CiscoWorks_vulnerabilities.html

Vulnerability Tutorial - CiscoWorks vulnerabilities



	*Created: 08/26/03*


	It is possible to elevate a normal user account or the default "guest" account to administrator privileges, allowing unauthorized configuration changes and the ability to create new accounts.


	CiscoWorks is a family of network management tools which facilitate access and management of the capabilities of the Cisco AVVID architecture. The CiscoWorks Common Management Foundation (CMF) provides an application infrastructure foundation for all CiscoWorks applications.


	08/26/03 CVE 2003-0731 CVE 2003-0732 The CiscoWorks CMF includes a "guest" account, which has no password by default. A privilege elevation vulnerability could allow a remote user, using this "guest" account or any normal user account, to change his or her own privilege level to those of the administrator by modifying HTTP POST variables. This could allow the attacker to perform any action on the server. CiscoWorks CD One (1st through 5th editions), Resource Manager Essentials (RME) versions 2.0, 2.1, and 2.2, and Cisco Resource Manager (CRM) versions 1.0 and 1.1 are affected by this vulnerability.


	Upgrade to CiscoWorks Common Services 2.2, or apply the patches for CMF 2.0 and 2.1 referenced in the Cisco Advisory.


	This vulnerability was reported in a Cisco Security Advisory and a Portcullis Security Advisory.