Cisco IOS XE Lobby Ambassador Privilege Escalation Vulnerability

A vulnerability exists in the Lobby Ambassador web-based management API of Cisco IOS XE Software. It allows an authenticated, remote attacker to elevate privileges and access management APIs typically unavailable to Lobby Ambassador users. This issue arises because the API endpoint does not adequately validate received parameters. An attacker could exploit this by authenticating as a Lobby Ambassador user and sending a crafted HTTP request to an affected device. Successful exploitation could enable the attacker to create a new user with privilege level 1 access to the web-based management API, allowing access to the device with these new credentials and privileges.

Impact

Exploitation of this vulnerability could lead to unauthorized privilege escalation, allowing a user to access restricted management APIs and functionalities.

Remediation

Cisco has released software updates to address this vulnerability. For guidance on upgrading to a fixed software release, consult the Cisco IOS and IOS XE Software Security Advisory Bundled Publication or use the Cisco Software Checker tool to identify the earliest release that fixes this vulnerability.