CVE-2018-0218 - Vulnerability Details - OpenCVE

ReportizFlow

A vulnerability in the web-based user interface of the Cisco Secure Access Control Server prior to 5.8 patch 9 could allow an unauthenticated, remote attacker to gain read access to certain information in the affected system. The vulnerability is due to improper handling of XML External Entities (XXEs) when parsing an XML file. An attacker could exploit this vulnerability by convincing the administrator of an affected system to import a crafted XML file. Cisco Bug IDs: CSCve70616.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:M/Au:N/C:P/I:N/A:N

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Cisco	Secure Access Control Server Solution Engine

Configuration 1 [-]

cpe:2.3:a:cisco:secure_access_control_server_solution_engine:5.8\(0.8\):*:*:*:*:*:*:*

No data.

References

Link	Providers
http://www.securityfocus.com/bid/103345
http://www.securitytracker.com/id/1040470
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180307-acs1

History

Mon, 02 Dec 2024 21:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2018-03-08T07:00:00

Updated: 2024-12-02T20:57:22.778Z

Reserved: 2017-11-27T00:00:00

Link: CVE-2018-0218

Vulnrichment

Updated: 2024-08-05T03:21:14.530Z

NVD

Status : Modified

Published: 2018-03-08T07:29:01.003

Modified: 2024-11-21T03:37:45.400

Link: CVE-2018-0218

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Cisco Secure Access Control Server", "vendor": "n/a", "versions": [{"status": "affected", "version": "Cisco Secure Access Control Server"}]}], "datePublic": "2018-03-08T00:00:00", "descriptions": [{"lang": "en", "value": "A vulnerability in the web-based user interface of the Cisco Secure Access Control Server prior to 5.8 patch 9 could allow an unauthenticated, remote attacker to gain read access to certain information in the affected system. The vulnerability is due to improper handling of XML External Entities (XXEs) when parsing an XML file. An attacker could exploit this vulnerability by convincing the administrator of an affected system to import a crafted XML file. Cisco Bug IDs: CSCve70616."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-200", "description": "CWE-200", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2018-03-10T10:57:01", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180307-acs1"}, {"name": "103345", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/103345"}, {"name": "1040470", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1040470"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "[email protected]", "ID": "CVE-2018-0218", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Cisco Secure Access Control Server", "version": {"version_data": [{"version_value": "Cisco Secure Access Control Server"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability in the web-based user interface of the Cisco Secure Access Control Server prior to 5.8 patch 9 could allow an unauthenticated, remote attacker to gain read access to certain information in the affected system. The vulnerability is due to improper handling of XML External Entities (XXEs) when parsing an XML file. An attacker could exploit this vulnerability by convincing the administrator of an affected system to import a crafted XML file. Cisco Bug IDs: CSCve70616."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-200"}]}]}, "references": {"reference_data": [{"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180307-acs1", "refsource": "CONFIRM", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180307-acs1"}, {"name": "103345", "refsource": "BID", "url": "http://www.securityfocus.com/bid/103345"}, {"name": "1040470", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1040470"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T03:21:14.530Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180307-acs1"}, {"name": "103345", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/103345"}, {"name": "1040470", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1040470"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-12-02T18:54:35.319762Z", "id": "CVE-2018-0218", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-12-02T20:57:22.778Z"}}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2018-0218", "datePublished": "2018-03-08T07:00:00", "dateReserved": "2017-11-27T00:00:00", "dateUpdated": "2024-12-02T20:57:22.778Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180307-acs1", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "http://www.securityfocus.com/bid/103345", "name": "103345", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"]}, {"url": "http://www.securitytracker.com/id/1040470", "name": "1040470", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T03:21:14.530Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2018-0218", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-12-02T18:54:35.319762Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-12-02T18:59:29.979Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "Cisco Secure Access Control Server", "versions": [{"status": "affected", "version": "Cisco Secure Access Control Server"}]}], "datePublic": "2018-03-08T00:00:00", "references": [{"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180307-acs1", "tags": ["x_refsource_CONFIRM"]}, {"url": "http://www.securityfocus.com/bid/103345", "name": "103345", "tags": ["vdb-entry", "x_refsource_BID"]}, {"url": "http://www.securitytracker.com/id/1040470", "name": "1040470", "tags": ["vdb-entry", "x_refsource_SECTRACK"]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the web-based user interface of the Cisco Secure Access Control Server prior to 5.8 patch 9 could allow an unauthenticated, remote attacker to gain read access to certain information in the affected system. The vulnerability is due to improper handling of XML External Entities (XXEs) when parsing an XML file. An attacker could exploit this vulnerability by convincing the administrator of an affected system to import a crafted XML file. Cisco Bug IDs: CSCve70616."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-200", "description": "CWE-200"}]}], "providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2018-03-10T10:57:01"}, "x_legacyV4Record": {"affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "Cisco Secure Access Control Server"}]}, "product_name": "Cisco Secure Access Control Server"}]}, "vendor_name": "n/a"}]}}, "data_type": "CVE", "references": {"reference_data": [{"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180307-acs1", "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180307-acs1", "refsource": "CONFIRM"}, {"url": "http://www.securityfocus.com/bid/103345", "name": "103345", "refsource": "BID"}, {"url": "http://www.securitytracker.com/id/1040470", "name": "1040470", "refsource": "SECTRACK"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability in the web-based user interface of the Cisco Secure Access Control Server prior to 5.8 patch 9 could allow an unauthenticated, remote attacker to gain read access to certain information in the affected system. The vulnerability is due to improper handling of XML External Entities (XXEs) when parsing an XML file. An attacker could exploit this vulnerability by convincing the administrator of an affected system to import a crafted XML file. Cisco Bug IDs: CSCve70616."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-200"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2018-0218", "STATE": "PUBLIC", "ASSIGNER": "[email protected]"}}}}, "cveMetadata": {"cveId": "CVE-2018-0218", "state": "PUBLISHED", "dateUpdated": "2024-12-02T20:57:22.778Z", "dateReserved": "2017-11-27T00:00:00", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "datePublished": "2018-03-08T07:00:00", "assignerShortName": "cisco"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:secure_access_control_server_solution_engine:5.8\\(0.8\\):*:*:*:*:*:*:*", "matchCriteriaId": "87AA6C8D-4A96-4A79-B083-0F8DD37C69ED", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the web-based user interface of the Cisco Secure Access Control Server prior to 5.8 patch 9 could allow an unauthenticated, remote attacker to gain read access to certain information in the affected system. The vulnerability is due to improper handling of XML External Entities (XXEs) when parsing an XML file. An attacker could exploit this vulnerability by convincing the administrator of an affected system to import a crafted XML file. Cisco Bug IDs: CSCve70616."}, {"lang": "es", "value": "Una vulnerabilidad en la interfaz web de usuario de Cisco Secure Access Control Server en versiones anteriores a la 5.8, parche 9, podr\u00eda permitir que un atacante remoto no autenticado obtenga acceso de lectura a determinada informaci\u00f3n en el sistema afectado. La vulnerabilidad se debe a una gesti\u00f3n incorrecta de XXE (Entidades Externas XML) a la hora de analizar sint\u00e1cticamente un archivo XML. Un atacante podr\u00eda explotar esta vulnerabilidad convenciendo al administrador de un sistema afectado para que importe un archivo XML manipulado. Cisco Bug IDs: CSCve70616."}], "id": "CVE-2018-0218", "lastModified": "2024-11-21T03:37:45.400", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "[email protected]", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 1.4, "source": "[email protected]", "type": "Primary"}]}, "published": "2018-03-08T07:29:01.003", "references": [{"source": "[email protected]", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/103345"}, {"source": "[email protected]", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1040470"}, {"source": "[email protected]", "tags": ["Vendor Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180307-acs1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/103345"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1040470"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180307-acs1"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "[email protected]", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-611"}], "source": "[email protected]", "type": "Primary"}]}