CVE-2018-15439: Cisco Small Business Switches Vulnerable

Cisco Small Business Switches are vulnerable to a remote attack where commands with admin privileges can be executed. The vulnerability is tracked under CVE-2018-15439, and it could allow an unauthenticated, remote attacker to bypass the user authentication mechanism of an affected device, and execute commands. As of now, the vulnerability hasn’t been fixed, but there is an available workaround.

CVE-2018-15439 Technical Overview

The very first question to ask is whether this vulnerability exists. It appears that, under “specific circumstances”, the affected software enables a privileged user accounts, and does so without alerting the administrator, Cisco explains in the official advisory.

In case of an exploit, the attacker can use the privileged account to log into affected devices and execute various commands with full administrative rights.

The next question to ask is what products are affected by CVE-2018-15439, and here is the list:

– Cisco Small Business 200 Series Smart Switches
– Cisco Small Business 300 Series Managed Switches
– Cisco Small Business 500 Series Stackable Managed Switches
– Cisco 250 Series Smart Switches
– Cisco 350 Series Managed Switches
– Cisco 350X Series Stackable Managed Switches
– Cisco 550X Series Stackable Managed Switches

CVE-2018-15439 : Workaround

The workaround for the vulnerability acquires adding at least one user account with access privilege set to level 15 in the device configuration, Cisco says.

So, you should know how to configure such an account, and here are the steps.

You should use admin as user ID, set the access privilege to level 15, and define the password by replacing with a complex password specifically created for the case. Please note that by adding this user account, the default privileged account will be disabled.

Switch# configure terminal
Switch(config)# username admin privilege 15 password

The command show running-config | include privilege 15 will now produce the following output:

Switch# show running-config | include privilege 15
username admin password encrypted privilege 15

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me: