Volerion logoVolerion
Volerion logoVolerion

Cisco Secure Network Analytics Privilege Escalation Vulnerability

Vulnerability

A vulnerability exists in the web-based management interface of Cisco Secure Network Analytics Manager and Cisco Secure Network Analytics Virtual Manager. It allows an authenticated, remote attacker with valid administrative credentials to execute arbitrary commands as root on the underlying operating system. This issue arises from insufficient input validation in certain fields of the management interface. An attacker could exploit this vulnerability by sending crafted input to an affected device, leading to unauthorized command execution with root privileges.

Impact

Exploitation of this vulnerability could result in unauthorized access and execution of commands with root privileges on the affected system.

Remediation

Cisco has released software updates to address this vulnerability. Users can upgrade to Cisco Secure Network Analytics releases 7.4.2, 7.5.0 (SMC ROLLUP20250408-01), 7.5.1 (SMC ROLLUP20250415-01), or 7.5.2 (SMC ROLLUP20250416-01).

Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm
spread
2.6
impact
10.0
exploitability
4.4
remediation
7.7
relevance
0.0
threat
0.0
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.