Cisco Common Service Platform Collector

Cisco Common Service Platform Collector - Hardcoded Credentials

思科公共服务平台收集器-硬编码凭证(CVE-2019-1723)

https://www.info-sec.ca/advisories/Cisco-Collector.html

概述

　　“思科公共服务平台收集器(CSPC)是一个基于snmp的工具，它可以从安装在您网络上的思科设备中发现和收集信息。CSPC软件提供了广泛的收集机制来收集客户设备数据的各个方面。由收集器收集的信息用于思科提供的多个服务，如Smart Net Total Care、合作伙伴支持服务和业务关键服务。这些数据用于提供库存报告、产品警报、配置最佳实践、技术服务覆盖率、生命周期信息以及许多其他详细信息。硬件和操作系统(OS)软件的报告和分析。”

(https://www.cisco.com/c/en/us/support/cloud-systems-management/common-services-platform-collector-cspc/products-installation-guides-list.html)

问题

　　思科公共服务平台收集器(版本2.7.2到2.7.4.5以及2.8的所有版本。包含硬编码凭证。

影响

　　能够通过SSH或控制台访问收集器的攻击者可以使用硬编码凭证获得系统上的shell并执行一系列攻击。

时间轴

2019年2月14日-通过psirt@cisco.com通知思科

2019年2月14日—思科给出了一个案例编号

2019年2月18日—思科证实了这一漏洞

2019年2月20日—思科提供了一个暂定的60天时间线

2019年2月21日—就提议的时间表提供了评论

2019年3月11日—思科公司表示，该问题已经得到解决

一份安全建议将于2019年3月13日发布

解决方案

升级到公共服务平台收集器2.7.4.6或更高版本

升级到公共服务平台收集器2.8.1.2或更高版本

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190313-cspcscv

--------------------

Cisco Common Service Platform Collector - Hardcoded Credentials (CVE-2019-1723)

https://www.info-sec.ca/advisories/Cisco-Collector.html

Overview

"The Cisco Common Service Platform Collector (CSPC) is an SNMP-based tool that discovers and collects information from the Cisco devices installed on your network. The CSPC software provides an extensive collection mechanism to gather various aspects of customer device data. Information gathered by the collector is used by several Cisco Service offers, such as Smart Net Total Care, Partner Support Service, and Business Critical Services. The data is used to provide inventory reports, product alerts, configuration best practices, technical service coverage, lifecycle information, and many other detailed. reports and analytics for both the hardware and operating system (OS) software."

 (https://www.cisco.com/c/en/us/support/cloud-systems-management/common-services-platform-collector-cspc/products-installation-guides-list.html)

Issue

The Cisco Common Service Platform Collector (version 2.7.2 through 2.7.4.5 and all releases of 2.8.x prior to 2.8.1.2) contains hardcoded credentials.

Impact

An attacker able to access the collector via SSH or console could use the hardcoded credentials to gain a shell on the system and perform a range of attacks.

Timeline

February 14, 2019 - Notified Cisco via psirt@cisco.com
February 14, 2019 - Cisco assigned a case number
February 18, 2019 - Cisco confirmed the vulnerability
February 20, 2019 - Cisco provided a tentative 60 day resolution timeline
February 21, 2019 - Provided comments on the proposed timeline
March 11, 2019 - Cisco advised that the issue has been resolved and
that a security advisory will be published on March 13, 2019

Solution

Upgrade to Common Service Platform Collector 2.7.4.6 or later
Upgrade to Common Service Platform Collector 2.8.1.2 or later

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190313-cspcscv