CVE-2018-0218 - A vulnerability in the web-based user interface of the Cisco Secure Access Control Server prior to 5

CVE-2018-0218

Summary

A vulnerability in the web-based user interface of the Cisco Secure Access Control Server prior to 5.8 patch 9 could allow an unauthenticated, remote attacker to gain read access to certain information in the affected system. The vulnerability is due to improper handling of XML External Entities (XXEs) when parsing an XML file. An attacker could exploit this vulnerability by convincing the administrator of an affected system to import a crafted XML file. Cisco Bug IDs: CSCve70616.

References

Vulnerable Configurations

cpe:2.3:a:cisco:secure_access_control_server_solution_engine:5.8\(0.8\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:secure_access_control_server_solution_engine:5.8\(0.8\):*:*:*:*:*:*:*

CVSS

Base:	4.3 (as of 04-09-2020 - 17:58)
Impact:
Exploitability:

CWE

CWE-611

CAPEC

XML External Entities Blowup
This attack takes advantage of the entity replacement property of XML where the value of the replacement is a URI. A well-crafted XML document could have the entity refer to a URI that consumes a large amount of resources to create a denial of service condition. This can cause the system to either freeze, crash, or execute arbitrary code depending on the URI.

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	NONE	NONE

cvss-vector via4

AV:N/AC:M/Au:N/C:P/I:N/A:N

refmap via4

bid	103345
confirm	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180307-acs1
sectrack	1040470

Last major update

04-09-2020 - 17:58

Published

08-03-2018 - 07:29

Last modified

04-09-2020 - 17:58