CVE-2017-6623

Name of the Vulnerable Software and Affected Versions Cisco Policy Suite (CPS) Software versions 10.0.0, 10.1.0, 11.0.0

Description A vulnerability in a script file installed as part of the Cisco Policy Suite (CPS) Software distribution could allow an authenticated, local attacker to escalate their privilege level to root. This is due to incorrect sudoers permissions on the script file. An attacker could exploit this by authenticating to the device, providing crafted user input at the CLI, and using the script file to escalate their privilege level and execute commands as root. A successful exploit could allow the attacker to acquire root-level privileges and take full control of the appliance. The attacker must be logged-in to the device with valid credentials for a specific set of users.

Recommendations For Cisco Policy Suite (CPS) Software versions 10.0.0, 10.1.0, or 11.0.0, consider restricting access to the vulnerable script file until a patch is available. As a temporary workaround, consider disabling the script file to prevent privilege escalation until a fix is applied. Restrict access to the CLI for users who do not need it to minimize the risk of exploitation.