cisco-sa-caf-3dXM8exv: Cisco IOx Application Framework Arbitrary File Creation Vulnerability
First published: Wed Jun 03 2020(Updated: )
A vulnerability in the Cisco Application Framework component of the Cisco IOx application environment could allow an authenticated, remote attacker to write or modify arbitrary files in the virtual instance that is running on the affected device. The vulnerability is due to insufficient input validation of user-supplied application packages. An attacker who can upload a malicious package within Cisco IOx could exploit the vulnerability to modify arbitrary files. The impacts of a successful exploit are limited to the scope of the virtual instance and do not affect the device that is hosting Cisco IOx. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-caf-3dXM8exv
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco platform | =IR510 WPAN Industrial Routers<IR510 Operating System Release 6.1.27=IOS XE devices:<Cisco IOS XE Software Release 17.2(1)>=IC3000 Industrial Compute Gateway<=IE 4000 Series Switches<Cisco IOS Software Release 15.2.(7a)E0b=CGR1000 Compute Module<IOx image for CGR1000 Release 1.10.0.6=800 Series ISRs<Not fixed; IOx has reached end of life on the Cisco 800 Series ISRs.=800 Series Industrial ISRs<Cisco IOS Software Release 15.9(3)M | IR510 Operating System Release 6.1.27 Cisco IOS XE Software Release 17.2(1) Cisco IOS Software Release 15.2.(7a)E0b IOx image for CGR1000 Release 1.10.0.6 Not fixed; IOx has reached end of life on the Cisco 800 Series ISRs. Cisco IOS Software Release 15.9(3)M |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is Cisco SA CAF 3dXM8exv vulnerability?
Cisco SA CAF 3dXM8exv is an arbitrary file creation vulnerability in the Cisco IOx application environment that allows an authenticated, remote attacker to write or modify arbitrary files in the virtual instance running on the affected device.
What is the severity of Cisco SA CAF 3dXM8exv vulnerability?
The severity of Cisco SA CAF 3dXM8exv vulnerability is high, with a severity value of 8.1.
How does Cisco SA CAF 3dXM8exv vulnerability occur?
Cisco SA CAF 3dXM8exv vulnerability occurs due to insufficient input validation in the Cisco Application Framework component of the Cisco IOx application environment.
Which software versions are affected by Cisco SA CAF 3dXM8exv vulnerability?
The affected software versions include IR510 Operating System Release 6.1.27, Cisco IOS XE Software Release 17.2(1), Cisco IOS Software Release 15.2.(7a)E0b, IOx image for CGR1000 Release 1.10.0.6, and Cisco IOS Software Release 15.9(3)M.
How can I fix Cisco SA CAF 3dXM8exv vulnerability?
To fix Cisco SA CAF 3dXM8exv vulnerability, apply the recommended software updates provided by Cisco or follow the mitigation steps mentioned in the Cisco security advisory.
- agent/references
- agent/title
- agent/weakness
- agent/severity
- agent/description
- agent/type
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/cisco-advisory
- source/Cisco
- agent/software-canonical-lookup
- vendor/cisco
- canonical/cisco platform
- version/cisco platform/ir510 wpan industrial routers
- version/cisco platform/ios xe devices:
- version/cisco platform/ic3000 industrial compute gateway
- version/cisco platform/ie 4000 series switches
- version/cisco platform/cgr1000 compute module
- version/cisco platform/800 series isrs
- version/cisco platform/800 series industrial isrs