Vulnerability Details : CVE-2018-0152
A vulnerability in the web-based user interface (web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker to gain elevated privileges on an affected device. The vulnerability exists because the affected software does not reset the privilege level for each web UI session. An attacker who has valid credentials for an affected device could exploit this vulnerability by remotely accessing a VTY line to the device. A successful exploit could allow the attacker to access an affected device with the privileges of the user who previously logged in to the web UI. This vulnerability affects Cisco devices that are running a vulnerable release of Cisco IOS XE Software, if the HTTP Server feature is enabled and authentication, authorization, and accounting (AAA) authorization is not configured for EXEC sessions. The default state of the HTTP Server feature is version-dependent. This vulnerability was introduced in Cisco IOS XE Software Release 16.1.1. Cisco Bug IDs: CSCvf71769.
Products affected by CVE-2018-0152
- cpe:2.3:o:cisco:ios_xe:16.1.1:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2018-0152
0.20%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 58 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2018-0152
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.0
|
HIGH | AV:N/AC:L/Au:S/C:C/I:C/A:C |
8.0
|
10.0
|
NIST | |
8.8
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
2.8
|
5.9
|
NIST |
CWE ids for CVE-2018-0152
-
Assigned by: ykramarz@cisco.com (Secondary)
-
According to WASC, "Insufficient Session Expiration is when a web site permits an attacker to reuse old session credentials or session IDs for authorization."Assigned by: nvd@nist.gov (Primary)
References for CVE-2018-0152
-
http://www.securityfocus.com/bid/103558
Cisco IOS XE Software CVE-2018-0152 Remote Privilege Escalation VulnerabilityThird Party Advisory;VDB Entry
-
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-xepriv
Cisco IOS XE Software Web UI Remote Access Privilege Escalation VulnerabilityVendor Advisory
-
http://www.securitytracker.com/id/1040597
Cisco IOS XE Web Interface Access Control Bug Lets Remote Authenticated Users Gain Elevated Privileges - SecurityTrackerThird Party Advisory;VDB Entry
Jump to