Cisco Network Services Orchestrator Network Plug/Play 权限升级

Cisco Network Services Orchestrator中曾发现一漏洞,此漏洞被评为致命。 受此问题影响的是某些未知功能的组件:Network Plug/Play。 手动调试的不合法输入可导致 权限升级。 使用CWE来声明会导致 CWE-264 的问题。 此漏洞的脆弱性 2018-10-05公示人身份cisco-sa-20180905-nso-infodis、公示人类型为公告 (Website)所发布。 公告共享下载网址是tools.cisco.com。 该漏洞被处理的名称为CVE-2018-0463, 攻击可以远程发起, 无技术细节可用。 没有可利用漏洞。 漏洞利用的当前现价为美元计算大致为USD $0-$5k。 MITRE ATT&CK项目声明攻击技术为T1068。 它被宣布为未定义。 估计零日攻击的地下价格约为$5k-$25k。 建议对受到影响的组件升级。 该漏洞被披露后,此前未曾发表过可能的缓解措施。

字段2018-10-06 07時50分2020-03-30 10時39分
vendorCiscoCisco
nameNetwork Services OrchestratorNetwork Services Orchestrator
componentNetwork Plug/PlayNetwork Plug/Play
risk22
historic00
cvss2_vuldb_basescore6.86.8
cvss2_vuldb_tempscore5.95.9
cvss2_vuldb_avNN
cvss2_vuldb_acMM
cvss2_vuldb_auNN
cvss2_vuldb_ciPP
cvss2_vuldb_iiPP
cvss2_vuldb_aiPP
cvss3_meta_basescore7.47.4
cvss3_meta_tempscore7.17.1
cvss3_vuldb_basescore7.37.3
cvss3_vuldb_tempscore7.07.0
cvss3_vuldb_avNN
cvss3_vuldb_acLL
cvss3_vuldb_prNN
cvss3_vuldb_uiNN
cvss3_vuldb_sUU
cvss3_vuldb_cLL
cvss3_vuldb_iLL
cvss3_vuldb_aLL
date1538690400 (2018-10-05)1538690400 (2018-10-05)
locationWebsiteWebsite
typeAdvisoryAdvisory
urlhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-nso-infodishttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-nso-infodis
identifiercisco-sa-20180905-nso-infodiscisco-sa-20180905-nso-infodis
price_0day$5k-$25k$5k-$25k
name升级升级
cveCVE-2018-0463CVE-2018-0463
cvss2_vuldb_eNDND
cvss2_vuldb_rlOFOF
cvss2_vuldb_rcCC
cvss3_vuldb_eXX
cvss3_vuldb_rlOO
cvss3_vuldb_rcCC
cvss3_nvd_basescore7.57.5
cwe0264 (权限升级)
cvss2_nvd_avN
cvss2_nvd_acL
cvss2_nvd_auN
cvss2_nvd_ciP
cvss2_nvd_iiN
cvss2_nvd_aiN
cvss3_nvd_avN
cvss3_nvd_acL
cvss3_nvd_prN
cvss3_nvd_uiN
cvss3_nvd_sU
cvss3_nvd_cH
cvss3_nvd_iN
cvss3_nvd_aN
cve_assigned1511733600 (2017-11-26)
cve_nvd_published1538697600
cve_nvd_summaryA vulnerability in the Cisco Network Plug and Play server component of Cisco Network Services Orchestrator (NSO) could allow an unauthenticated, remote attacker to gain unauthorized access to configuration data that is stored on an affected NSO system. The vulnerability exists because the Network Plug and Play component performs incomplete validation when configured to use secure unique device identifiers (SUDI) for authentication. An attacker who controls a Cisco device that supports SUDI authentication and has connectivity to an affected NSO system could exploit this vulnerability. The attacker would need to leverage information about the devices that are being registered on the NSO server to send crafted Cisco Network Plug and Play authentication packets to an affected system. A successful exploit could allow the attacker to gain unauthorized access to configuration data for devices that will be managed by the NSO system.

Do you know our Splunk app?

Download it now for free!