Cisco Identity Services Engine Software up to 3.3.0 API path traversal

Summaryinfo

A vulnerability described as critical has been identified in Cisco Identity Services Engine Software. This vulnerability affects unknown code of the component API. Executing a manipulation can lead to path traversal. This vulnerability is registered as CVE-2024-20528. It is possible to launch the attack remotely. No exploit is available. Upgrading the affected component is recommended.

Detailsinfo

A vulnerability classified as critical was found in Cisco Identity Services Engine Software. This vulnerability affects an unknown code block of the component API. The manipulation with an unknown input leads to a path traversal vulnerability. The CWE definition for the vulnerability is CWE-22. The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. As an impact it is known to affect confidentiality, integrity, and availability. CVE summarizes:

A vulnerability in the API of Cisco ISE could allow an authenticated, remote attacker to upload files to arbitrary locations on the underlying operating system of an affected device. To exploit this vulnerability, an attacker would need valid Super Admin credentials. This vulnerability is due to insufficient validation of user-supplied parameters in API requests. An attacker could exploit this vulnerability by sending a crafted API request to an affected device. A successful exploit could allow the attacker to upload custom files to arbitrary locations on the underlying operating system, execute arbitrary code, and elevate privileges to root.

The advisory is available at sec.cloudapps.cisco.com. This vulnerability was named CVE-2024-20528 since 11/08/2023. The exploitation appears to be easy. The attack can be initiated remotely. The exploitation requires an enhanced level of successful authentication. The technical details are unknown and an exploit is not available. This vulnerability is assigned to T1006 by the MITRE ATT&CK project.

The vulnerability scanner Nessus provides a plugin with the ID 215119 (Cisco Identity Services Engine Multiple Vulnerabilities (cisco-sa-ise-multi-vuln-DBQdWRy)), which helps to determine the existence of the flaw in a target environment.

Upgrading eliminates this vulnerability.

The vulnerability is also documented in the vulnerability database at Tenable (215119). If you want to get best quality of vulnerability data, you may have to visit VulDB.

Productinfo

Type

• Policy Management Software

Vendor

• Cisco

Name

• Identity Services Engine Software

Version

• 3.1.0
• 3.1.0 p1
• 3.1.0 p2
• 3.1.0 p3
• 3.1.0 p4
• 3.1.0 p5
• 3.1.0 p6
• 3.1.0 p7
• 3.1.0 p8
• 3.1.0 p9
• 3.2.0
• 3.2.0 p1
• 3.2.0 p2
• 3.2.0 p3
• 3.2.0 p4
• 3.2.0 p5
• 3.2.0 p6
• 3.3 Patch 1
• 3.3 Patch 2
• 3.3 Patch 3
• 3.3.0

License

• commercial

Website

• Vendor: https://www.cisco.com/

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Discussion