#VU15772 Privilege escalation in Cisco Systems, Inc products - CVE-2018-0284

Cybersecurity Help s.r.o.

Published: 2018-11-07 | Updated: 2018-11-08

Vulnerability identifier: #VU15772

Vulnerability risk: Low

CVSSv4.0: 6.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2018-0284

CWE-ID: CWE-264

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Meraki Z3
Hardware solutions / Firmware
Meraki Z1
Hardware solutions / Firmware
Meraki MX
Hardware solutions / Firmware
Meraki MS
Hardware solutions / Firmware
Meraki MR
Hardware solutions / Firmware

Vendor: Cisco Systems, Inc

Description

The vulnerability allows a remote authenticated attacker to gain elevated privileges on the target system.

The vulnerability exists in the local status page functionality due to an error when handling requests to the local status page. A remote unauthenticated attacker can establish an interactive session, gain elevated privileges to further compromise the device or obtain additional configuration data from the device that is being exploited.

Mitigation
Update Meraki MR to version 9.37, 24.13, 25.1.
Update Meraki MS to version 9.37, 10.20.
Update Meraki MX to version 14.25, 15.7.
Update Meraki Z1 to version 14.25, 15.7.
Update Meraki Z3 to version 14.25, 15.7.

Vulnerable software versions

Meraki Z3: before 14.25

Meraki Z1: before 14.25

Meraki MX: before 14.25

Meraki MS: before 9.37

Meraki MR: before 9.37

External links
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-meraki

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Privilege escalation in Cisco Meraki