Cisco Prime Infrastructure Privilege Escalation Vulnerability

A vulnerability in the Cisco Prime Infrastructure (PI) username storage and authentication process could allow an authenticated, remote attacker to gain elevated privileges on a targeted system.

The vulnerability occurs because the affected software saves case-sensitive usernames and performs case-sensitive string comparisons. An attacker could exploit this vulnerability during authentication by entering a username that contains characters in cases different from the combination registered on the affected software. If the Cisco PI is configured for external authentication using a AAA server, the login will succeed but the affected software will assign default authorizations to the user who is logged in. A successful exploit could allow the attacker to access the targeted system and elevate privileges in the application.

Cisco has confirmed the vulnerability; however, software updates are not available.

To exploit this vulnerability, an attacker must authenticate to the targeted device. A successful exploit could be accomplished if the affected software is configured for external authentication. These access requirements reduce the likelihood of a successful exploit.

Cisco indicates through the CVSS score that functional exploit code exists; however, the code is not known to be publicly available.