Intrusion PreventionCisco.Security.Manager.SecretService.Insecure.Deserialization
Description
This indicates an attack attempt to exploit an Input Validation Error Vulnerability in Cisco Systems Cisco Security Manager (CSM).
The vulnerability is due to insufficient validation of requests to SecretService.jsp. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted serialized object. Successful exploitation can result in arbitrary code execution as root.
Affected Products
Cisco Systems Cisco Security Manager (CSM) 4.22 and prior
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-csm-java-rce-mWJEedcD
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2021-01-27 | 17.006 | Sig Added |
| 2021-01-27 | 17.006 | Default_action:pass:drop |
| 2021-01-21 | 17.004 | Sig Added |
| 2020-12-29 | 16.987 | Sig Added |
| 2020-12-15 | 16.980 |
| ID | 49658 |
| Created | Dec 07, 2020 |
| Updated | Jul 14, 2021 |
| Risk |
|
| CVE ID | CVE-2020-27131 |
| Exploit Prediction Score | 93.24% |
| Default Action | drop |
| Active | |
| Affected OS | Windows |
| Affected App | Cisco |