CVE-2018-0428
MEDIUMCisco Web Security Appliance - Authenticated Privilege Escalation to Root via CLI Subshell Escape
Title source: llmDescription
A vulnerability in the account management subsystem of Cisco Web Security Appliance (WSA) could allow an authenticated, local attacker to elevate privileges to root. The attacker must authenticate with valid administrator credentials. The vulnerability is due to improper implementation of access controls. An attacker could exploit this vulnerability by authenticating to the device as a specific user to gain the information needed to elevate privileges to root in a separate login shell. A successful exploit could allow the attacker to escape the CLI subshell and execute system-level commands on the underlying operating system as root. Cisco Bug IDs: CSCvj93548.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/105104
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1041536
Vendor Advisory vendor-advisory
x_refsource_cisco
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180815-wsa-escalation
Scores
CVSS v3
6.7
EPSS
0.0044
EPSS Percentile
34.9%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-269
CWE-284
Status
published
Products (4)
cisco/web_security_appliance
11.0.0-fcs-250
cisco/web_security_appliance
11.5.0-fcs-000
cisco/web_security_appliance
wsa10.0.0-959
cisco/web_security_appliance
wsa10.5.0-fcs-000
Published
Aug 15, 2018
Tracked Since
Feb 18, 2026