What is CVE-2018-15379?

CVE-2018-15379 is a vulnerability in Cisco Prime Infrastructure, classified under Permission Issues. Published 2018-10-05.

Is CVE-2018-15379 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Cisco Prime Infrastructure

CVE-2018-15379

A vulnerability in which the HTTP web server for Cisco Prime Infrastructure (PI) has unrestricted directory permissions could allow an unauthenticated, remote attacker to upload an arbitrary file. This file could allow the attacker to exec…

EPSS: 0.895 (99.6th percentile) — read the EPSS interpretation.

Affected products

Cisco Prime Infrastructure — versions n/a

Weakness classification (CWE)

CWE-275 — Permission Issues

Public proof-of-concept exploits

rapid7/metasploit-framework

References

45555 (exploit, x_refsource_EXPLOIT-DB)
20181003 Cisco Prime Infrastructure Arbitrary File Upload and Command Execution Vulnerability (x_refsource_CISCO, vendor-advisory)
105506 (vdb-entry, x_refsource_BID)
1041816 (vdb-entry, x_refsource_SECTRACK)

Frequently asked questions

What is CVE-2018-15379?: CVE-2018-15379 is a vulnerability in Cisco Prime Infrastructure, classified under Permission Issues. Published 2018-10-05.
Is CVE-2018-15379 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.