Cisco Prime Infrastructure and Evolved Programmable Network Manager Remote Code Execution Vulnerability

Risk:
high
Damage:
high
Platform(s):
CISCO PI 3.5.1, 3.6.0 Update 02Cisco EPNM
Advisory ID:
ngCERT-2019-0034
Version:
1.00
CVE:
CVE-2019-15958
Published:
January 17, 2020

Summary


A vulnerability in the REST API of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network Manager (EPNM) releases prior to 3.0.2 could allow an unauthenticated remote attacker to execute arbitrary code with root privileges on the underlying operating system.

Description & Consequence


The vulnerability exists because affected devices with the High Availability (HA) feature enabled do not properly perform input validation. An attacker could exploit this vulnerability by uploading a malicious file to either the HA active or standby device.

Decrypt Network Traffic Privilege Escalation Execute Arbitrary code Denial of Service. A successful exploit could allow the attacker to execute arbitrary code with root-level privileges on the underlying operating system.

Solution


There are no workarounds that address this vulnerability for now, however Cisco has released free software updates that address the vulnerability described in this advisory. Stakeholders are to carryout updates from their usual channels or contact their vendors for supports.

Reference


  1. https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191106-pi-epn-codex
  2. https://www.cisco.com/c/en/us/products/end-user-license-agreement.html
  3. https://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html

Revision


Related Articles