—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

Cisco Security Advisory: Cisco IOS XE Software Web UI Remote Access Privilege Escalation Vulnerability

Advisory ID: cisco-sa-20180328-xepriv

Revision: 1.0

For Public Release: 2018 March 28 16:00 GMT

Last Updated: 2018 March 28 16:00 GMT

CVE ID(s): CVE-2018-0152

CVSS Score v(3): 8.8 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

+———————————————————————

Summary
=======
A vulnerability in the web-based user interface (web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker to gain elevated privileges on an affected device.

The vulnerability exists because the affected software does not reset the privilege level for each web UI session. An attacker who has valid credentials for an affected device could exploit this vulnerability by remotely accessing a VTY line to the device. A successful exploit could allow the attacker to access an affected device with the privileges of the user who previously logged in to the web UI.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-xepriv [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-xepriv”]
This advisory is part of the March 28, 2018, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes 20 Cisco Security Advisories that describe 22 vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: March 2018 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication [“https://tools.cisco.com/security/center/viewErp.x?alertId=ERP-66682”].

—–BEGIN PGP SIGNATURE—–

iQJ5BAEBAgBjBQJau70wXBxDaXNjbyBQcm9kdWN0IFNlY3VyaXR5IEluY2lkZW50
IFJlc3BvbnNlIFRlYW0gKENpc2NvIFBTSVJUIGtleSAyMDE4LTIwMTkpIDxwc2ly
dEBjaXNjby5jb20+AAoJEJa12PPJBfczrvkP/2AfGA8SKtPU5XygUx2ZbvPW91kW
AG8FO+o//6d74Z/U+ApqR3Exs3oo9NVX15fLJtGpcP3hBy3NCszqa66ZbrWKQ65n
i7GK6rsUYZoQNIRcm/tNzEzaJ+5i5Vql4vOWzqDRGcOJ2XezST9QFcq/5XNjeYD1
9SaNVujNx1Zncap1wMxYFky2DDHhjorER6tJdLJ/YqE6tyMf+gCuV6kQOYSVqgya
kqZw7s1Vg1BrevBrhoeWI7jvOZHqidYid5Cny68+IlcHFKg3aBVfCfENYoQTcvaB
QD2JogV65g2B/iNgZ6LnZPB2uY4WAz6DzpdYEwd5XtzhurY3cd5KaQM7cOFvNzS8
15AKt2ZeaSxZsoy57M4GlkA6UJ2wV9UjK8FVHUlpsBZiIa3St3CBGavzObUHaJ6f
/GpAFDiGQB4OygmMkh/+8kQ8Fd0bMzQt0nr5HRcUy7kTyKmHKF3zz1tqCN8ovnPV
v2FNQpqJmINls6ZiGrorWsXS6jT0brOGNhU7eFFeKQR1RJquC7NEWAy9E/9ijxU5
0sfpyor9xImEQj/ylE19oOV96ccUr2scfejSAXxhtZQkst4AZzHHvHxq+p3FuOSH
taWiw1MopsB5EXROGRcNybA4B2lJi3hzQr9X1DJ97Z4pkc8qfXm+DNkQecOzyuNp
dOMNNZ1N19AKB3DF
=C/6O
—–END PGP SIGNATURE—–

_______________________________________________
cust-security-announce mailing list
cust-security-announce@cisco.com
To unsubscribe, send the command “unsubscribe” in the subject of your message to cust-security-announce-leave@cisco.com