Home Unlabelled Cisco Policy Suite Graphite Unauthenticated Read-Only Access Vulnerability

Cisco Policy Suite Graphite Unauthenticated Read-Only Access Vulnerability

By
Wednesday, January 09, 2019
Read
Add Comment

A vulnerability in the Graphite web interface of the Policy and Charging Rules Function (PCRF) of Cisco Policy Suite (CPS) could allow an unauthenticated, remote attacker to access the Graphite web interface. The attacker would need to have access to the internal VLAN where CPS is deployed.

The vulnerability is due to lack of authentication. An attacker could exploit this vulnerability by directly connecting to the Graphite web interface. An exploit could allow the attacker to access various statistics and Key Performance Indicators (KPIs) regarding the Cisco Policy Suite environment.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-cps-graphite-access


Security Impact Rating: Medium
CVE: CVE-2018-15466

from Cisco Security Advisory http://bit.ly/2AEz0iE
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us