cisco-sa-20190109-cps-graphite-access: Cisco Policy Suite Graphite Unauthenticated Read-Only Access Vulnerability
First published: Wed Jan 09 2019(Updated: )
A vulnerability in the Graphite web interface of the Policy and Charging Rules Function (PCRF) of Cisco Policy Suite (CPS) could allow an unauthenticated, remote attacker to access the Graphite web interface. The attacker would need to have access to the internal VLAN where CPS is deployed. The vulnerability is due to lack of authentication. An attacker could exploit this vulnerability by directly connecting to the Graphite web interface. An exploit could allow the attacker to access various statistics and Key Performance Indicators (KPIs) regarding the Cisco Policy Suite environment. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-cps-graphite-access
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Policy Suite Software |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of cisco-sa-20190109-cps-graphite-access?
The severity of cisco-sa-20190109-cps-graphite-access is considered high due to the potential for unauthorized access to sensitive data.
How do I fix cisco-sa-20190109-cps-graphite-access?
To fix cisco-sa-20190109-cps-graphite-access, ensure that proper access controls are implemented to restrict unauthorized access to the Graphite web interface.
Who is affected by cisco-sa-20190109-cps-graphite-access?
Organizations using Cisco Policy Suite with the Graphite web interface are affected by cisco-sa-20190109-cps-graphite-access.
What type of attackers can exploit cisco-sa-20190109-cps-graphite-access?
An unauthenticated, remote attacker with access to the internal VLAN can exploit cisco-sa-20190109-cps-graphite-access.
What could an attacker gain by exploiting cisco-sa-20190109-cps-graphite-access?
An attacker exploiting cisco-sa-20190109-cps-graphite-access could gain unauthorized access to the Graphite web interface, potentially allowing them to view or manipulate sensitive data.
- agent/type
- agent/event
- agent/last-modified-date
- agent/first-publish-date
- collector/cisco-advisory
- source/Cisco
- agent/references
- agent/severity
- agent/title
- agent/weakness
- agent/description
- agent/source
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco policy suite software