#VU13426 Privilege escalation in Cisco NX-OS - CVE-2018-0293

Cybersecurity Help s.r.o.

Published: 2018-06-22

Vulnerability identifier: #VU13426

Vulnerability risk: Low

CVSSv4.0: 6.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2018-0293

CWE-ID: CWE-264

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Cisco NX-OS
Operating systems & Components / Operating system

Vendor: Cisco Systems, Inc

Description

The vulnerability allows a remote authenticated attacker to gain elevated privileges on the target system.

The vulnerability exists in role-based access control (RBAC)due to incorrect RBAC privilege assignment for certain CLI commands. A remote attacker can authenticate to a device as a nonadministrative user, executing specific commands from the CLI, gain elevated privileges and run arbitrary commands to modify the configuration or boot image on the device.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Cisco NX-OS: All versions

External links
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosrbac

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Cisco NX-OS