CVE-2018-0392

A vulnerability in the CLI of Cisco Policy Suite could allow an authenticated, local attacker to access files owned by another user. The vulnerability is due to insufficient access control permissions (i.e., World-Readable). An attacker could exploit this vulnerability by logging in to the CLI. An exploit could allow the attacker to access potentially sensitive files that are owned by a different user. Cisco Bug IDs: CSCvh18087.

CVSS v3 5.5 MEDIUM
CVSS v2.0 2.1 LOW

5.5^/10

CVSS v3 : MEDIUM

Vector : AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

2.1^/10

CVSS v2.0 : LOW

Vector : AV:L/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 3.9 / Impact : 2.9

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://www.securityfocus.com/bid/104866	Third Party Advisory VDB Entry
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-policy-suite-data	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:h:cisco:mobility_services_engine_3365:-:*:*:*:*:*:*:*

cpe:2.3:o:cisco:mobility_services_engine_3365_firmware:14.0.0:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:h:cisco:mobility_services_engine_3355:-:*:*:*:*:*:*:*

cpe:2.3:o:cisco:mobility_services_engine_3355_firmware:14.0.0:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:h:cisco:mobility_services_engine_3310:-:*:*:*:*:*:*:*

cpe:2.3:o:cisco:mobility_services_engine_3310_firmware:14.0.0:*:*:*:*:*:*:*

History

No history.

Information

Published : 2018-07-18 23:29

Updated : 2019-10-09 23:31

NVD link : CVE-2018-0392

Mitre link : CVE-2018-0392

CVE.ORG link : CVE-2018-0392

JSON object : View

Products Affected

cisco

mobility_services_engine_3355
mobility_services_engine_3310_firmware
mobility_services_engine_3365_firmware
mobility_services_engine_3355_firmware
mobility_services_engine_3310
mobility_services_engine_3365

CWE

CWE-732

Incorrect Permission Assignment for Critical Resource

CWE-275

Permission Issues

{"id": "CVE-2018-0392", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 2.1, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2018-07-18T23:29:01.150", "references": [{"url": "http://www.securityfocus.com/bid/104866", "tags": ["Third Party Advisory", "VDB Entry"], "source": "ykramarz@cisco.com"}, {"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-policy-suite-data", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-732"}]}, {"type": "Secondary", "source": "ykramarz@cisco.com", "description": [{"lang": "en", "value": "CWE-275"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the CLI of Cisco Policy Suite could allow an authenticated, local attacker to access files owned by another user. The vulnerability is due to insufficient access control permissions (i.e., World-Readable). An attacker could exploit this vulnerability by logging in to the CLI. An exploit could allow the attacker to access potentially sensitive files that are owned by a different user. Cisco Bug IDs: CSCvh18087."}, {"lang": "es", "value": "Una vulnerabilidad en la interfaz de l\u00ednea de comandos de Cisco Policy Suite podr\u00eda permitir que un atacante local autenticado acceda a archivos propiedad de otro usuario. La vulnerabilidad se debe a permisos de control de acceso insuficientes (p.ej., de lectura global). Un atacante podr\u00eda explotar esta vulnerabilidad iniciando sesi\u00f3n en la interfaz de l\u00ednea de comandos. Su explotaci\u00f3n con \u00e9xito podr\u00eda permitir que el atacante acceda a archivos propiedad de otro usuario. Cisco Bug IDs: CSCvh18087."}], "lastModified": "2019-10-09T23:31:57.630", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:mobility_services_engine_3365:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "58C04A11-DE52-4BD5-B0E8-629837F8F934"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:mobility_services_engine_3365_firmware:14.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6F918A9C-3D92-4A2C-9375-8B0EB80BB150"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:mobility_services_engine_3355:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0CE73E74-7EF8-46C3-B467-798A3B7B186D"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:mobility_services_engine_3355_firmware:14.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5CF23C6F-9AA5-4A55-B19C-0826F0B0F372"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:mobility_services_engine_3310:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "26E716CE-0D6F-477D-AC26-647626C8C62D"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:mobility_services_engine_3310_firmware:14.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1F48822A-FA65-49A0-ABFD-365CC3A3546D"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "ykramarz@cisco.com"}