Vulnslist

Cisco vulnerabilities by product, model, software, and advisory.

Cisco Policy Suite OSGi Interface Unauthenticated Access Vulnerability

cisco-sa-20180718-ps-osgi-unauth-access · Critical · Published · Updated

A vulnerability in the Open Systems Gateway initiative (OSGi) interface of Cisco Policy Suite could allow an unauthenticated, remote attacker to directly connect to the OSGi interface. The vulnerability is due to a lack of authentication. An attacker could exploit this vulnerability by directly connecting to the OSGi interface. An exploit could allow the attacker to access or change any files that are accessible by the OSGi process. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-ps-osgi-unauth-access

Cisco advisory · CSAF JSON

Workarounds

There are no workarounds that address this vulnerability.

CVEsCVE-2018-0377
Cisco Bug IDsCSCvh18017
CVSS ScoreBase 9.8
Base 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X
Product Names From Source
Cisco Policy Suite (CPS) Software

Related Products

Product CVE Evidence
Cisco Policy Suite (CPS) Software CVE-2018-0377 Cisco OpenVuln