Detections
Analytics

Cisco MSE <= 8.0.120.7 Multiple Vulnerabilities

medium Nessus Plugin ID 86912

Language:

Synopsis

The remote host has an application installed that is affected by multiple vulnerabilities.

Description

According to its self-reported version number, the Cisco MSE version installed on the remote host is prior to 8.0.120.7. It is, therefore, affected by multiple vulnerabilities :

 - A local privilege escalation vulnerability exists due to the program using insecure permissions for binary files during its physical or virtual appliance installation procedure. A local attacker can exploit this, by writing to a file, to gain root privileges. (CVE-2015-4282)

 - A security bypass vulnerability exists due to the default configuration of sshd_config allowing logins by the 'oracle' account which has a hard-coded password. An unauthenticated, remote user can exploit this gain privileged access to the system. (CVE-2015-6316)

Solution

Upgrade to the relevant fixed version referenced in Cisco bug IDs CSCuv40501 and CSCuv40504. Alternatively, apply the workaround referenced in the vendor advisory.

See Also

http://www.nessus.org/u?119d4835

http://www.nessus.org/u?b9d9dabf

Plugin Details

Severity: Medium

ID: 86912

File Name: cisco_mse_8_0_120_7.nasl

Version: 1.8

Type: remote

Family: CGI abuses

Published: 11/18/2015

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 6.9

Temporal Score: 6.6

Vector: CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:cisco:mobility_services_engine

Required KB Items: installed_sw/Cisco MSE

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 11/4/2015

Vulnerability Publication Date: 11/4/2015

Reference Information

CVE: CVE-2015-4282, CVE-2015-6316

BID: 77432, 77435