Vulnerability Details : CVE-2017-12225
A vulnerability in the web functionality of the Cisco Prime LAN Management Solution could allow an authenticated, remote attacker to hijack another user's administrative session, aka a Session Fixation Vulnerability. The vulnerability is due to the reuse of a preauthentication session token as part of the postauthentication session. An attacker could exploit this vulnerability by obtaining the presession token ID. An exploit could allow an attacker to hijack an existing user's session. Known Affected Releases 4.2(5). Cisco Bug IDs: CSCvf58392.
Vulnerability category: BypassGain privilege
Products affected by CVE-2017-12225
- cpe:2.3:a:cisco:prime_lan_management_solution:4.2\(5\):*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2017-12225
0.22%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 60 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2017-12225
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:P/A:N |
8.6
|
2.9
|
NIST | |
6.5
|
MEDIUM | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N |
2.8
|
3.6
|
NIST |
CWE ids for CVE-2017-12225
-
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.Assigned by: ykramarz@cisco.com (Secondary)
-
Authenticating a user, or otherwise establishing a new user session, without invalidating any existing session identifier gives an attacker the opportunity to steal authenticated sessions.Assigned by: nvd@nist.gov (Primary)
References for CVE-2017-12225
-
https://quickview.cloudapps.cisco.com/quickview/bug/CSCvf58392
Cisco Bug: CSCvf58392 - Cisco Prime LAN Management Solution Session Fixation VulnerabilityVendor Advisory
-
http://www.securitytracker.com/id/1039285
Cisco Prime LAN Management Solution Token ID Reuse Lets Remote Authenticated Users Hijack the Target User's Session - SecurityTrackerThird Party Advisory;VDB Entry
-
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170906-prime-lms
Cisco Prime LAN Management Solution Session Fixation VulnerabilityVendor Advisory
Jump to