Cisco warns of serious CLI command injection vulnerability in its Integrated Management Controller

Cisco

A serious security vulnerability exists in Cisco Integrated Management Controller (IMC) which can be used by an attacker to elevate privileges to root.

The company has issued a warning about the vulnerability and acknowledged the availability of proof-of-concept exploit code for it. The high severity warning is accompanied by the release of patches, as well as a note that there is no workaround other than a software update.

See also:

The vulnerability has a CVSS score of 8.8, and Cisco says of it: "A vulnerability in the CLI of the Cisco Integrated Management Controller (IMC) could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, the attacker must have read-only or higher privileges on an affected device".

The company continues:

This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted CLI command. A successful exploit could allow the attacker to elevate privileges to root.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

There is a fairly lengthy list of affected products:

  • 5000 Series Enterprise Network Compute Systems (ENCS)
  • Catalyst 8300 Series Edge uCPE
  • UCS C-Series Rack Servers in standalone mode
  • UCS E-Series Servers
  • 5520 and 8540 Wireless Controllers
  • Application Policy Infrastructure Controller (APIC) Servers
  • Business Edition 6000 and 7000 Appliances
  • Catalyst Center Appliances, formerly DNA Center (DNAC)
  • Cloud Services Platform (CSP) 5000 Series
  • Common Services Platform Collector (CSPC) Appliances
  • Connected Mobile Experiences (CMX) Appliances
  • Connected Safety and Security UCS Platform Series Servers
  • Cyber Vision Center Appliances
  • Expressway Series Appliances
  • HyperFlex Edge Nodes
  • HyperFlex Nodes in HyperFlex Datacenter without Fabric Interconnect (DC-NO-FI) deployment mode
  • IEC6400 Edge Compute Appliances
  • IOS XRv 9000 Appliances
  • Meeting Server 1000 Appliances
  • Nexus Dashboard Appliances
  • Prime Infrastructure Appliances
  • Prime Network Registrar Jumpstart Appliances
  • Secure Email Gateways
  • Secure Email and Web Manager
  • Secure Endpoint Private Cloud Appliances
  • Secure Firewall Management Center Appliances, formerly Firepower Management Center
  • Secure Malware Analytics Appliances
  • Secure Network Analytics Appliances
  • Secure Network Server Appliances
  • Secure Web Appliances 
  • Secure Workload Servers
  • Telemetry Broker Appliances

More information about the vulnerability, as well as details of how to obtain the update, can be found here.

Image credit: Mohamed Ahmed SolimanDreamstime.com

Comments are closed.

© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.