cisco-sa-20180328-xepriv: Cisco IOS XE Software Web UI Remote Access Privilege Escalation Vulnerability
First published: Wed Mar 28 2018(Updated: )
This advisory is part of the March 28, 2018, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes 20 Cisco Security Advisories that describe 22 vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: March 2018 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco IOS XE |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of Cisco-SA-20180328-XEPRIV?
The severity of Cisco-SA-20180328-XEPRIV varies based on the specific vulnerabilities, but many are rated as high.
How do I fix Cisco-SA-20180328-XEPRIV?
To fix Cisco-SA-20180328-XEPRIV, upgrade to the recommended fixed software version as specified in the advisory.
What software is affected by Cisco-SA-20180328-XEPRIV?
Cisco-SA-20180328-XEPRIV affects Cisco IOS and IOS XE Software.
Are there any workarounds for Cisco-SA-20180328-XEPRIV?
Temporary workarounds may be available, but specific measures will depend on the affected vulnerability.
Is there a risk of exploitation for Cisco-SA-20180328-XEPRIV?
Yes, vulnerabilities listed in Cisco-SA-20180328-XEPRIV may be exploited by attackers if not addressed.
- agent/type
- agent/event
- collector/cisco-advisory
- source/Cisco
- agent/last-modified-date
- agent/weakness
- agent/references
- agent/severity
- agent/title
- agent/first-publish-date
- agent/description
- agent/source
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco ios xe