CVE-2018-0258
published 2018-05-02CVE-2018-0258: A vulnerability in the Cisco Prime File Upload servlet affecting multiple Cisco products could allow a remote attacker to upload arbitrary files to any…
PriorityP274critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
49.87%
98.8th percentile
A vulnerability in the Cisco Prime File Upload servlet affecting multiple Cisco products could allow a remote attacker to upload arbitrary files to any directory of a vulnerable device (aka Path Traversal) and execute those files. This vulnerability affects the following products: Cisco Prime Data Center Network Manager (DCNM) Version 10.0 and later, and Cisco Prime Infrastructure (PI) All versions. Cisco Bug IDs: CSCvf32411, CSCvf81727.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | prime_data_center_network_manager | — | — |
| cisco | prime_data_center_network_manager | — | — |
| cisco | prime_file_upload_servlet_path | — | — |
| cisco | prime_infrastructure | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor for unauthenticated file uploads to the Cisco Prime File Upload servlet, particularly WAR files being written to arbitrary directories on the server. ↗
- →Detect path traversal sequences in HTTP requests targeting the Cisco Prime File Upload servlet endpoint, as the vulnerability is a relative path traversal allowing writes to any directory. ↗
- →Alert on JSP webshell execution following file upload activity on Cisco Prime DCNM (version 10.0+) and Cisco Prime Infrastructure (all versions). ↗
- ·Affected products are Cisco Prime DCNM version 10.0 and later, and Cisco Prime Infrastructure all versions. There are no known workarounds; only the vendor software update addresses this vulnerability. ↗
CVSS provenance
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
vendor_cisco9.8CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Cisco
Cisco Prime File Upload Servlet Path Traversal and Remote Code Execution Vulnerability
vendor_cisco·2018-05-02·CVSS 9.8
CVE-2018-0258 [CRITICAL] CWE-22 Cisco Prime File Upload Servlet Path Traversal and Remote Code Execution Vulnerability
Cisco Prime File Upload Servlet Path Traversal and Remote Code Execution Vulnerability
A vulnerability in the Cisco Prime File Upload servlet affecting multiple Cisco products could allow a remote attacker to upload arbitrary files to any directory of a vulnerable device and execute those files.
For more information about this vulnerability per Cisco product, see the Details section of this security advisory.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-prime-upload
Cisco
Cisco Prime File Upload Servlet Path Traversal and Remote Code Execution Vulnerability
vendor_cisco·CVSS 3.0
CVE-2018-0258 Cisco Prime File Upload Servlet Path Traversal and Remote Code Execution Vulnerability
CVE-2018-0258: Cisco Prime File Upload Servlet Path Traversal and Remote Code Execution Vulnerability
A vulnerability in the Cisco Prime File Upload servlet affecting multiple Cisco products could allow a remote attacker to upload arbitrary files to any directory of a vulnerable device and execute those files. For more information about this vulnerability per Cisco product, see the
CVSS: 3.0
CWE: CWE-22, CWE-22
Bug IDs: CSCvf32411, CSCvf81727, CSCvf32411, CSCvf81727
GHSA
GHSA-9j6j-4f32-jc6g: A vulnerability in the Cisco Prime File Upload servlet affecting multiple Cisco products could allow a remote attacker to upload arbitrary files to an
ghsa_unreviewed·2022-05-13
CVE-2018-0258 [CRITICAL] CWE-22 GHSA-9j6j-4f32-jc6g: A vulnerability in the Cisco Prime File Upload servlet affecting multiple Cisco products could allow a remote attacker to upload arbitrary files to an
A vulnerability in the Cisco Prime File Upload servlet affecting multiple Cisco products could allow a remote attacker to upload arbitrary files to any directory of a vulnerable device (aka Path Traversal) and execute those files. This vulnerability affects the following products: Cisco Prime Data Center Network Manager (DCNM) Version 10.0 and later, and Cisco Prime Infrastructure (PI) All versions. Cisco Bug IDs: CSCvf32411, CSCvf81727.
No detection rules found.
No public exploits indexed.
Tenable
[R2] Cisco Data Center Network Manager Authenticated Path Traversal
blogs_tenable·2018-08-21
[R2] Cisco Data Center Network Manager Authenticated Path Traversal
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
Tenable
Tenable Research: May Vulnerability Disclosure Roundup
blogs_tenable·2018-06-26
Tenable Research: May Vulnerability Disclosure Roundup
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
Tenable
Tenable Research: May Vulnerability Disclosure Roundup
blogs_tenable·2018-06-26·CVSS 9.8
[CRITICAL] Tenable Research: May Vulnerability Disclosure Roundup
Blog / Research
Subscribe
# Tenable Research: May Vulnerability Disclosure Roundup
Tenable Research
June 26, 2018
3 Min Read
Tenable Research has a dedicated team that performs vulnerability research on software and hardware from third-party vendors. The goal is to discover zero-day vulnerabilities and work with vendors to get them addressed before hackers discover and exploit them. This post provides an overview of all the vulnerabilities discovered by Tenable Research in May.
You can access all Tenable Research advisories here.
Cisco Prime Data Center Network Manager Remote Code Execution Vulnerability
CVE ID: CVE-2018-0258
Tenable Research Advisory: TRA-2018-11
Risk Factor: Critical
What do you need to know?
Tenable Research discovered a relative path traversal vulnerability
http://www.securityfocus.com/bid/104074https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-prime-uploadhttps://www.tenable.com/security/research/tra-2018-11http://www.securityfocus.com/bid/104074https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-prime-uploadhttps://www.tenable.com/security/research/tra-2018-11
2018-05-02
Published