Preview Tool

Cisco Bug: CSCum59958 - PI grants a user default permissions, if wrong register is used to login

Last Modified

Feb 22, 2018

Products (1)

  • Cisco Prime Infrastructure

Known Affected Releases

1.4(0.45) 3.0

Description (partial)

A vulnerability in the handling of usernames in Cisco Prime Infrastructure (PI) could allow an authenticated, remote attacker with a limited
privileges account to escalate his privileges to the default ones.

The vulnerability is due to the fact that PI saves usernames, and performs username string comparisons, in a case sensitive manner. An attacker
could exploit this vulnerability by typing his/her username in a different case combination than the one registered on PI. If PI is configured
for external authentication (e.g: Radius or TACACS) the login will succeed but PI will assign default authorizations to the logged in user.

PI configured for external authentication.
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.