Cisco Umbrella Virtual Appliance Undocumented Support Tunnel Vulnerability

A vulnerability in the remote support feature of Cisco Umbrella Virtual Appliance could allow an authenticated, remote attacker to obtain full control of an affected device.

This vulnerability is due to an undocumented support mechanism that is present on the product. An attacker could exploit this vulnerability by obtaining privileges sufficient to access the remote support tunnel. A successful exploit could allow the attacker to access the appliance remotely and obtain full control without explicit customer approval.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

Cisco Umbrella originally published this advisory in 2017 on a different site that has since been archived.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-umbrella-tunnel-gJw5thgE [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-umbrella-tunnel-gJw5thgE”]