CVE-2018-0377
published 2018-07-18CVE-2018-0377: A vulnerability in the Open Systems Gateway initiative (OSGi) interface of Cisco Policy Suite before 18.1.0 could allow an unauthenticated, remote attacker to…
PriorityP266critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
2.73%
84.2th percentile
A vulnerability in the Open Systems Gateway initiative (OSGi) interface of Cisco Policy Suite before 18.1.0 could allow an unauthenticated, remote attacker to directly connect to the OSGi interface. The vulnerability is due to a lack of authentication. An attacker could exploit this vulnerability by directly connecting to the OSGi interface. An exploit could allow the attacker to access or change any files that are accessible by the OSGi process. Cisco Bug IDs: CSCvh18017.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | mobility_services_engine | — | — |
| cisco | policy_suite | < 18.1.0 | 18.1.0 |
| cisco | policy_suite_osgi_interface_unauthenticated_access | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Detect unauthenticated direct connections to the OSGi interface of Cisco Policy Suite — the vulnerability is exploited by directly connecting to the OSGi interface with no credentials required. ↗
- →Monitor for unauthorized file access or modification events originating from the OSGi process on Cisco Policy Suite hosts, as successful exploitation allows reading or changing any files accessible by that process. ↗
- ·All Cisco Policy Suite releases prior to 18.1.0 are affected; ensure the OSGi interface is not exposed to untrusted networks on any unpatched deployment. ↗
CVSS provenance
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vendor_cisco9.8CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Cisco
Cisco Policy Suite OSGi Interface Unauthenticated Access Vulnerability
vendor_cisco·2018-07-18·CVSS 9.8
CVE-2018-0377 [CRITICAL] CWE-306 Cisco Policy Suite OSGi Interface Unauthenticated Access Vulnerability
Cisco Policy Suite OSGi Interface Unauthenticated Access Vulnerability
A vulnerability in the Open Systems Gateway initiative (OSGi) interface of Cisco Policy Suite could allow an unauthenticated, remote attacker to directly connect to the OSGi interface.
The vulnerability is due to a lack of authentication. An attacker could exploit this vulnerability by directly connecting to the OSGi interface. An exploit could allow the attacker to access or change any files that are accessible by the OSGi process.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-ps-osgi-unauth-ac
Cisco
Cisco Policy Suite OSGi Interface Unauthenticated Access Vulnerability
vendor_cisco·CVSS 3.0
CVE-2018-0377 Cisco Policy Suite OSGi Interface Unauthenticated Access Vulnerability
CVE-2018-0377: Cisco Policy Suite OSGi Interface Unauthenticated Access Vulnerability
A vulnerability in the Open Systems Gateway initiative (OSGi) interface of Cisco Policy Suite could allow an unauthenticated, remote attacker to directly connect to the OSGi interface. The vulnerability is due to a lack of authentication. An attacker could exploit this vulnerability by directly connecting to the OSGi interface. An exploit could allow the attacker to access or change any files that are accessible by the OSGi process. Cisco has released software updates that address this vulnerability. There are no
CVSS: 3.0
CWE: CWE-306, CWE-306
Bug IDs: CSCvh18017
GHSA
GHSA-j6q6-97rg-2x8h: A vulnerability in the Open Systems Gateway initiative (OSGi) interface of Cisco Policy Suite before 18
ghsa_unreviewed·2022-05-13
CVE-2018-0377 [CRITICAL] CWE-306 GHSA-j6q6-97rg-2x8h: A vulnerability in the Open Systems Gateway initiative (OSGi) interface of Cisco Policy Suite before 18
A vulnerability in the Open Systems Gateway initiative (OSGi) interface of Cisco Policy Suite before 18.1.0 could allow an unauthenticated, remote attacker to directly connect to the OSGi interface. The vulnerability is due to a lack of authentication. An attacker could exploit this vulnerability by directly connecting to the OSGi interface. An exploit could allow the attacker to access or change any files that are accessible by the OSGi process. Cisco Bug IDs: CSCvh18017.
No detection rules found.
No public exploits indexed.
Tenable
Cisco Issues Patches for 4 Critical Vulnerabilities in Cisco Policy Suite
blogs_tenable·2018-07-21
Cisco Issues Patches for 4 Critical Vulnerabilities in Cisco Policy Suite
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
Tenable
Cisco Issues Patches for 4 Critical Vulnerabilities in Cisco Policy Suite
blogs_tenable·2018-07-21·CVSS 9.8
[CRITICAL] Cisco Issues Patches for 4 Critical Vulnerabilities in Cisco Policy Suite
Blog / Cyber Exposure Alerts
Subscribe
# Cisco Issues Patches for 4 Critical Vulnerabilities in Cisco Policy Suite
Paul Davis
July 21, 2018
2 Min Read
Cisco’s Policy Suite for Mobile controls billing and access control for customer devices. Root access to this suite is concerning because of the breadth of user device access.
The latest batch of Cisco patches includes fixes for four critical vulnerabilities related to unauthenticated access and default credentials in the Cisco Policy Suite for the Cisco Mobility Services Engine. All four were discovered by internal security testing. In addition, nine high-severity vulnerabilities and 12 medium ones were patched in a variety of other Cisco platforms.
### Analysis
Two of the vulnerabilities (CVE-2018-0376 and CVE-2018-0374) give unaut
2018-07-18
Published