cbcvebase.
CVE-2018-0377
published 2018-07-18

CVE-2018-0377: A vulnerability in the Open Systems Gateway initiative (OSGi) interface of Cisco Policy Suite before 18.1.0 could allow an unauthenticated, remote attacker to…

PriorityP266critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
2.73%
84.2th percentile
A vulnerability in the Open Systems Gateway initiative (OSGi) interface of Cisco Policy Suite before 18.1.0 could allow an unauthenticated, remote attacker to directly connect to the OSGi interface. The vulnerability is due to a lack of authentication. An attacker could exploit this vulnerability by directly connecting to the OSGi interface. An exploit could allow the attacker to access or change any files that are accessible by the OSGi process. Cisco Bug IDs: CSCvh18017.

Affected

3 ranges
VendorProductVersion rangeFixed in
ciscomobility_services_engine
ciscopolicy_suite< 18.1.018.1.0
ciscopolicy_suite_osgi_interface_unauthenticated_access

Detection & IOCsextracted from sources · hover to see the quote

  • Detect unauthenticated direct connections to the OSGi interface of Cisco Policy Suite — the vulnerability is exploited by directly connecting to the OSGi interface with no credentials required.
  • Monitor for unauthorized file access or modification events originating from the OSGi process on Cisco Policy Suite hosts, as successful exploitation allows reading or changing any files accessible by that process.
  • ·All Cisco Policy Suite releases prior to 18.1.0 are affected; ensure the OSGi interface is not exposed to untrusted networks on any unpatched deployment.

CVSS provenance

nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vendor_cisco9.8CRITICAL
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.