1 week ago

Hard-Coded Password in Cisco Software Lets Attackers Take Over Linux Servers


A medium yet critical vulnerability has been discovered in Cisco Prime Collaboration Provisioning software that will could allow a local attacker to elevate privileges to root in addition to also take full control of a system.

Cisco Prime Collaboration Provisioning (PCP) application allows administrators to remotely control the installation in addition to also management of Cisco communication devices (integrated IP telephony, video, voicemail) deployed inside the company in addition to also services for its subscribers.

The vulnerability (CVE-2018-0141) will be due to a hard-coded password for Secure Shell (SSH), which could be exploited by a local attacker to connect to the PCP’s Linux operating system in addition to also gain low-level privileges.

Cisco PCP Hard-Coded Password Flaw

According to an advisory released by Cisco, with low-level privileges, an attacker could then elevate its privileges to root in addition to also take full control of the affected devices.

Although This kind of vulnerability has been given a Common Vulnerability Scoring System (CVSS) base score of 5.9 out of 10, Cisco has rated This kind of bug as critical, as there are “extenuating circumstances” that will could allow attackers to elevate their privileges to root.

The company itself detected This kind of bug during “internal security testing,” in addition to also said that will This kind of only affects PCP type 11.6, released in November 2016.

Along with various other security patches for its various other products, Cisco has patched This kind of vulnerability with the Discharge of Cisco PCP software type 12.1.

Cisco Secure ACS Remote Code Execution Flaw

Besides Cisco PCP flaw, the company has also patched a critical Java deserialization vulnerability affecting its Secure Access Control System (ACS), a product that will offers authentication, accounting, in addition to also authorization services to network devices.

Cisco Secure ACS flaw (CVE-2018-0147) could allow an unauthenticated attacker to remotely execute malicious code on vulnerable devices with root privileges without requiring any credential, the company said in its advisory.

This kind of vulnerability has been given a Common Vulnerability Scoring System (CVSS) base score of 9.8 out of 10, rated as critical, as This kind of allows attackers to execute arbitrary commands on the affected device with “root” privileges.

This kind of flaw affects all versions of Cisco Secure ACS before Discharge 5.8 patch 9. However, systems running Cisco Secure ACS type 5.8 Patch 7 or Patch 8 require authentication in order to exploit This kind of vulnerability, which has been given a CVSS base score of 8.8.

This kind of vulnerability has been fixed in Cisco Secure ACS Cumulative Patch.

The company will be strongly encouraging users to update their software to the latest versions as soon as possible, as there are no workarounds to patch these vulnerabilities.

Article Categories:
Security Hacks

Leave a Comment

Your email address will not be published. Required fields are marked *

ten − 7 =