Cisco StarOS Software Key-Based SSH Authentication Privilege Escalation Vulnerability

2023-04-1916:00:00

tools.cisco.com

cisco

staros

ssh

authentication

privilege escalation

vulnerability

software

validation

exploit

update

advisory

0.001 Low

EPSS

Percentile

47.6%

JSON

A vulnerability in the key-based SSH authentication feature of Cisco StarOS Software could allow an authenticated, remote attacker to elevate privileges on an affected device.

This vulnerability is due to insufficient validation of user-supplied credentials. An attacker could exploit this vulnerability by sending a valid low-privileged SSH key to an affected device from a host that has an IP address that is configured as the source for a high-privileged user account. A successful exploit could allow the attacker to log in to the affected device through SSH as a high-privileged user.

Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-ssh-privesc-BmWeJC3h [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-ssh-privesc-BmWeJC3h”]

Affected configurations

Vulners

Node

ciscoasr_5000_series_softwareMatchany

ciscoultra_cloud_core_-_serving_gateway_functionMatchany

ciscoasr_9904Match5000_series_software

ciscoultra_cloud_core_-_serving_gateway_functionMatchany

CPENameOperatorVersion
cisco asr 5000 series softwareeqany
cisco ultra cloud core - user plane functioneqany
cisco asreq5000 Series Software
cisco ultra cloud core - user plane functioneqany

Name	Operator	Version
cisco asr 5000 series software	eq	any
cisco ultra cloud core - user plane function	eq	any
cisco asr	eq	5000 Series Software
cisco ultra cloud core - user plane function	eq	any