Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Informations
Name CVE-2018-15379 First vendor Publication 2018-10-05
Vendor Cve Last vendor Modification 2019-10-09

Security-Database Scoring CVSS v3

Cvss vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Overall CVSS Score 9.8
Base Score 9.8 Environmental Score 9.8
impact SubScore 5.9 Temporal Score 9.8
Exploitabality Sub Score 3.9
 
Attack Vector Network Attack Complexity Low
Privileges Required None User Interaction None
Scope Unchanged Confidentiality Impact High
Integrity Impact High Availability Impact High
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score 7.5 Attack Range Network
Cvss Impact Score 6.4 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A vulnerability in which the HTTP web server for Cisco Prime Infrastructure (PI) has unrestricted directory permissions could allow an unauthenticated, remote attacker to upload an arbitrary file. This file could allow the attacker to execute commands at the privilege level of the user prime. This user does not have administrative or root privileges. The vulnerability is due to an incorrect permission setting for important system directories. An attacker could exploit this vulnerability by uploading a malicious file by using TFTP, which can be accessed via the web-interface GUI. A successful exploit could allow the attacker to run commands on the targeted application without authentication.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15379

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-732 Incorrect Permission Assignment for Critical Resource (CWE/SANS Top 25)

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 10

SAINT Exploits

Description Link
Cisco Prime Infrastructure TFTP file upload vulnerability More info here

Snort® IPS/IDS

Date Description
2020-12-05 Cisco Prime Infrastructure arbitrary JSP file upload attempt
RuleID : 48015 - Revision : 1 - Type : SERVER-WEBAPP

Nessus® Vulnerability Scanner

Date Description
2018-10-16 Name : The remote Cisco Prime Infrastructure application running on the remote host ...
File : cisco_prime_infrastructure_tftp_upload_rce.nasl - Type : ACT_GATHER_INFO
2018-10-12 Name : The remote Cisco Prime Infrastructure application running on the remote host ...
File : cisco_prime_infrastructure_20181003-pi-tftp.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source Url
BID http://www.securityfocus.com/bid/105506
CISCO https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-s...
EXPLOIT-DB https://www.exploit-db.com/exploits/45555/
SECTRACK http://www.securitytracker.com/id/1041816

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
Date Informations
2021-05-04 13:09:32
  • Multiple Updates
2021-04-22 02:23:06
  • Multiple Updates
2020-12-05 21:23:46
  • Multiple Updates
2020-05-23 13:17:10
  • Multiple Updates
2020-05-23 01:08:04
  • Multiple Updates
2019-10-10 05:20:25
  • Multiple Updates
2019-10-03 09:20:54
  • Multiple Updates
2019-01-10 17:19:02
  • Multiple Updates
2018-10-14 17:19:50
  • Multiple Updates
2018-10-12 21:19:42
  • Multiple Updates
2018-10-09 17:19:40
  • Multiple Updates
2018-10-07 17:19:24
  • Multiple Updates
2018-10-05 21:19:41
  • First insertion