Rewterz Threat Alert – Australia Bushfire Donors Affected by Credit Card Skimming Attack
January 16, 2020Rewterz Threat Alert – GandCrab Malware Delivered via Malspam Campaign
January 17, 2020Rewterz Threat Alert – Australia Bushfire Donors Affected by Credit Card Skimming Attack
January 16, 2020Rewterz Threat Alert – GandCrab Malware Delivered via Malspam Campaign
January 17, 2020Severity
High
Analysis Summary
The vulnerability is due to incomplete validation and error checking for the file path when specific software is uploaded. An attacker could exploit this vulnerability by uploading malicious software using the REST API. A successful exploit could allow an attacker to escalate their privilege level to root. The attacker would need to have the administrator role on the device.
Impact
Privilege Escalation
Affected Vendors
Cisco
Affected Products
Cisco APIC Software releases earlier than 3.2(9b) and 4.1(2g)
Remediation
Please see vendor’s advisory for more details.