The vulnerability of the account management subsystem of the Cisco Web Security Appliance allows a perpetrator to execute system commands with root privileges.

🗓️ 13 Dec 2018 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 2 Views

A flaw in Cisco Web Security Appliance account management allows attackers to execute as root.

Reporter	Title	Published	Views	Family All 10
Cisco	Cisco Web Security Appliance Privilege Escalation Vulnerability	15 Aug 201816:00	–	cisco
Tenable Nessus	Cisco Web Security Appliance Multiple Vulnerabilities.	27 Aug 201800:00	–	nessus
Tenable Nessus	Cisco Web Security Appliance Privilege Escalation Vulnerability.	27 Aug 201800:00	–	nessus
CNVD	Cisco Web Security Appliance Elevation of Privilege Vulnerability (CNVD-2018-16179)	16 Aug 201800:00	–	cnvd
CVE	CVE-2018-0428	15 Aug 201820:00	–	cve
Cvelist	CVE-2018-0428	15 Aug 201820:00	–	cvelist
EUVD	EUVD-2018-1251	7 Oct 202500:30	–	euvd
NVD	CVE-2018-0428	15 Aug 201820:29	–	nvd
Prion	Design/Logic Flaw	15 Aug 201820:29	–	prion
Vulnrichment	CVE-2018-0428	15 Aug 201820:00	–	vulnrichment

Vulners

Node

cisco_systems cisco_web_security_applianceMatch11.5.0-fcs-000

OR

cisco_systems cisco_web_security_applianceMatch11.0.0-fcs-250

OR

cisco_systems cisco_web_security_applianceMatch10.5.0-fcs-000

OR

cisco_systems cisco_web_security_applianceMatch10.0.0-959

Source	Link
securityfocus	www.securityfocus.com/bid/105104
securitytracker	www.securitytracker.com/id/1041536
tools	www.tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180815-wsa-escalation
web	www.web.nvd.nist.gov/view/vuln/detail

23 Mar 2021 00:00Current

7High risk

Vulners AI Score7

CVSS 36.7

CVSS 27.2

EPSS0.00056

Cisco Web Security Appliance account management root privileges remote attackers