====================================================================

                              CERT-Renater

                 Note d'Information No. 2017/VULN148
_____________________________________________________________________

DATE                : 18/05/2017

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S):  Systems running Cisco Policy Suite (CPS) Software
                        versions 10.0.0, 10.1.0, 11.0.0.

=====================================================================
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-cps
____________________________________________________________________

Cisco Security Advisory: Cisco Policy Suite Privilege Escalation
Vulnerability

Advisory ID: cisco-sa-20170517-cps

Revision: 1.0

For Public Release: 2017 May 17 16:00 GMT

Last Updated: 2017 May 17 16:00 GMT

CVE ID(s): CVE-2017-6623

CVSS Score v(3): 7.8 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

+---------------------------------------------------------------------

Summary
=======
A vulnerability in a script file that is installed as part of the Cisco
Policy Suite (CPS) Software distribution for the CPS appliance could
allow an authenticated, local attacker to escalate their privilege
level to root.

The vulnerability is due to incorrect sudoers permissions on the script
file. An attacker could exploit this vulnerability by authenticating to
the device and providing crafted user input at the CLI, using this
script file to escalate their privilege level and execute commands as
root. A successful exploit could allow the attacker to acquire
root-level privileges and take full control of the appliance. The user
has to be logged-in to the device with valid credentials for a specific
set of users.

Cisco has released software updates that address this vulnerability.
There are no workarounds that address this vulnerability.

This advisory is available at the following link:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-cps
["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-cps"]

==========================================================
+ CERT-RENATER          | tel : 01-53-94-20-44           +
+ 23 - 25 Rue Daviel    | fax : 01-53-94-20-41           +
+ 75013 Paris           | email: cert@support.renater.fr +
==========================================================