Intrusion Prevention

Cisco.CiscoWorks.Privilege.Elevation

Description

This indicates an attacker tried to exploit a program bug in CiscoWorks to gain Administration privileges.
A bug in Cisco CiscoWorks allows the ?guest? user to change his/her account from guest to ?Admin? on the Modify and Delete Users web page.

Affected Products

CiscoWorks Common Management Foundation (CMF) 2.1 and earlier

Impact

Compromise of the affected system.

Recommended Actions

Apply appropriate patch from the vendor or upgrade to non-vulnerable version if available.

CVE References

CVE-2003-0732