Cisco Bug: CSCut39264 - tcp_stream allows writing to any file as root
Feb 09, 2017
- Cisco Web Security Appliance
Known Affected Releases
Symptom: A vulnerability in the backend Packet Capture Utility of the Cisco Web Security Appliance (WSA) could allow an authenticated, local attacker to modify contents within certain files. The vulnerability is due to insufficient write restrictions of output files to a safe directory. An attacker could exploit this vulnerability by first successfully implementing a command injection attack in order to write an arbitrary output file. An exploit could allow the attacker to write to any file. Conditions: Device configured with default configuration.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases