Sign-up

ID

VAR-201811-0176


CVE

CVE-2018-15394


TITLE

Cisco Stealthwatch Enterprise Access control vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-014053

DESCRIPTION

A vulnerability in the Stealthwatch Management Console (SMC) of Cisco Stealthwatch Enterprise could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected system. The vulnerability is due to an insecure system configuration. An attacker could exploit this vulnerability by sending a crafted HTTP request to the targeted application. An exploit could allow the attacker to gain unauthenticated access, resulting in elevated privileges in the SMC. Cisco Stealthwatch Enterprise Contains an access control vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Cisco Stealthwatch Management Console is prone to an authentication-bypass vulnerability. An attacker can exploit this issue to bypass authentication mechanism and perform unauthorized actions. This may lead to further attacks. This issue is being tracked by Cisco bug CSCvk52848. Cisco Stealthwatch Enterprise is a set of enterprise network security protection solutions from Cisco (Cisco). The product has functions such as security event analysis, network segment management and data protection

Trust: 2.07

sources: NVD: CVE-2018-15394 // JVNDB: JVNDB-2018-014053 // BID: 105853 // VULHUB: VHN-125649 // VULMON: CVE-2018-15394

AFFECTED PRODUCTS

vendor:ciscomodel:stealthwatch enterprisescope:lteversion:6.10.2

Trust: 1.0

vendor:ciscomodel:stealthwatch enterprisescope: - version: -

Trust: 0.8

vendor:ciscomodel:stealthwatch enterprise softwarescope:eqversion:6.10.2

Trust: 0.3

vendor:ciscomodel:stealthwatch enterprise softwarescope:eqversion:6.9

Trust: 0.3

vendor:ciscomodel:stealthwatch enterprise softwarescope:eqversion:6.8

Trust: 0.3

vendor:ciscomodel:stealthwatch enterprise softwarescope:eqversion:6.7

Trust: 0.3

vendor:ciscomodel:stealthwatch enterprise softwarescope:eqversion:6.10

Trust: 0.3

vendor:ciscomodel:stealthwatch enterprise softwarescope:neversion:6.10.3

Trust: 0.3

sources: BID: 105853 // JVNDB: JVNDB-2018-014053 // NVD: CVE-2018-15394

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-15394
value: CRITICAL

Trust: 1.0

ykramarz@cisco.com: CVE-2018-15394
value: CRITICAL

Trust: 1.0

NVD: CVE-2018-15394
value: CRITICAL

Trust: 0.8

CNNVD: CNNVD-201811-179
value: CRITICAL

Trust: 0.6

VULHUB: VHN-125649
value: HIGH

Trust: 0.1

VULMON: CVE-2018-15394
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2018-15394
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-125649
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-15394
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.0

Trust: 2.8

sources: VULHUB: VHN-125649 // VULMON: CVE-2018-15394 // JVNDB: JVNDB-2018-014053 // CNNVD: CNNVD-201811-179 // NVD: CVE-2018-15394 // NVD: CVE-2018-15394

PROBLEMTYPE DATA

problemtype:CWE-284

Trust: 1.9

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: VULHUB: VHN-125649 // JVNDB: JVNDB-2018-014053 // NVD: CVE-2018-15394

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201811-179

TYPE

access control error

Trust: 0.6

sources: CNNVD: CNNVD-201811-179

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-014053

PATCH
title:cisco-sa-20181107-smc-auth-bypassurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-smc-auth-bypass
Trust: 0.8
title:Cisco Stealthwatch Enterprise Fixes for access control error vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=86651
Trust: 0.6
title:Cisco: Cisco Stealthwatch Management Console Authentication Bypass Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20181107-smc-auth-bypass
Trust: 0.1
title:Threatposturl:https://threatpost.com/cisco-accidentally-released-dirty-cow-exploit-code-in-software/138888/
Trust: 0.1
sources:
            
            
            VULMON: CVE-2018-15394 // 
            
            
            
            JVNDB: JVNDB-2018-014053 // 
            
            
            
            CNNVD: CNNVD-201811-179

EXTERNAL IDS
db:NVDid:CVE-2018-15394
Trust: 2.9
db:BIDid:105853
Trust: 2.1
db:JVNDBid:JVNDB-2018-014053
Trust: 0.8
db:CNNVDid:CNNVD-201811-179
Trust: 0.7
db:VULHUBid:VHN-125649
Trust: 0.1
db:VULMONid:CVE-2018-15394
Trust: 0.1
sources:
            
            
            VULHUB: VHN-125649 // 
            
            
            
            VULMON: CVE-2018-15394 // 
            
            
            
            BID: 105853 // 
            
            
            
            JVNDB: JVNDB-2018-014053 // 
            
            
            
            CNNVD: CNNVD-201811-179 // 
            
            
            
            NVD: CVE-2018-15394

REFERENCES
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20181107-smc-auth-bypass
Trust: 2.2
url:http://www.securityfocus.com/bid/105853
Trust: 1.9
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-15394
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-15394
Trust: 0.8
url:http://www.cisco.com/
Trust: 0.3
url:https://cwe.mitre.org/data/definitions/.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://threatpost.com/cisco-accidentally-released-dirty-cow-exploit-code-in-software/138888/
Trust: 0.1
sources:
            
            
            VULHUB: VHN-125649 // 
            
            
            
            VULMON: CVE-2018-15394 // 
            
            
            
            BID: 105853 // 
            
            
            
            JVNDB: JVNDB-2018-014053 // 
            
            
            
            CNNVD: CNNVD-201811-179 // 
            
            
            
            NVD: CVE-2018-15394

CREDITS
This vulnerability was found during internal security testing.
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201811-179

SOURCES
db:VULHUBid:VHN-125649
db:VULMONid:CVE-2018-15394
db:BIDid:105853
db:JVNDBid:JVNDB-2018-014053
db:CNNVDid:CNNVD-201811-179
db:NVDid:CVE-2018-15394

LAST UPDATE DATE
2024-11-23T22:21:54.310000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-125649date:2019-10-09T00:00:00
db:VULMONid:CVE-2018-15394date:2019-10-09T00:00:00
db:BIDid:105853date:2018-11-07T00:00:00
db:JVNDBid:JVNDB-2018-014053date:2019-03-11T00:00:00
db:CNNVDid:CNNVD-201811-179date:2019-10-17T00:00:00
db:NVDid:CVE-2018-15394date:2024-11-21T03:50:41.640

SOURCES RELEASE DATE
db:VULHUBid:VHN-125649date:2018-11-08T00:00:00
db:VULMONid:CVE-2018-15394date:2018-11-08T00:00:00
db:BIDid:105853date:2018-11-07T00:00:00
db:JVNDBid:JVNDB-2018-014053date:2019-03-11T00:00:00
db:CNNVDid:CNNVD-201811-179date:2018-11-08T00:00:00
db:NVDid:CVE-2018-15394date:2018-11-08T17:29:00.497