CVE-2018-0377

CVE Database · CVE-2018-0377

CVE-2018-0377

· N/AModified

CVSS v3.1

N/A

EPSS

2.73%

Published

Jul 18, 2018

Modified

Nov 21, 2024

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A vulnerability in the Open Systems Gateway initiative (OSGi) interface of Cisco Policy Suite before 18.1.0 could allow an unauthenticated, remote attacker to directly connect to the OSGi interface. The vulnerability is due to a lack of authentication. An attacker could exploit this vulnerability by directly connecting to the OSGi interface. An exploit could allow the attacker to access or change any files that are accessible by the OSGi process. Cisco Bug IDs: CSCvh18017.

Weaknesses (CWE)

CWE-306CWE-306

Affected Products (2)

cisco · mobility_services_enginevulnerable

cisco · policy_suite (up to 18.1.0)vulnerable

References (4)

http://www.securityfocus.com/bid/104850

Third Party AdvisoryVDB Entry

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-ps-osgi-unauth-access

Vendor Advisory

http://www.securityfocus.com/bid/104850

Third Party AdvisoryVDB Entry

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-ps-osgi-unauth-access

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs