• Services
    • Asses
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Transform
      • SOC Consultancy
      •     SOC Maturity Assessment
      •     SOC Model Evaluation
      •     SOC Gap Analysis
      •     SIEM Gap Analysis
      •     SIEM Optimization
      •     SOC Content Pack
    • Train
      • Security Awareness and Training
      • Tabletop Exercise
      • Simulated Cyber Attack Exercises
    • Respond
      • Incident Response
      • Incident Analysis
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
Rewterz Threat Advisory – CVE-2018-3149 – Oracle Java SE/Java SE Embedded/JRockit Remote Security Vulnerability
December 21, 2018
Rewterz Threat Advisory – CVE-2018-12882 – updates for IBM Lotus Protector for Mail Security PHP DoS Vulnerability
December 27, 2018

Rewterz Threat Advisory – CVE-2018-15465 – Cisco Adaptive Security Appliance Software Privilege Escalation Vulnerability

December 24, 2018

SEVERITY: Medium

 

 

CATEGORY: Vulnerability

 

 

ANALYSIS SUMMARY

 

This vulnerability could allow an authenticated but unprivileged (levels 0 and 1) user to perform privileged actions when command authorization is disabled on the Cisco ASA.

When command authorization is not enabled, the ASA distinguishes only between unprivileged (levels 0 and 1) and privileged (levels 2 through 15) users. Privileged (levels 2 through 15) users are expected to have full administrative access to the ASA via the web management interface, even without knowing the enable password. Command authorization is disabled on the ASA by default.

 

An attacker could trigger the flaw exploit by sending specific HTTP requests via HTTPS to an affected device as an unprivileged user.

 

 

IMPACT

 

Remote privilege escalation; Attackers can read or write files on the system, overwrite firmware and create new users.

 

 

AFFECTED PRODUCTS

 

Cisco ASA 5500-X Series Firewall 9.9 (2)
Cisco ASA 9.1
Cisco ASA 9.2
Cisco ASA 9.3
Cisco ASA 9.4
Cisco ASA 9.5
Cisco ASA 9.6
Cisco ASA 9.7
Cisco ASA 9.8
Cisco ASA 9.9
Cisco ASA 9.10

 

 

REMEDIATION

 

Enabling command authorization will prevent from the exploitation of this vulnerability.
Vendor has released updates/patches for this vulnerability.
Customers are advised to migrate to a supported release (9.4.4.29, 9.6.4.20, 9.8.3.18, 9.9.2.36, or 9.10.1.7).

 

If you think you’re a victim of a cyber-attack, immediately send an email to soc@rewterz.com for a quick response.

  • Services
    • Asses
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Respond
      • Incident Response
      • Incident Analysis
  • Transform
    • SOC Consultancy
    •     SOC Maturity Assessment
    •     SOC Model Evaluation
    •     SOC Gap Analysis
    •     SIEM Gap Analysis
    •     SIEM Optimization
    •     SOC Content Pack
  • Train
    • Security Awareness and Training
    • Tabletop Exercise
    • Simulated Cyber Attack Exercises
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
COPYRIGHT © REWTERZ. ALL RIGHTS RESERVED.