Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2018-15379 | First vendor Publication | 2018-10-05 |
Vendor | Cve | Last vendor Modification | 2019-10-09 |
Security-Database Scoring CVSS v3
Cvss vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | |||
---|---|---|---|
Overall CVSS Score | 9.8 | ||
Base Score | 9.8 | Environmental Score | 9.8 |
impact SubScore | 5.9 | Temporal Score | 9.8 |
Exploitabality Sub Score | 3.9 | ||
Attack Vector | Network | Attack Complexity | Low |
Privileges Required | None | User Interaction | None |
Scope | Unchanged | Confidentiality Impact | High |
Integrity Impact | High | Availability Impact | High |
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A vulnerability in which the HTTP web server for Cisco Prime Infrastructure (PI) has unrestricted directory permissions could allow an unauthenticated, remote attacker to upload an arbitrary file. This file could allow the attacker to execute commands at the privilege level of the user prime. This user does not have administrative or root privileges. The vulnerability is due to an incorrect permission setting for important system directories. An attacker could exploit this vulnerability by uploading a malicious file by using TFTP, which can be accessed via the web-interface GUI. A successful exploit could allow the attacker to run commands on the targeted application without authentication. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15379 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-732 | Incorrect Permission Assignment for Critical Resource (CWE/SANS Top 25) |
CPE : Common Platform Enumeration
SAINT Exploits
Description | Link |
---|---|
Cisco Prime Infrastructure TFTP file upload vulnerability | More info here |
Snort® IPS/IDS
Date | Description |
---|---|
2020-12-05 | Cisco Prime Infrastructure arbitrary JSP file upload attempt RuleID : 48015 - Revision : 1 - Type : SERVER-WEBAPP |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2018-10-16 | Name : The remote Cisco Prime Infrastructure application running on the remote host ... File : cisco_prime_infrastructure_tftp_upload_rce.nasl - Type : ACT_GATHER_INFO |
2018-10-12 | Name : The remote Cisco Prime Infrastructure application running on the remote host ... File : cisco_prime_infrastructure_20181003-pi-tftp.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2021-05-04 13:09:32 |
|
2021-04-22 02:23:06 |
|
2020-12-05 21:23:46 |
|
2020-05-23 13:17:10 |
|
2020-05-23 01:08:04 |
|
2019-10-10 05:20:25 |
|
2019-10-03 09:20:54 |
|
2019-01-10 17:19:02 |
|
2018-10-14 17:19:50 |
|
2018-10-12 21:19:42 |
|
2018-10-09 17:19:40 |
|
2018-10-07 17:19:24 |
|
2018-10-05 21:19:41 |
|