A vulnerability in the authentication system of Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an unauthenticated, remote attacker to change the password of any user, including administrative users. This vulnerability is due to improper implementation of the password-change process. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow an attacker to access the web UI or API with the privileges of the compromised user.
The vulnerability results from improper implementation of the password change process in the SSM On-Prem system. An attacker can send properly crafted HTTP requests to the vulnerable device without any prior authentication. Successful exploitation of the vulnerability allows changing the password of a selected user, and then logging into the web interface or API with the privileges of the compromised account.
An attacker can gain full access to the SSM On-Prem web interface or API with privileges of any arbitrarily selected user, including administrative accounts, resulting in complete system takeover.
Apply patches available from the vendor in accordance with references published in Cisco Security Advisory (cisco-sa-cssm-auth-sLw3uhUy). Until updates are applied, it is recommended to restrict network access to the SSM On-Prem web interface and API only to trusted hosts.
Cisco Smart Software Manager On-Prem (SSM On-Prem) — specific versions indicated in vendor references
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HCisco Smart Software Manager On Prem
APPCisco< 8-202112
Related vulnerabilities
RCE z uprawnieniami root w Cisco Smart Software Manager On-Prem
A vulnerability in the High Availability (HA) service of Cisco Smart Software Manager On-Prem could allow an u...
A vulnerability in the application programming interface (API) of Cisco Smart Software Manager On-Prem could a...
A vulnerability in Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an authenticated, remote att...
A vulnerability in Cisco Smart Software Manager Satellite could allow an authenticated, local attacker to acce...