CVE-2018-15394, CVE-2018-15381: Cisco Stealthwatch Management Console & Cisco Unity Express Vulnerability

On November 7th, Cisco officially issued a security notice that it fixed two high-risk vulnerabilities in Cisco Stealthwatch Management Console and Cisco Unity Express. CVE-2018-15394, the vulnerability stems from a hidden danger in the system configuration, an unauthorized attacker can remotely bypass the verification process so that the code is executed as an administrator on the affected system. CVE-2018-15381, the vulnerability stems from the fact that the user-supplied content is deserialized without adequate filtering. An attacker could send a malicious java serialization object to the affected system RMI service to trigger the vulnerability, and execute any shell command with root privileges.

Cisco Stealthwatch Management Console Authentication Bypass Vulnerability

CVE-2018-15394

CVSS 3.0: 9.8

AV: N/AC: L/PR: N/UI: N/S: U/C: H/I: H/A: H/E: X/RL: X/RC: X

The vulnerability stems from a hidden danger in the system configuration. An unauthorized attacker can remotely bypass the verification process and execute the code as an administrator on the affected system.

Affected version

Cisco Stealthwatch Enterprise releases <= 6.10.2

Unaffected version

Cisco Stealthwatch Enterprise releases 6.10.3

Solution:

Cisco has released a new version to fix the above vulnerability, and affected users can log in here to update.

Cisco Unity Express Arbitrary Command Execution

CVE-2018-15381

CVSS 3.0: 9.8

AV: N/AC: L/PR: N/UI: N/S: U/C: H/I: H/A: H/E: X/RL: X/RC: X

The vulnerability stems from the fact that deserialization of user-provided content is not adequately filtered. An attacker could send a malicious java serialization object to the affected system RMI service to trigger the vulnerability, and execute any shell command with root privileges.

Affected version

Cisco Unity Express release < 9.0.6

Unaffected version

Cisco Unity Express release 9.0.6

Solution

Cisco has released a new version to fix the above vulnerability. Affected users can log in here to update.