Cisco ACE 4710 Device Manager GUI Remote Command Injection Vulnerability (cisco-sa-20160224-ace)

high Nessus Plugin ID 89690

Synopsis

The remote device is affected by a remote command injection vulnerability.

Description

The Cisco Application Control Engine (ACE) software installed on the remote Cisco ACE 4710 device is an A5 version prior to A5(3.0). It is, therefore, affected by a remote command injection vulnerability in the device manager GUI due to improper validation of user-supplied input in HTTP POST requests. An authenticated, remote attacker can exploit this to bypass the role-based access control (RBAC) restrictions and execute CLI commands with 'admin' privileges.

Solution

Upgrade to Cisco ACE version A5(3.1) or later.

See Also

http://www.nessus.org/u?6bd62857

https://tools.cisco.com/bugsearch/bug/CSCul84801

Plugin Details

Severity: High

ID: 89690

File Name: cisco-sa-20160224-ace.nasl

Version: 1.6

Type: local

Family: CISCO

Published: 3/4/2016

Updated: 11/20/2019

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 9

Temporal Score: 6.7

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2016-1297

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 7.7

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:cisco:application_control_engine_software

Required KB Items: Settings/ParanoidReport, Host/Cisco/ACE/Version, Host/Cisco/ACE/Model

Exploit Ease: No known exploits are available

Patch Publication Date: 10/1/2014

Vulnerability Publication Date: 2/24/2016

Reference Information

CVE: CVE-2016-1297

BID: 83390

CISCO-SA: cisco-sa-20160224-ace

IAVA: 2016-A-0057

CISCO-BUG-ID: CSCul84801