Application Details
Cisco Smart Software Manager On-Prem (SSM On-Prem) license server is a component of Cisco Smart Licensing. It works in conjunction with Cisco Smart Software Manager to intelligently manage customer product licenses, providing near-real-time visibility and reporting of Cisco licenses customers purchase and consume.
Vulnerability
Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow a remote attacker to gain elevated privileges on the system, caused by improper implementation of the password-change process
Identification
By sending specially crafted HTTP requests, an attacker could exploit this vulnerability to access the web UI or API and change the password of any user, including administrative users.
POST /backend/reset_password/generate_code
PAYLOAD -
{"uid": "admin"}
Detection
By turning this into a traffic file and matching rule, we are able to detect attempts to change the password of any user, including administrative users.
Coverage
Idappcom has created signature 8025220 along with a traffic file for this vulnerability.
References
Traffic IQ
If you are concerned that your business may be at risk of this vulnerability or others why not try out our Traffic IQ software which can scan your defences and report any issues. Learn more here: https://www.idappcom.co.uk/traffic-iq-professional
コメント