Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1795
Views
0
Helpful
1
Replies

Cisco Cloud Services Router 1000V Command Injection Vulnerability

Go to solution
fatdrag0n
Level 1
Level 1

‎12-14-2015 03:27 PM - edited ‎03-12-2019 07:20 AM

I use few csr1000v for our cloud routers in lab and production for vpn with other routers and vpc redundancy.

I use eventmanager trigger for csr GRE vpc redundanc.

Noted this bug last week:

The publish-event event-manager feature in Cisco IOS 15.5(2)S and 15.5(3)S on Cloud Services Router 1000V devices allows local users to execute arbitrary commands with root privileges by leveraging administrative access to enter crafted environment variables, aka Bug ID CSCux14943.

Is there any better solution or patch for this bug instead of not using the configuration or monitoring?

as mentioned here: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151130-csr

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Philip D'Ath
VIP Alumni
VIP Alumni

‎12-27-2015 12:02 PM

Does the router have any "local" users who do not already have administrative access?  If the router users already have administrative access you don't have anything to worry about.

You have to be able to actually log into the router first to be able to exploit this issue.

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Philip D'Ath
VIP Alumni
VIP Alumni

‎12-27-2015 12:02 PM

Does the router have any "local" users who do not already have administrative access?  If the router users already have administrative access you don't have anything to worry about.

You have to be able to actually log into the router first to be able to exploit this issue.

0 Helpful
Customers Also Viewed These Support Documents