Detections
Analytics
Cisco Security Manager MySQL Accessible Without Authentication (cisco-sa-20090121-csm)
medium Nessus Plugin ID 69303
Language:
Synopsis
The remote database server can be accessed without a password.Description
The version of Cisco Security Manager (CSM) running on the remote host is using a vulnerable version of Cisco IPS Event Viewer (IEV). IEV is included with CSM by default. When the IEV server is accessed remotely, it opens up TCP ports that allow access to the MySQL or IEV server without authentication. A remote, unauthenticated attacker could exploit this to gain root access to the IEV database and server.Note that the MySQL service uses SSL/TLS and is not directly accessible using the official MySQL client.
Solution
Upgrade to one of the non-vulnerable versions of Cisco Security Manager listed in Cisco Security Advisory cisco-sa-20090121-csm.See Also
https://www.cisco.com/c/en/us/support/docs/csa/cisco-sa-20090121-csm.html
Plugin Details
Severity: Medium
ID: 69303
File Name: cisco-sa-20090121-csm.nasl
Version: 1.7
Type: remote
Family: Databases
Published: 8/12/2013
Updated: 11/27/2019
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.2
CVSS v2
Risk Factor: Medium
Base Score: 6.8
Temporal Score: 5.3
Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P
Vulnerability Information
CPE: cpe:/a:cisco:security_manager
Excluded KB Items: global_settings/supplied_logins_only
Exploit Available: true
Exploit Ease: Exploits are available
Exploited by Nessus: true
Patch Publication Date: 1/21/2009
Vulnerability Publication Date: 1/21/2009
Reference Information
CVE: CVE-2008-3820
BID: 33381
CISCO-SA: cisco-sa-20090121-csm
CISCO-BUG-ID: CSCsv66897