Cisco Small Business Switches are vulnerable to a remote attack where commands with admin privileges can be executed. The vulnerability is tracked under CVE-2018-15439, e que poderia permitir que um não autenticado, remote attacker to bypass the user authentication mechanism of an affected device, and execute commands. As of now, the vulnerability hasn’t been fixed, but there is an available workaround.
CVE-2018-15439 Technical Overview
The very first question to ask is whether this vulnerability exists. Parece que, under “specific circumstances”, the affected software enables a privileged user accounts, and does so without alerting the administrator, Cisco explains in the official advisory.
In case of an exploit, the attacker can use the privileged account to log into affected devices and execute various commands with full administrative rights.
The next question to ask is what products are affected by CVE-2018-15439, and here is the list:
– Cisco Small Business 200 Series Smart Switches
– Cisco Small Business 300 Series Managed Switches
– Cisco Small Business 500 Series Stackable Managed Switches
– Cisco 250 Series Smart Switches
– Cisco 350 Series Managed Switches
– Cisco 350X Series Stackable Managed Switches
– Cisco 550X Series Stackable Managed Switches
CVE-2018-15439 : Workaround
The workaround for the vulnerability acquires adding at least one user account with access privilege set to level 15 in the device configuration, Cisco diz.
assim, you should know how to configure such an account, and here are the steps.
You should use admin as user ID, set the access privilege to level 15, and define the password by replacing
Switch# configure terminal
Switch(configuração)# username admin privilege 15 senha
The command show running-config | include privilege 15 will now produce the following output:
Switch# show running-config | include privilege 15
username admin password encrypted