CVE-2018-0374
published 2018-07-18CVE-2018-0374: A vulnerability in the Policy Builder database of Cisco Policy Suite before 18.2.0 could allow an unauthenticated, remote attacker to connect directly to the…
PriorityP262critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
2.73%
84.2th percentile
A vulnerability in the Policy Builder database of Cisco Policy Suite before 18.2.0 could allow an unauthenticated, remote attacker to connect directly to the Policy Builder database. The vulnerability is due to a lack of authentication. An attacker could exploit this vulnerability by connecting directly to the Policy Builder database. A successful exploit could allow the attacker to access and change any data in the Policy Builder database. Cisco Bug IDs: CSCvh06134.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | mobility_services_engine | — | — |
| cisco | policy_suite_policy_builder_database_unauthenticated_access | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Detect unauthenticated direct connections to the Cisco Policy Suite Policy Builder database — no credentials will be presented in the connection attempt ↗
- →Monitor for unauthorized read or write activity against the Policy Builder database, particularly from external/untrusted source IPs with no prior authentication exchange ↗
- →Flag any remote connection to the Policy Builder database that lacks an authentication handshake — the root cause is a complete absence of authentication on the database listener ↗
- ·Vulnerability only exists in Cisco Policy Suite versions prior to 18.2.0; systems already upgraded to 18.2.0 or later are not affected ↗
- ·There are no workarounds available for CVE-2018-0374; patching to 18.2.0 is the only remediation ↗
CVSS provenance
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vendor_cisco9.8CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Cisco
Cisco Policy Suite Policy Builder Database Unauthenticated Access Vulnerability
vendor_cisco·2018-07-18·CVSS 9.8
CVE-2018-0374 [CRITICAL] CWE-306 Cisco Policy Suite Policy Builder Database Unauthenticated Access Vulnerability
Cisco Policy Suite Policy Builder Database Unauthenticated Access Vulnerability
A vulnerability in the Policy Builder database of Cisco Policy Suite could allow an unauthenticated, remote attacker to connect directly to the Policy Builder database.
The vulnerability is due to a lack of authentication. An attacker could exploit this vulnerability by connecting directly to the Policy Builder database. A successful exploit could allow the attacker to access and change any data in the Policy Builder database.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-policy-unauth-
Cisco
Cisco Policy Suite Policy Builder Database Unauthenticated Access Vulnerability
vendor_cisco·CVSS 3.0
CVE-2018-0374 Cisco Policy Suite Policy Builder Database Unauthenticated Access Vulnerability
CVE-2018-0374: Cisco Policy Suite Policy Builder Database Unauthenticated Access Vulnerability
A vulnerability in the Policy Builder database of Cisco Policy Suite could allow an unauthenticated, remote attacker to connect directly to the Policy Builder database. The vulnerability is due to a lack of authentication. An attacker could exploit this vulnerability by connecting directly to the Policy Builder database. A successful exploit could allow the attacker to access and change any data in the Policy Builder database. Cisco has released software updates that address this vulnerability. There are no
CVSS: 3.0
CWE: CWE-306, CWE-306
Bug IDs: CSCvh06134
GHSA
GHSA-p7mr-mfc2-48qw: A vulnerability in the Policy Builder database of Cisco Policy Suite before 18
ghsa_unreviewed·2022-05-13
CVE-2018-0374 [CRITICAL] CWE-306 GHSA-p7mr-mfc2-48qw: A vulnerability in the Policy Builder database of Cisco Policy Suite before 18
A vulnerability in the Policy Builder database of Cisco Policy Suite before 18.2.0 could allow an unauthenticated, remote attacker to connect directly to the Policy Builder database. The vulnerability is due to a lack of authentication. An attacker could exploit this vulnerability by connecting directly to the Policy Builder database. A successful exploit could allow the attacker to access and change any data in the Policy Builder database. Cisco Bug IDs: CSCvh06134.
No detection rules found.
No public exploits indexed.
Tenable
Cisco Issues Patches for 4 Critical Vulnerabilities in Cisco Policy Suite
blogs_tenable·2018-07-21
Cisco Issues Patches for 4 Critical Vulnerabilities in Cisco Policy Suite
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
Tenable
Cisco Issues Patches for 4 Critical Vulnerabilities in Cisco Policy Suite
blogs_tenable·2018-07-21·CVSS 9.8
[CRITICAL] Cisco Issues Patches for 4 Critical Vulnerabilities in Cisco Policy Suite
Blog / Cyber Exposure Alerts
Subscribe
# Cisco Issues Patches for 4 Critical Vulnerabilities in Cisco Policy Suite
Paul Davis
July 21, 2018
2 Min Read
Cisco’s Policy Suite for Mobile controls billing and access control for customer devices. Root access to this suite is concerning because of the breadth of user device access.
The latest batch of Cisco patches includes fixes for four critical vulnerabilities related to unauthenticated access and default credentials in the Cisco Policy Suite for the Cisco Mobility Services Engine. All four were discovered by internal security testing. In addition, nine high-severity vulnerabilities and 12 medium ones were patched in a variety of other Cisco platforms.
### Analysis
Two of the vulnerabilities (CVE-2018-0376 and CVE-2018-0374) give unaut
Bugzilla
CVE-2017-12191 CFME: VMRC plugin console grants users administrative access
bugzilla·2017-10-10·CVSS 7.4
CVE-2017-12191 [HIGH] CVE-2017-12191 CFME: VMRC plugin console grants users administrative access
CVE-2017-12191 CFME: VMRC plugin console grants users administrative access
Gellert Kis of Red Hat reports:
The CloudForms VMRC plugin console grants users administrative access due to incorrect session privileges.
Discussion:
Acknowledgments:
Name: Gellert Kis (Red Hat)
---
This issue has been addressed in the following products:
CloudForms Management Engine 5.8
Via RHSA-2018:0374 https://access.redhat.com/errata/RHSA-2018:0374
2018-07-18
Published