Intrusion Prevention

Cisco.ASA.Admin.Config.File.Remote.Illegal.Access

Description

This indicates an attempt of an authenticated user without root privilege to access or to modify Admin configuration file in Cisco Product running Cisco ASA Software with web management access enabled.
Due to an design error, an authenticated user without root privilege could exploit this to gain access to admin configuration file or to modify the content of the admin configuration file to perform privilege actions in a vulnerable system.

Affected Products

Cisco Product running Cisco ASA Software with web management access enabled.

Impact

Information Disclosure: remote attackers can gain sensitive information from vulnerable systems.
Privilege Escalation: Remote attackers can leverage their privileges on vulnerable systems.

Recommended Actions

Apply the latest update from the vendor or refer to the vendor's web site for suggested workaround.
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181219-asa-privesc

CVE References

CVE-2018-15465