CERT-In Vulnerability Note CIVN-2008-69
CiscoWorks Common Services Arbitrary Code Execution Vulnerability

Original Issue Date: May 30, 2008

Severity Rating: High

System Affected

• CiscoWorks Common Services versions 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.1, and 3.1.1

Overview

A vulnerability has been reported in CiscoWorks Common Services. A remote attacker could exploit this vulnerability by executing arbitrary code with elevated privileges.

Description

Cisco-Works is a web-based suite of tools, which helps users to manage a Cisco-based computer network. Cisco-Works Common Services (CS) is one of the components bundled in Cisco-Works, and
it provides a mechanism to logically group the device together. It also provides the foundation of application infrastructure for all existing Cisco-Works network management solutions to share a common model for data storage, user login, user role definitions, user access privileges, and security protocols.

Workaround

• Remote access may be restricted to trusted hosts only by
  using access-list

Solution

Update to CiscoWorks Common Services version 3.2 or apply
patches available at
http://www.cisco.com/pcgi-bin/tablebuild.pl/cw2000-cd-one

Vendor Information

Cisco
http://www.cisco.com/warp/public/707/cisco-sa-20080528
-cw.shtml
http://tools.cisco.com/security/center/viewAlert.x?alertId=15936

References

FrSIRT
www.frsirt.com/english/advisories/2008/1687

SecurityTracker
http://www.securitytracker.com/alerts/2008/May/1020127.html

Secunia
http://secunia.com/advisories/30422/

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Contact Information

Phone: +91-11-24368572

Postal address

Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003