Cisco IOS XE Software Directory Traversal Vulnerability

A vulnerability in the package unbundle utility of Cisco IOS XE Software could allow an authenticated, local attacker to gain write access to some files in the underlying operating system.

The vulnerability is due to insufficient validation of files submitted to the affected installation utility. An attacker could exploit this vulnerability by uploading a crafted file to an affected system and running the installation utility command. A successful exploit could allow the attacker to gain write access to some files in the underlying operating system, which could allow the attacker to override the write-accessible files and compromise the integrity of the system.

To exploit this vulnerability, the attacker must have sufficient privileges to execute the appropriate commands. In a default configuration, the privilege 15 privilege is needed to exploit this vulnerability. As a secondary impact of this vulnerability, an attacker may be able to modify some files and obtain access to the underlying operating system shell without having to provide a valid license.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161115-iosxe[“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161115-iosxe”]