A vulnerability in the Policy Builder interface of Cisco Policy Suite before 18.2.0 could allow an unauthenticated, remote attacker to access the Policy Builder interface. The vulnerability is due to a lack of authentication. An attacker could exploit this vulnerability by accessing the Policy Builder interface. A successful exploit could allow the attacker to make changes to existing repositories and create new repositories. Cisco Bug IDs: CSCvi35109.
References
Link | Resource |
---|---|
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-pspb-unauth-access | Vendor Advisory |
http://www.securityfocus.com/bid/104849 | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
|
Information
Published : 2018-07-18 16:29
Updated : 2019-10-09 16:31
NVD link : CVE-2018-0376
Mitre link : CVE-2018-0376
JSON object : View
CWE
CWE-306
Missing Authentication for Critical Function
Products Affected
cisco
- mobility_services_engine
- policy_suite