CVE-2018-15394

Name of the Vulnerable Software and Affected Versions Stealthwatch Management Console (SMC) of Cisco Stealthwatch Enterprise (affected versions not specified)

Description The issue is related to insufficient access control in the Stealthwatch Management Console, allowing a remote attacker to bypass authentication and execute arbitrary actions with administrative privileges. This is due to an insecure system configuration. An attacker can exploit this by sending a crafted HTTP request to the targeted application, potentially gaining unauthenticated access and resulting in elevated privileges in the SMC.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.