Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2017.1273
Cisco Policy Suite Privilege Escalation Vulnerability
18 May 2017
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Cisco Policy Suite
Publisher: Cisco Systems
Operating System: Cisco
Impact/Access: Root Compromise -- Existing Account
Resolution: Patch/Upgrade
CVE Names: CVE-2017-6623
Original Bulletin:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-cps
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Cisco Policy Suite Privilege Escalation Vulnerability
Advisory ID: cisco-sa-20170517-cps
Revision: 1.0
For Public Release: 2017 May 17 16:00 GMT
Last Updated: 2017 May 17 16:00 GMT
CVE ID(s): CVE-2017-6623
CVSS Score v(3): 7.8 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
+---------------------------------------------------------------------
Summary
=======
A vulnerability in a script file that is installed as part of the Cisco Policy Suite (CPS) Software distribution for the CPS appliance could allow an authenticated, local attacker to escalate their privilege level to root.
The vulnerability is due to incorrect sudoers permissions on the script file. An attacker could exploit this vulnerability by authenticating to the device and providing crafted user input at the CLI, using this script file to escalate their privilege level and execute commands as root. A successful exploit could allow the attacker to acquire root-level privileges and take full control of the appliance. The user has to be logged-in to the device with valid credentials for a specific set of users.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-cps ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-cps"]
- -----BEGIN PGP SIGNATURE-----
iQKBBAEBAgBrBQJZHHQiZBxDaXNjbyBTeXN0ZW1zIFByb2R1Y3QgU2VjdXJpdHkg
SW5jaWRlbnQgUmVzcG9uc2UgVGVhbSAoQ2lzY28gUFNJUlQga2V5IDIwMTYtMjAx
NykgPHBzaXJ0QGNpc2NvLmNvbT4ACgkQrz2APcQAkHm5gBAA4054vwpO4jMJelTk
2TNNUyrw8GnvdjJDipscxwO7L0Cjb4CuRbJZNpqy2vbeOsfPur8NokQ8DyLPFcC4
IGn+HMpufETAVT3gmHAp1asw4qhoDnXx9kpPrgKZ4KTw0TrmSSL4GtIf+BwyR3Bw
bNeE/gux8dVVNUhT+HDQ5IXeneeK0gLxChPYI3snX8eZ6JCu7VHMIqygvnLey9uS
0G451oaKZinUZbeXDfMx9OxE58Umm1J7skN43ig6dG9bZbGCbfcINKJZbbLO7Zhz
YjqvAOIWdUtvezo3S7xC9p8ylEb02zrjnQiVgaOrTb/+OLwUv33z7WXj9f94nsDE
3JVexH5+GDqHrG9mR5o3sK3RFhXJALsP8HGntA4b5BIcj1uCGAEGz+F4YnvXTNLR
0P6E+qRJW236DxIpRWhCVW29qeBt8aJ8qBwn7QeSGQp8Toi8+yH5MPfLrPvrwn0w
FAMka7EQ3KlfGmz+sTbhpegI2H6c6o0pJp1G+rCJAmE8+A2XUJB/sBXhn6mVl8Xh
nK9h63KHdCvIVpnU3TW8Jn59mXopyNbsxXMqoetBzFax/xuk1F7w8RGu8ANWTOgL
yr2GSUDDT12D8e4cqEkl8djeN+v6j/SFwgY02s3XNGHgOUu9vlhvk/dAqI2S9sf1
ucV6raBuPS5kcsUHTQ4BoMIIdvs=
=+o8F
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBWR0n3ox+lLeg9Ub1AQhZuQ//Ur1f9xDwokc9hE2z6GoK+taJMl6Qf9ZZ
c6GC8qKMEIPkoIp0aydtYjIkKUR26VJmEoezlsSdbdxJH/u0Y/GR+bxJvJP1ApdU
7P/EcOiU3T1ZcRq2J3drY86QsOiUr8rK0BPtrt2p5lPW2g21AnGnYaw1QT3Qn/+Y
dTyl07Y/jgLAdnuVjwp3xrac5ptjz90rsiuivHcAOyIkP+TRuit7B4xVaiAg3CFW
6fZxzdy14jhpB8Bt/0onOBecYA07CiipL9koXmKzVulTBICYw1Lgkot8jZlDmM4r
a7H50xtMEY+6+8usS/Bv7MiNMKn6mUNlzJalThdDyl4AjtI/OLzYjHp0cY8eCOB/
xjzmZa5rqbjNgAWER8Cqd3ie6qNVY24Wh2F6Zm/UnH1TymrvhYjdRp/Mt+qmcuin
XCb1i30XqJFHnRwGvqaNSBJL7r0K+7ZxGzVk8SrmRu90lg4Ary3pE3NbMGHTv3ks
jYEKVVWhTndlU1rbW8QhUEXnIZPxC6pr+Htd5gGwj3eTKzhxAaHQ8vdu7xdBh66C
gzPoc8LneAldCG3QQfyapiUamddEMDYrCtRGuy7HYaBL+8NaCgth9Ah1yrBcVKv+
0C7QoXOcV77VjRNgWzcjKAaNhhJZAVHOGgekyM0dWzYp7Rf5EDD7lJf0qL19TpKl
p0QxqLqx10E=
=gj2I
-----END PGP SIGNATURE-----