Cisco Prime Infrastructure TFTP Arbitrary File Upload and Command Execution Vulnerability (cisco-sa-20181003-pi-tftp)

critical Nessus Plugin ID 118145

Synopsis

The remote Cisco Prime Infrastructure application running on the remote host is affected by multiple vulnerabilities.

Description

The Cisco Prime Infrastructure application running on the remote host is affected by an arbitrary file upload flaw, which could lead to a remote code execution vulnerability. This is due to incorrect permissions for various system folders, which a file could be uploaded to via TFTP. The commands in that file could then executes at the privilege level of the user prime or root.

Solution

Upgrade to Cisco Prime Infrastructure version 3.3.1 Update 02, 3.4.1, or later.

See Also

http://www.nessus.org/u?35ef295a

Plugin Details

Severity: Critical

ID: 118145

File Name: cisco_prime_infrastructure_tftp_upload_rce.nasl

Version: 1.6

Type: remote

Family: CISCO

Published: 10/16/2018

Updated: 11/1/2019

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.2

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2018-15379

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:cisco:prime_infrastructure

Required KB Items: installed_sw/Prime Infrastructure, Services/udp/tftp

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 10/3/2018

Vulnerability Publication Date: 10/3/2018

Exploitable With

Metasploit (Cisco Prime Infrastructure Unauthenticated Remote Code Execution)

Reference Information

CVE: CVE-2018-15379

CISCO-SA: cisco-sa-20181003-pi-tftp

CISCO-BUG-ID: CSCvk24890