CERT-MU AD-2008-10
CiscoWorks Common Services Arbitrary Code Execution Vulnerability
Original Issue Date: 28 th May 2008
Overview
CiscoWorks Common Services contains a vulnerability that could allow a remote attacker to execute arbitrary code.
Description
CiscoWorks Common Services represents a common set of management services that are shared by CiscoWorks applications. CiscoWorks is a family of products based on Internet standards for managing networks and devices. Many CiscoWorks products use and depend on Common Services.
CiscoWorks Common Services contains a vulnerability that could allow a remote attacker to execute arbitrary code.
Affected systems
CiscoWorks Common Services versions 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.1, and 3.1.1 are vulnerable. The following Cisco products that use CiscoWorks Common Services as their base are also affected by this vulnerability.
Product |
Product Version |
Common Services Version |
Cisco Unified Operations Manager (CUOM) |
1.1 |
3.0.3 |
Cisco Unified Operations Manager (CUOM) |
2.0 |
3.0.3 |
Cisco Unified Operations Manager (CUOM) |
2.0.1 |
3.0.5 |
Cisco Unified Operations Manager (CUOM) |
2.0.2 |
3.0.5 |
Cisco Unified Operations Manager (CUOM) |
2.0.3 |
3.0.5 |
Cisco Unified Service Monitor ( CUSM) |
1.1 |
3.0.3 |
Cisco Unified Service Monitor ( CUSM) |
2.0 |
3.0.4 |
Cisco Unified Service Monitor ( CUSM) |
2.0.1 |
3.0.5 |
CiscoWorks QoS Policy Manager (QPM) |
4.0, 4.0.1, and 4.0.2 |
3.0.5 |
CiscoWorks LAN Management Solution ( LMS) |
2.5, 2.5.1, 2.6 |
3.0.3 |
CiscoWorks LAN Management Solution ( LMS) |
2.6 Update |
3.0.5 |
CiscoWorks LAN Management Solution ( LMS) |
3.0 |
3.1 |
CiscoWorks LAN Management Solution ( LMS) |
3.0 December 2007 Update |
3.1.1 |
Cisco Security Manager (CSM) |
3.0 |
3.0.3 |
Cisco Security Manager (CSM) |
3.0.1 |
3.0.4 |
Cisco Security Manager (CSM) |
3.0.2 |
3.0.5 |
Cisco Security Manager (CSM) |
3.1 and 3.1.1 |
3.0.5 |
Cisco Security Manager (CSM) |
3.2 |
3.1 |
Cisco TelePresence Readiness Assessment Manager (CTRAM) |
1.0 |
3.0.5 |
Note: CiscoWorks Voice Manager ( CVM) and Cisco Unified Intelligent Contact Management ( ICM) could be vulnerable if their underlying Common Services versions were upgraded.
Impact
Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the user client machine.
Workarounds
Filters such as Transit ACLs (tACLs) can be used to allow access to the Administration Workstation from only trusted hosts.
Filters that deny HTTP packets using HTTPS packets using TCP port 443 and TCP port 1741 should be deployed throughout the network as part of a tACL policy to protect the network from traffic that enters the network at ingress access points. This policy should be configured to protect the network device where the filter is applied and other devices that are behind it. Filters for HTTPS packets that use TCP port 443 and TCP port 1741 should also be deployed in front of vulnerable network devices so only traffic from trusted clients is allowed.
Note: Additional information about tACLs is available in "Transit Access Control Lists: Filtering at Your Edge: http://www.cisco.com/en/US/tech/tk648/tk361/technologies_white_paper09186a00801afc76.shtml.
For additional information on XSS attacks and the methods used to exploit these vulnerabilities, please refer to the Cisco Applied Intelligence Response "Understanding Cross-Site Scripting (XSS) Threat Vectors", available at:
http://www.cisco.com/warp/public/707/cisco-amb-20060922-understanding-xss.shtml
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
Vendor Information
CISCO
CVE-Name
CVE-Name: CVE-2008-2054
References
US- CERT
CISCO
|
