Lucene search
CiscoCISCO-SA-20180718-POLICY-SUITE-DATAHistoryJul 18, 2018 - 4:00 p.m.
Cisco Policy Suite World-Readable Sensitive Data Vulnerability
2018-07-1816:00:00
tools.cisco.com
22
0.0004 Low
EPSS
Percentile
5.1%
A vulnerability in the CLI of Cisco Policy Suite could allow an authenticated, local attacker to access files owned by another user.
The vulnerability is due to insufficient access control permissions. An attacker could exploit this vulnerability by logging in to the CLI. An exploit could allow the attacker to access potentially sensitive files that are owned by a different user.
There are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-policy-suite-data [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-policy-suite-data”]
Affected configurations
Node
ciscocisco_policy_suiteMatchany
ORciscocisco_policy_suiteMatchany
| CPE | Name | Operator | Version |
|---|---|---|---|
| cisco policy suite (cps) software | eq | any | |
| cisco policy suite (cps) software | eq | any |
Related
cve
cve
CVE-2018-0392
2018-07-18 23:29:01
prion
prion
Improper access control
2018-07-18 23:29:00
cvelist
cvelist
CVE-2018-0392
2018-07-18 23:00:00
nvd
nvd
CVE-2018-0392
2018-07-18 23:29:01