TTCSIRT-034.081817: TT-CSIRT Advisory – CISCO Security Updates
Cisco has released updates to address vulnerabilities affecting multiple products:
a) Cisco Application Policy Infrastructure Controller Vulnerability – could allow an authenticated remote attacker to gain higher privileges than the account is assigned. The attacker will be granted the privileges of the last user to log in, regardless of whether those privileges are higher or lower than what should have been granted.
b) Cisco Application Policy Infrastructure Controller Vulnerability – could allow an authenticated, local attacker to gain root-level privileges. This is due to a custom executable system file that was built to use relative search paths for libraries without properly validating the library to be loaded.
c) Cisco Virtual Network Function Element Manager Arbitrary Vulnerability – could allow an authenticated, remote attacker to elevate privileges and run commands in the context of the root user on the server. This vulnerability is due to command settings that allow Cisco VNF Element Manager users to specify arbitrary commands that will run as root on the server.
| Further information on these vulnerabilities and how they can be fixed can be found by clicking on the following links – cisco-sa-20170816-apic1, cisco-sa-20170816-apic2, cisco-sa-20170816-em |