to incorrect permissions for various system folders, which a file could be uploaded to via TFTP. The commands in that file could then executes the prime or root privilege level.

Solution

Upgrade to Cisco Prime Infrastructure version 3.3.1 Update 02, 3.4.1, or later.

See Also

http://www.nessus.org/u?35ef295a

Plugin Details

Severity: High

ID: 118088

File Name: cisco_prime_infrastructure_20181003-pi-tftp.nasl

Version: 1.3

Type: remote

Family: CISCO

Published: 2018/10/12

Modified: 2018/11/13

Dependencies: 90591

Risk Information

Risk Factor: High

CVSS Score Source: CVE-2018-15379

CVSS v2.0

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS v3.0

Base Score: 7.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Vulnerability Information

CPE: cpe:/a:cisco:prime_infrastructure

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2018/10/03

Vulnerability Publication Date: 2018/10/03

Exploitable With

Metasploit (Cisco Prime Infrastructure Unauthenticated Remote Code Execution)

Reference Information

CVE: CVE-2018-15379

CISCO-SA: cisco-sa-20181003-pi-tftp

CISCO-BUG-ID: CSCvk24890