Detections
Analytics

Cisco Web Security Appliance Privilege Escalation (cisco-sa-scr-web-priv-esc-k3HCGJZ)

high Nessus Plugin ID 151661

Language:

Synopsis

The remote device is missing a vendor-supplied security patch.

Description

According to its self-reported version, Cisco Web Security Appliance is affected by a privilege escalation vulnerability. A vulnerability in the configuration management of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to perform command injection and elevate privileges to root. This vulnerability is due to insufficient validation of user-supplied XML input for the web interface. An attacker could exploit this vulnerability by uploading crafted XML configuration files that contain scripting code to a vulnerable device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system and elevate privileges to root. An attacker would need a valid user account with the rights to upload configuration files to exploit this vulnerability.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to the relevant fixed version referenced in Cisco bug ID CSCvv81569

See Also

http://www.nessus.org/u?4eb0fcf3

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv81569

Plugin Details

Severity: High

ID: 151661

File Name: cisco-sa-scr-web-priv-esc-k3HCGJZ.nasl

Version: 1.8

Type: combined

Family: CISCO

Published: 7/15/2021

Updated: 9/21/2023

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 9

Temporal Score: 6.7

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2021-1359

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 7.7

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/h:cisco:web_security_appliance, cpe:/a:cisco:web_security_appliance, cpe:/o:cisco:web_security_appliance, cpe:/o:cisco:asyncos

Required KB Items: Host/AsyncOS/Cisco Web Security Appliance/DisplayVersion, Host/AsyncOS/Cisco Web Security Appliance/Version

Exploit Ease: No known exploits are available

Patch Publication Date: 7/7/2021

Vulnerability Publication Date: 7/7/2021

Reference Information

CVE: CVE-2021-1359

CWE: 112

CISCO-SA: cisco-sa-scr-web-priv-esc-k3HCGJZ

IAVA: 2021-A-0305-S

CISCO-BUG-ID: CSCvv81569