Cisco UCS Director Code Injection (CSCur02877) (Shellshock)
critical Nessus Plugin ID 78770
Language:
Synopsis
The remote host is running a vulnerable version of Bash.Description
According to its self-reported version, the remote host is running a version of Cisco UCS Director that could be affected by a command injection vulnerability in GNU Bash known as Shellshock, which is due to the processing of trailing strings after function definitions in the values of environment variables. This allows a remote attacker to execute arbitrary code via environment variable manipulation depending on the configuration of the system.Authentication on the system is required before this vulnerability can be exploited.
Solution
Apply the patch or upgrade to the version recommended in Cisco bug ID CSCur02877See Also
https://tools.cisco.com/bugsearch/bug/CSCur02877
Plugin Details
Severity: Critical
ID: 78770
File Name: cisco_ucs_director_CSCur02877.nasl
Version: 1.15
Type: combined
Family: CISCO
Published: 10/31/2014
Updated: 1/31/2022
Configuration: Enable paranoid mode
Risk Information
VPR
Risk Factor: Critical
Score: 9.5
CVSS v2
Risk Factor: Critical
Base Score: 10
Temporal Score: 8.7
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Temporal Vector: E:H/RL:OF/RC:C
CVSS Score Source: CVE-2014-7187
Vulnerability Information
CPE: cpe:/a:cisco:ucs_director
Required KB Items: Host/Cisco/UCSDirector/version, Settings/ParanoidReport
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 10/2/2014
Vulnerability Publication Date: 9/24/2014
CISA Known Exploited Dates: 7/28/2022
Exploitable With
Core Impact
Metasploit (CUPS Filter Bash Environment Variable Code Injection (Shellshock))
Reference Information
CVE: CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7187