CVE-2018-15379: Cisco Prime Infrastructure Arbitrary File Upload and Command Execution Vulnerability
First published: Fri Oct 05 2018(Updated: )
A vulnerability in which the HTTP web server for Cisco Prime Infrastructure (PI) has unrestricted directory permissions could allow an unauthenticated, remote attacker to upload an arbitrary file. This file could allow the attacker to execute commands at the privilege level of the user prime. This user does not have administrative or root privileges. The vulnerability is due to an incorrect permission setting for important system directories. An attacker could exploit this vulnerability by uploading a malicious file by using TFTP, which can be accessed via the web-interface GUI. A successful exploit could allow the attacker to run commands on the targeted application without authentication.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Prime Infrastructure | =3.2 | |
| Cisco Prime Infrastructure | =3.2-fips | |
| Cisco Prime Infrastructure | =3.2\(0.0\) | |
| Cisco Prime Infrastructure | =3.2\(1.0\) | |
| Cisco Prime Infrastructure | =3.2\(2.0\) | |
| Cisco Prime Infrastructure | =3.3 | |
| Cisco Prime Infrastructure | =3.3\(0.0\) | |
| Cisco Prime Infrastructure | =3.4 | |
| Cisco Prime Infrastructure | =3.4\(0.0\) | |
| Cisco Prime Infrastructure | =3.5\(0.0\) |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2018-15379?
CVE-2018-15379 is a vulnerability in the HTTP web server for Cisco Prime Infrastructure (PI) that allows an unauthenticated attacker to upload an arbitrary file and execute commands with the privilege level of the user prime.
What is the severity of CVE-2018-15379?
The severity of CVE-2018-15379 is critical with a CVSS score of 9.8.
How does CVE-2018-15379 impact Cisco Prime Infrastructure?
CVE-2018-15379 allows an unauthenticated attacker to upload files and execute commands on Cisco Prime Infrastructure.
Is there a fix for CVE-2018-15379?
Yes, Cisco has released security updates to address the vulnerability. Users should update to the latest version of Cisco Prime Infrastructure.
Where can I find more information about CVE-2018-15379?
You can find more information about CVE-2018-15379 on the following websites: SecurityFocus, SecurityTracker, and the official Cisco Security Advisory.
- collector/nvd-index
- agent/weakness
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/title
- agent/last-modified-date
- agent/author
- agent/tags
- agent/event
- agent/first-publish-date
- agent/description
- vendor/cisco
- canonical/cisco prime infrastructure
- version/cisco prime infrastructure/3.2
- version/cisco prime infrastructure/3.2-fips
- version/cisco prime infrastructure/3.2\(0.0\)
- version/cisco prime infrastructure/3.2\(1.0\)
- version/cisco prime infrastructure/3.2\(2.0\)
- version/cisco prime infrastructure/3.3
- version/cisco prime infrastructure/3.3\(0.0\)
- version/cisco prime infrastructure/3.4
- version/cisco prime infrastructure/3.4\(0.0\)
- version/cisco prime infrastructure/3.5\(0.0\)