cisco-sa-20180718-policy-unauth-access

Cisco Policy Suite Policy Builder Database Unauthenticated Access Vulnerability

cisco-sa-20180718-policy-unauth-access · Critical · Published 7 years ago · Updated 7 years ago

A vulnerability in the Policy Builder database of Cisco Policy Suite could allow an unauthenticated, remote attacker to connect directly to the Policy Builder database. The vulnerability is due to a lack of authentication. An attacker could exploit this vulnerability by connecting directly to the Policy Builder database. A successful exploit could allow the attacker to access and change any data in the Policy Builder database. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-policy-unauth-access

Cisco advisory · CSAF JSON

Workarounds

There are no workarounds that address this vulnerability.

CVEs	CVE-2018-0374
Cisco Bug IDs	CSCvh06134
CVSS Score	Base 9.8 Base 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X
Product Names From Source	Cisco Policy Suite (CPS) Software

Related Products

Product	CVE	Evidence
Cisco Policy Suite (CPS) Software	CVE-2018-0374	Cisco OpenVuln

Vulnslist

Cisco vulnerabilities by product, model, software, and advisory.

Cisco Policy Suite Policy Builder Database Unauthenticated Access Vulnerability

Workarounds

Related Products