Lucene search

CiscoCISCO-SA-20161115-IOSXE

HistoryNov 15, 2016 - 4:00 p.m.

Cisco IOS XE Software Directory Traversal Vulnerability

2016-11-1516:00:00

tools.cisco.com

CVSS2

1.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:M/Au:N/C:N/I:P/A:N

CVSS3

2.5

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N

EPSS

Percentile

5.1%

JSON

A vulnerability in the package unbundle utility of Cisco IOS XE Software could allow an authenticated, local attacker to gain write access to some files in the underlying operating system.

The vulnerability is due to insufficient validation of files submitted to the affected installation utility. An attacker could exploit this vulnerability by uploading a crafted file to an affected system and running the installation utility command. A successful exploit could allow the attacker to gain write access to some files in the underlying operating system, which could allow the attacker to override the write-accessible files and compromise the integrity of the system.

To exploit this vulnerability, the attacker must have sufficient privileges to execute the appropriate commands. In a default configuration, the privilege 15 privilege is needed to exploit this vulnerability. As a secondary impact of this vulnerability, an attacker may be able to modify some files and obtain access to the underlying operating system shell without having to provide a valid license.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161115-iosxe[“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161115-iosxe”]

Affected configurations

Vulners

Node

ciscocisco_iosMatch3.2sexe

ciscocisco_iosMatch3.3sexe

ciscocisco_iosMatch3.3xoxe

ciscocisco_iosMatch3.5exe

ciscocisco_iosMatch3.6exe

ciscocisco_iosMatch3.7exe

ciscocisco_iosMatch16.1xe

ciscocisco_iosMatch16.2xe

ciscocisco_iosMatch3.8exe

ciscocisco_iosMatch16.3xe

ciscocisco_iosMatch3.9exe

ciscocisco_iosMatch3.2.0sexe

ciscocisco_iosMatch3.2.1sexe

ciscocisco_iosMatch3.2.2sexe

ciscocisco_iosMatch3.2.3sexe

ciscocisco_iosMatch3.3.0sexe

ciscocisco_iosMatch3.3.1sexe

ciscocisco_iosMatch3.3.2sexe

ciscocisco_iosMatch3.3.3sexe

ciscocisco_iosMatch3.3.4sexe

ciscocisco_iosMatch3.3.5sexe

ciscocisco_iosMatch3.3.0xoxe

ciscocisco_iosMatch3.3.1xoxe

ciscocisco_iosMatch3.3.2xoxe

ciscocisco_iosMatch3.5.0exe

ciscocisco_iosMatch3.5.1exe

ciscocisco_iosMatch3.5.2exe

ciscocisco_iosMatch3.5.3exe

ciscocisco_iosMatch3.6.0exe

ciscocisco_iosMatch3.6.1exe

ciscocisco_iosMatch3.6.0aexe

ciscocisco_iosMatch3.6.0bexe

ciscocisco_iosMatch3.6.2aexe

ciscocisco_iosMatch3.6.2exe

ciscocisco_iosMatch3.6.3exe

ciscocisco_iosMatch3.6.4exe

ciscocisco_iosMatch3.6.5exe

ciscocisco_iosMatch3.7.0exe

ciscocisco_iosMatch3.7.1exe

ciscocisco_iosMatch3.7.2exe

ciscocisco_iosMatch3.7.3exe

ciscocisco_iosMatch3.7.4exe

ciscocisco_iosMatch16.1.1xe

ciscocisco_iosMatch16.1.2xe

ciscocisco_iosMatch16.1.3xe

ciscocisco_iosMatch16.2.1xe

ciscocisco_iosMatch16.2.2xe

ciscocisco_iosMatch3.8.0exe

ciscocisco_iosMatch3.8.1exe

ciscocisco_iosMatch3.8.2exe

ciscocisco_iosMatch16.3.1xe

ciscocisco_iosMatch16.3.1axe

ciscocisco_iosMatch3.9.0exe

VendorProductVersionCPE
ciscocisco_ios3.2secpe:2.3:o:cisco:cisco_ios:3.2se:xe:*:*:*:*:*:*
ciscocisco_ios3.3secpe:2.3:o:cisco:cisco_ios:3.3se:xe:*:*:*:*:*:*
ciscocisco_ios3.3xocpe:2.3:o:cisco:cisco_ios:3.3xo:xe:*:*:*:*:*:*
ciscocisco_ios3.5ecpe:2.3:o:cisco:cisco_ios:3.5e:xe:*:*:*:*:*:*
ciscocisco_ios3.6ecpe:2.3:o:cisco:cisco_ios:3.6e:xe:*:*:*:*:*:*
ciscocisco_ios3.7ecpe:2.3:o:cisco:cisco_ios:3.7e:xe:*:*:*:*:*:*
ciscocisco_ios16.1cpe:2.3:o:cisco:cisco_ios:16.1:xe:*:*:*:*:*:*
ciscocisco_ios16.2cpe:2.3:o:cisco:cisco_ios:16.2:xe:*:*:*:*:*:*
ciscocisco_ios3.8ecpe:2.3:o:cisco:cisco_ios:3.8e:xe:*:*:*:*:*:*
ciscocisco_ios16.3cpe:2.3:o:cisco:cisco_ios:16.3:xe:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	cisco_ios	3.2se	cpe:2.3:o:cisco:cisco_ios:3.2se:xe::::::
cisco	cisco_ios	3.3se	cpe:2.3:o:cisco:cisco_ios:3.3se:xe::::::
cisco	cisco_ios	3.3xo	cpe:2.3:o:cisco:cisco_ios:3.3xo:xe::::::
cisco	cisco_ios	3.5e	cpe:2.3:o:cisco:cisco_ios:3.5e:xe::::::
cisco	cisco_ios	3.6e	cpe:2.3:o:cisco:cisco_ios:3.6e:xe::::::
cisco	cisco_ios	3.7e	cpe:2.3:o:cisco:cisco_ios:3.7e:xe::::::
cisco	cisco_ios	16.1	cpe:2.3:o:cisco:cisco_ios:16.1:xe::::::
cisco	cisco_ios	16.2	cpe:2.3:o:cisco:cisco_ios:16.2:xe::::::
cisco	cisco_ios	3.8e	cpe:2.3:o:cisco:cisco_ios:3.8e:xe::::::
cisco	cisco_ios	16.3	cpe:2.3:o:cisco:cisco_ios:16.3:xe::::::

Rows per page:

1-10 of 531

References

sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161115-iosxe

CVSS2

1.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:M/Au:N/C:N/I:P/A:N

CVSS3

2.5

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N

EPSS

Percentile

5.1%

JSON

Related for CISCO-SA-20161115-IOSXE