Intrusion Prevention

Cisco.Smart.Licensing.Utility.Static.Credential.Security.Bypass

Description

This indicates an attack attempt to exploit a Security Bypass Vulnerability in Cisco Smart Licensing Utility (CSLU).
The vulnerability is due to an error in the vulnerable application when handling a maliciously crafted request. An attacker can exploit this to gain administrator privileges in the affected system.

Affected Products

Cisco Smart License Utility from 2.0.0 to 2.2.0

Impact

Security Bypass: Remote attackers can bypass security checks of vulnerable systems.

Recommended Actions

Refer to the vendor's web site for the suggested workaround:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cslu-7gHMzWmw

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date	Version	Status	Detail
2025-05-20	32.010	Modified	Default_action:pass:drop
2025-05-07	32.003	New

ID	57947
Created	May 06, 2025
Updated	May 19, 2025
CVE ID
Risk
Known Exploited	Yes
Exploit Prediction Score	86.31%
Default Action	drop
Active
Affected OS	Linux
Affected App	Cisco
Profile Type	Permission/Privilege/Access Control

Protect

Detect

Respond

Recover

Identify

Network Security

Cloud & Application Security

Endpoint Security

Security Operations

Intrusion Prevention

Cisco.Smart.Licensing.Utility.Static.Credential.Security.Bypass

Description

Affected Products

Impact

Recommended Actions

Coverage

Version Updates

Research Center

Services

Protect

Detect

Respond

Recover

Identify

Network Security

Cloud & Application Security

Endpoint Security

Security Operations

Threat Intelligence Center

Support Center

Resource Center

About

Intrusion Prevention

Cisco.Smart.Licensing.Utility.Static.Credential.Security.Bypass

Description

Affected Products

Impact

Recommended Actions

Coverage

Version Updates

Threat Intelligence
Center