-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Reference: CERT-EU Security Advisory 2013-0061 Title: Authenticated Command Injection Vulnerability in Multiple Cisco Content Network and Video Delivery Products Version history: 02.08.2013 Initial publication Summary ======= Multiple Cisco content network and video delivery products contain a vulnerability when they are configured to run in central management mode. This vulnerability could allow an authenticated but unprivileged, remote attacker to execute arbitrary code on the affected system and on the devices managed by the affected system. CVSS Base Score - 9.0 CVSS Temporal Score - 7.4 Affected Products and Versions: ============================== The following products running a vulnerable version of code are affected by this vulnerability: Cisco Wide Area Application Services (WAAS) Cisco WAAS Software configured as Central Manager (CM) and running on the following platforms: Cisco WAAS Appliances Cisco Virtual WAAS (vWAAS) Cisco WAAS Modules Cisco Application and Content Networking System (ACNS) Cisco ACNS Software configured as Content Distribution Manager (CDM) and running on the following platforms: Cisco Wide Application Engine (WAE) Cisco ACNS Network Modules Cisco Enterprise Content Delivery System (ECDS) Cisco ECDS Software configured as Content Delivery System Manager (CDSM) and running on the following platforms: Cisco Media Delivery Engine 50 WVB Cisco Media Delivery Engine 1100 Cisco Media Delivery Engine 3100 Cisco Internet Streamer Content Delivery System (CDS-IS) Cisco CDS-IS Software configured as Internet Streaming Content Delivery System Manager (CDSM) and running on the following platforms: Cisco Content Delivery Engine (CDE) Cisco Unified Computing System (UCS) Cisco VideoScape Delivery System for Internet Streamer (VDS-IS) Cisco VDS-IS Software configured as Internet Streaming Content Delivery System Manager (CDSM) and running on the following platforms: Cisco Content Delivery Engine (CDE) Cisco Unified Computing System (UCS) Cisco Videoscape Distribution Suite Service Broker (VDS-SB) Cisco VDS-SB Software configured as Videoscape Delivery Suite Service Manager (VDSM) and running on the following platform: Cisco Unified Computing System (UCS) Cisco Videoscape Distribution Suite Optimization Engine (VDS-OE) Cisco VDS-OE Software configured as Content Delivery Service Manager (VDSM) and running on the following platform: Cisco Unified Computing System (UCS) Cisco VideoScape Delivery System Origin Server (VDS-OS) Cisco VOS Software and configured as Virtual Origin System Manager (VOSM) and running on the following platform: Cisco Unified Computing System (UCS) Original details: ================ A vulnerability in the web framework could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of the affected system as well as on underlying operating system of the devices associated and managed by the affected system. The vulnerability is due to a failure to properly sanitize user input that is subsequently used to perform an action using the underlying command-line interface of the device. An authenticated but unprivileged attacker could exploit this vulnerability by logging in to the GUI of the affected system and appending arbitrary code to some of values passed to the system. Note: Only devices running in management mode are affected by this vulnerability. What can you do? ================ Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available [1][2]. What to tell your users? ======================== N/A More information ================ [1] http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130731-cm Best regards, CERT-EU (http://cert.europa.eu) Phone: +32.2.2990005 / e-mail: cert-eu@ec.europa.eu PGP KeyID 0x46AC4383 FP: 9011 6BE9 D642 DD93 8348 DAFA 27A4 06CA 46AC 4383 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQIcBAEBAgAGBQJR+34BAAoJEPpzpNLI8SVocp0P/RIuYdYJJ4sMw3ZRR8EMDrnF ordUsKLmcM9jvIBBbmV0YBPzhvw1Vu8B9OLIfke2ESZQyn2qVLVPI0J3mFTD/Eaa ZVUhy6cEOo485fGdHYNqKCHOp0YLa8U4LPN/R5713rQ6A3KPld9fp2zsUn6uqs91 n3ekdOEy4k6OsEjHyZ+satt92kykA+NcpB/VUxh7vnN3PnLdu2gQLjLOnKEw+FR4 YpX/WzTLa3M2QPssWCEk4xIQZLYwOWrK8my7GslX1LRKDhxrRXPvFjLxWJU45aGk nwO4RgWOJeMZNvVZUQF22GKhK5YDnxOpy5n1yT8etn1LcaULDkNYcHnfD1fkszMj CBbZY5Q8qbadB4/vz4dabAEmxvlDQjJrUXxVmGOtboWIlrULXSw3zAaJWGjhSguA rNUMfdTDg8d5gBKUnStEO0hB4vemdvug4luNQcTgjHQ/iV6ukcX44YptjzN7e7qD 1oyKGiBHiJPfZkeSRi1Wc/mrDFMnHr4p9gS484W3eI6rHghaDuawLjZoBZ7DIxOH ZxFdPOTbt3eQtdhqjQGptjVgO+ktUuGCp9iFOnfPHa6WdzpXZ4pGMpVo/3jp1za7 8COs/u5AutYsd1pH1O+KTHlSHhkR4eCtYtaSrALwCtxqQqhLoH/uFywXEyzKCVb7 TBq8dVPPydNDKm696CnY =G/b/ -----END PGP SIGNATURE-----