Cisco Catalyst Center Virtual Appliance Privilege Escalation Vulnerability

A privilege escalation vulnerability has been identified in Cisco Catalyst Center Virtual Appliance running on VMware ESXi. This vulnerability allows an authenticated, remote attacker to elevate privileges to Administrator. The issue arises from inadequate validation of user-supplied input, enabling attackers to exploit it by sending crafted HTTP requests. Successful exploitation could lead to unauthorized modifications on the system, such as creating new user accounts or elevating privileges for existing accounts. To exploit this vulnerability, an attacker must have valid credentials for a user account with at least the Observer role.

Impact

Exploitation of this vulnerability could allow an attacker to gain Administrator privileges on the affected system, enabling unauthorized modifications, including the creation of new user accounts or elevation of privileges for existing accounts.

Remediation

Users are advised to upgrade to Cisco Catalyst Center releases 2.3.7.10-VA or 3.1, as versions earlier than 2.3.7.3-VA are not vulnerable. Instructions for obtaining the fixed software are available on the Cisco Support and Downloads page.