Privilege escalation in Cisco Meraki

1) Privilege escalation

EUVDB-ID: #VU15772

Risk: Low

CVSSv4.0: 6.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2018-0284

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a remote authenticated attacker to gain elevated privileges on the target system.

The vulnerability exists in the local status page functionality due to an error when handling requests to the local status page. A remote unauthenticated attacker can establish an interactive session, gain elevated privileges to further compromise the device or obtain additional configuration data from the device that is being exploited.

Mitigation

Update Meraki MR to version 9.37, 24.13, 25.1.
Update Meraki MS to version 9.37, 10.20.
Update Meraki MX to version 14.25, 15.7.
Update Meraki Z1 to version 14.25, 15.7.
Update Meraki Z3 to version 14.25, 15.7.

Vulnerable software versions

Meraki Z3: before 14.25

Meraki Z1: before 14.25

Meraki MX: before 14.25

Meraki MS: before 9.37

Meraki MR: before 9.37

CPE2.3

• cpe:2.3:h:cisco_systems:meraki_z3:*:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:meraki_z1:*:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:meraki_mx:*:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:meraki_ms:*:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:meraki_mr:*:*:*:*:*:*:*:*

External links

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-meraki

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.