Cisco has patched two serious vulnerabilities in Cisco Cloud Services Platform 2100, both of which could allow a remote attacker to execute arbitrary code on a targeted system.
Both vulnerabilities affect version 2.0 of the platform and there are no workarounds to address them, so administrators are advised to update to release 2.1.0 and later to plug the holes.
What’s the problem?
Cisco Cloud Services Platform 2100 is a popular Linux Kernel-based Virtual Machine software and hardware (appliance) platform for data center network functions virtualization.
The most critical (CVE-2016-6373) of the two plugged holes resides in the web-based GUI of the platform, and arose due to insufficient sanitization of user-supplied input.
“An attacker could exploit this vulnerability by authenticating to the affected system with administrative privileges and inserting arbitrary commands. An exploit could allow the attacker to execute arbitrary commands on the host operating system with the privileges of root,” Cisco explained.
The second one (CVE-2016-6374) is a remote command execution flaw in the platform’s web interface, and is also the result of insufficient sanitization – this time of specific values received as part of a user-supplied HTTP request.
The vulnerability can be exploited by an attacker sending a malicious DNS Lookup request to the vulnerable system.
Cisco’s Product Security Incident Response Team found no evidence that the flaws are being exploited in attacks in the wild, and no public exploits for them. Nevertheless, if you’re running a vulnerable CPS, you’d better update the software as soon as possible.