All the vulnerabilites related to cisco - encs_5400
cve-2019-1850
Vulnerability from cvelistv5
Published
2019-08-21 18:10
Modified
2024-11-20 17:12
Severity ?
EPSS score ?
Summary
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges on an affected device. An attacker would need to have valid administrator credentials on the device. The vulnerability is due to insufficient validation of user-supplied input by the affected software. An attacker with elevated privileges could exploit this vulnerability by sending crafted commands to the administrative web management interface of the affected software. A successful exploit could allow the attacker to inject and execute arbitrary, system-level commands with root privileges on an affected device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imc-cmdinj-1850 | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Unified Computing System E-Series Software (UCSE) |
Version: unspecified < 3.0(4k) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:28:42.888Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190821 Cisco Integrated Management Controller Command Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imc-cmdinj-1850"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1850",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-20T16:52:41.663083Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-20T17:12:38.937Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Unified Computing System E-Series Software (UCSE)",
"vendor": "Cisco",
"versions": [
{
"lessThan": "3.0(4k)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-08-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges on an affected device. An attacker would need to have valid administrator credentials on the device. The vulnerability is due to insufficient validation of user-supplied input by the affected software. An attacker with elevated privileges could exploit this vulnerability by sending crafted commands to the administrative web management interface of the affected software. A successful exploit could allow the attacker to inject and execute arbitrary, system-level commands with root privileges on an affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-21T18:10:12",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190821 Cisco Integrated Management Controller Command Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imc-cmdinj-1850"
}
],
"source": {
"advisory": "cisco-sa-20190821-imc-cmdinj-1850",
"defect": [
[
"CSCvn20998",
"CSCvq09455"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Integrated Management Controller Command Injection Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-08-21T16:00:00-0700",
"ID": "CVE-2019-1850",
"STATE": "PUBLIC",
"TITLE": "Cisco Integrated Management Controller Command Injection Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Unified Computing System E-Series Software (UCSE)",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "3.0(4k)"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges on an affected device. An attacker would need to have valid administrator credentials on the device. The vulnerability is due to insufficient validation of user-supplied input by the affected software. An attacker with elevated privileges could exploit this vulnerability by sending crafted commands to the administrative web management interface of the affected software. A successful exploit could allow the attacker to inject and execute arbitrary, system-level commands with root privileges on an affected device."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "7.2",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-78"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190821 Cisco Integrated Management Controller Command Injection Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imc-cmdinj-1850"
}
]
},
"source": {
"advisory": "cisco-sa-20190821-imc-cmdinj-1850",
"defect": [
[
"CSCvn20998",
"CSCvq09455"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1850",
"datePublished": "2019-08-21T18:10:12.499597Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-20T17:12:38.937Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1865
Vulnerability from cvelistv5
Published
2019-08-21 18:15
Modified
2024-11-20 17:12
Severity ?
EPSS score ?
Summary
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges on an affected device. The vulnerability is due to insufficient validation of user-supplied input by the affected software. An attacker could exploit this vulnerability by invoking an interface monitoring mechanism with a crafted argument on the affected software. A successful exploit could allow the attacker to inject and execute arbitrary, system-level commands with root privileges on an affected device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imc-cmdinj-1865 | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Unified Computing System E-Series Software (UCSE) |
Version: unspecified < 2.0(13o) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:28:42.892Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190821 Cisco Integrated Management Controller Command Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imc-cmdinj-1865"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1865",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-20T16:52:26.018979Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-20T17:12:05.135Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Unified Computing System E-Series Software (UCSE)",
"vendor": "Cisco",
"versions": [
{
"lessThan": "2.0(13o)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-08-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges on an affected device. The vulnerability is due to insufficient validation of user-supplied input by the affected software. An attacker could exploit this vulnerability by invoking an interface monitoring mechanism with a crafted argument on the affected software. A successful exploit could allow the attacker to inject and execute arbitrary, system-level commands with root privileges on an affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-21T18:15:18",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190821 Cisco Integrated Management Controller Command Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imc-cmdinj-1865"
}
],
"source": {
"advisory": "cisco-sa-20190821-imc-cmdinj-1865",
"defect": [
[
"CSCvn20993"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Integrated Management Controller Command Injection Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-08-21T16:00:00-0700",
"ID": "CVE-2019-1865",
"STATE": "PUBLIC",
"TITLE": "Cisco Integrated Management Controller Command Injection Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Unified Computing System E-Series Software (UCSE)",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "2.0(13o)"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges on an affected device. The vulnerability is due to insufficient validation of user-supplied input by the affected software. An attacker could exploit this vulnerability by invoking an interface monitoring mechanism with a crafted argument on the affected software. A successful exploit could allow the attacker to inject and execute arbitrary, system-level commands with root privileges on an affected device."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.8",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-78"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190821 Cisco Integrated Management Controller Command Injection Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imc-cmdinj-1865"
}
]
},
"source": {
"advisory": "cisco-sa-20190821-imc-cmdinj-1865",
"defect": [
[
"CSCvn20993"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1865",
"datePublished": "2019-08-21T18:15:18.639880Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-20T17:12:05.135Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1883
Vulnerability from cvelistv5
Published
2019-08-21 18:20
Modified
2024-11-20 17:11
Severity ?
EPSS score ?
Summary
A vulnerability in the command-line interface of Cisco Integrated Management Controller (IMC) could allow an authenticated, local attacker with read-only credentials to inject arbitrary commands that could allow them to obtain root privileges. The vulnerability is due to insufficient validation of user-supplied input on the command-line interface. An attacker could exploit this vulnerability by authenticating with read-only privileges via the CLI of an affected device and submitting crafted input to the affected commands. A successful exploit could allow an attacker to execute arbitrary commands on the device with root privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-cimc-cli-inject | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Unified Computing System E-Series Software (UCSE) |
Version: unspecified < 3.0(4k) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:35:50.734Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190821 Cisco Integrated Management Controller CLI Command Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-cimc-cli-inject"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1883",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-20T16:52:15.679102Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-20T17:11:30.718Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Unified Computing System E-Series Software (UCSE)",
"vendor": "Cisco",
"versions": [
{
"lessThan": "3.0(4k)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-08-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the command-line interface of Cisco Integrated Management Controller (IMC) could allow an authenticated, local attacker with read-only credentials to inject arbitrary commands that could allow them to obtain root privileges. The vulnerability is due to insufficient validation of user-supplied input on the command-line interface. An attacker could exploit this vulnerability by authenticating with read-only privileges via the CLI of an affected device and submitting crafted input to the affected commands. A successful exploit could allow an attacker to execute arbitrary commands on the device with root privileges."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-21T18:20:38",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190821 Cisco Integrated Management Controller CLI Command Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-cimc-cli-inject"
}
],
"source": {
"advisory": "cisco-sa-20190821-cimc-cli-inject",
"defect": [
[
"CSCvo35996"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Integrated Management Controller CLI Command Injection Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-08-21T16:00:00-0700",
"ID": "CVE-2019-1883",
"STATE": "PUBLIC",
"TITLE": "Cisco Integrated Management Controller CLI Command Injection Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Unified Computing System E-Series Software (UCSE)",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "3.0(4k)"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the command-line interface of Cisco Integrated Management Controller (IMC) could allow an authenticated, local attacker with read-only credentials to inject arbitrary commands that could allow them to obtain root privileges. The vulnerability is due to insufficient validation of user-supplied input on the command-line interface. An attacker could exploit this vulnerability by authenticating with read-only privileges via the CLI of an affected device and submitting crafted input to the affected commands. A successful exploit could allow an attacker to execute arbitrary commands on the device with root privileges."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "7.0",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-78"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190821 Cisco Integrated Management Controller CLI Command Injection Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-cimc-cli-inject"
}
]
},
"source": {
"advisory": "cisco-sa-20190821-cimc-cli-inject",
"defect": [
[
"CSCvo35996"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1883",
"datePublished": "2019-08-21T18:20:38.194916Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-20T17:11:30.718Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1871
Vulnerability from cvelistv5
Published
2019-08-21 18:15
Modified
2024-11-20 17:12
Severity ?
EPSS score ?
Summary
A vulnerability in the Import Cisco IMC configuration utility of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition and implement arbitrary commands with root privileges on an affected device. The vulnerability is due to improper bounds checking by the import-config process. An attacker could exploit this vulnerability by sending malicious packets to an affected device. When the packets are processed, an exploitable buffer overflow condition may occur. A successful exploit could allow the attacker to implement arbitrary code on the affected device with elevated privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imc-bo | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Unified Computing System (Management Software) |
Version: unspecified < 3.0(4k) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:28:42.971Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190821 Cisco Integrated Management Controller Buffer Overflow Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imc-bo"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1871",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-20T16:52:28.002599Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-20T17:12:13.465Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Unified Computing System (Management Software)",
"vendor": "Cisco",
"versions": [
{
"lessThan": "3.0(4k)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-08-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Import Cisco IMC configuration utility of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition and implement arbitrary commands with root privileges on an affected device. The vulnerability is due to improper bounds checking by the import-config process. An attacker could exploit this vulnerability by sending malicious packets to an affected device. When the packets are processed, an exploitable buffer overflow condition may occur. A successful exploit could allow the attacker to implement arbitrary code on the affected device with elevated privileges."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-21T18:15:13",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190821 Cisco Integrated Management Controller Buffer Overflow Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imc-bo"
}
],
"source": {
"advisory": "cisco-sa-20190821-imc-bo",
"defect": [
[
"CSCvo36122"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Integrated Management Controller Buffer Overflow Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-08-21T16:00:00-0700",
"ID": "CVE-2019-1871",
"STATE": "PUBLIC",
"TITLE": "Cisco Integrated Management Controller Buffer Overflow Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Unified Computing System (Management Software)",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "3.0(4k)"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Import Cisco IMC configuration utility of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition and implement arbitrary commands with root privileges on an affected device. The vulnerability is due to improper bounds checking by the import-config process. An attacker could exploit this vulnerability by sending malicious packets to an affected device. When the packets are processed, an exploitable buffer overflow condition may occur. A successful exploit could allow the attacker to implement arbitrary code on the affected device with elevated privileges."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "7.2",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190821 Cisco Integrated Management Controller Buffer Overflow Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imc-bo"
}
]
},
"source": {
"advisory": "cisco-sa-20190821-imc-bo",
"defect": [
[
"CSCvo36122"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1871",
"datePublished": "2019-08-21T18:15:13.566393Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-20T17:12:13.465Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-12646
Vulnerability from cvelistv5
Published
2019-09-25 20:00
Modified
2024-11-19 18:56
Severity ?
EPSS score ?
Summary
A vulnerability in the Network Address Translation (NAT) Session Initiation Protocol (SIP) Application Layer Gateway (ALG) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to improper processing of transient SIP packets on which NAT is performed on an affected device. An attacker could exploit this vulnerability by using UDP port 5060 to send crafted SIP packets through an affected device that is performing NAT for SIP packets. A successful exploit could allow an attacker to cause the device to reload, resulting in a denial of service (DoS) condition.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-sip-alg | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco IOS XE Software |
Version: unspecified < 3.2.11aSG |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:24:39.257Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190925 Cisco IOS XE Software NAT Session Initiation Protocol Application Layer Gateway Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-sip-alg"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-12646",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-19T17:23:07.211603Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-19T18:56:44.931Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IOS XE Software",
"vendor": "Cisco",
"versions": [
{
"lessThan": "3.2.11aSG",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-09-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Network Address Translation (NAT) Session Initiation Protocol (SIP) Application Layer Gateway (ALG) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to improper processing of transient SIP packets on which NAT is performed on an affected device. An attacker could exploit this vulnerability by using UDP port 5060 to send crafted SIP packets through an affected device that is performing NAT for SIP packets. A successful exploit could allow an attacker to cause the device to reload, resulting in a denial of service (DoS) condition."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-399",
"description": "CWE-399",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-25T20:00:16",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190925 Cisco IOS XE Software NAT Session Initiation Protocol Application Layer Gateway Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-sip-alg"
}
],
"source": {
"advisory": "cisco-sa-20190925-sip-alg",
"defect": [
[
"CSCvn65912"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IOS XE Software NAT Session Initiation Protocol Application Layer Gateway Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-09-25T16:00:00-0700",
"ID": "CVE-2019-12646",
"STATE": "PUBLIC",
"TITLE": "Cisco IOS XE Software NAT Session Initiation Protocol Application Layer Gateway Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IOS XE Software",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "3.2.11aSG"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Network Address Translation (NAT) Session Initiation Protocol (SIP) Application Layer Gateway (ALG) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to improper processing of transient SIP packets on which NAT is performed on an affected device. An attacker could exploit this vulnerability by using UDP port 5060 to send crafted SIP packets through an affected device that is performing NAT for SIP packets. A successful exploit could allow an attacker to cause the device to reload, resulting in a denial of service (DoS) condition."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.6",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-399"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190925 Cisco IOS XE Software NAT Session Initiation Protocol Application Layer Gateway Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-sip-alg"
}
]
},
"source": {
"advisory": "cisco-sa-20190925-sip-alg",
"defect": [
[
"CSCvn65912"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-12646",
"datePublished": "2019-09-25T20:00:16.150020Z",
"dateReserved": "2019-06-04T00:00:00",
"dateUpdated": "2024-11-19T18:56:44.931Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1863
Vulnerability from cvelistv5
Published
2019-08-21 18:15
Modified
2024-11-21 19:15
Severity ?
EPSS score ?
Summary
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an authenticated, remote attacker to make unauthorized changes to the system configuration. The vulnerability is due to insufficient authorization enforcement. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected software. A successful exploit could allow a user with read-only privileges to change critical system configurations using administrator privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imc-privilege | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Unified Computing System E-Series Software (UCSE) |
Version: unspecified < 2.0(13o) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:28:43.087Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190821 Cisco Integrated Management Controller Privilege Escalation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imc-privilege"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1863",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-21T18:57:15.263803Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T19:15:47.750Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Unified Computing System E-Series Software (UCSE)",
"vendor": "Cisco",
"versions": [
{
"lessThan": "2.0(13o)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-08-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an authenticated, remote attacker to make unauthorized changes to the system configuration. The vulnerability is due to insufficient authorization enforcement. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected software. A successful exploit could allow a user with read-only privileges to change critical system configurations using administrator privileges."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "CWE-285",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-21T18:15:28",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190821 Cisco Integrated Management Controller Privilege Escalation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imc-privilege"
}
],
"source": {
"advisory": "cisco-sa-20190821-imc-privilege",
"defect": [
[
"CSCvn21011"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Integrated Management Controller Privilege Escalation Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-08-21T16:00:00-0700",
"ID": "CVE-2019-1863",
"STATE": "PUBLIC",
"TITLE": "Cisco Integrated Management Controller Privilege Escalation Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Unified Computing System E-Series Software (UCSE)",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "2.0(13o)"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an authenticated, remote attacker to make unauthorized changes to the system configuration. The vulnerability is due to insufficient authorization enforcement. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected software. A successful exploit could allow a user with read-only privileges to change critical system configurations using administrator privileges."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.5",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-285"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190821 Cisco Integrated Management Controller Privilege Escalation Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imc-privilege"
}
]
},
"source": {
"advisory": "cisco-sa-20190821-imc-privilege",
"defect": [
[
"CSCvn21011"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1863",
"datePublished": "2019-08-21T18:15:28.776867Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-21T19:15:47.750Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1864
Vulnerability from cvelistv5
Published
2019-08-21 18:15
Modified
2024-11-20 17:11
Severity ?
EPSS score ?
Summary
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges on an affected device. The vulnerability is due to insufficient validation of command input by the affected software. An attacker could exploit this vulnerability by sending malicious commands to the web-based management interface of the affected software. A successful exploit could allow the attacker, with read-only privileges, to inject and execute arbitrary, system-level commands with root privileges on an affected device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imc-cmdinj-1864 | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Unified Computing System E-Series Software (UCSE) |
Version: unspecified < 2.0(13o) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:28:42.956Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190821 Cisco Integrated Management Controller Command Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imc-cmdinj-1864"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1864",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-20T16:52:23.399396Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-20T17:11:55.287Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Unified Computing System E-Series Software (UCSE)",
"vendor": "Cisco",
"versions": [
{
"lessThan": "2.0(13o)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-08-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges on an affected device. The vulnerability is due to insufficient validation of command input by the affected software. An attacker could exploit this vulnerability by sending malicious commands to the web-based management interface of the affected software. A successful exploit could allow the attacker, with read-only privileges, to inject and execute arbitrary, system-level commands with root privileges on an affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-21T18:15:23",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190821 Cisco Integrated Management Controller Command Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imc-cmdinj-1864"
}
],
"source": {
"advisory": "cisco-sa-20190821-imc-cmdinj-1864",
"defect": [
[
"CSCvn21003"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Integrated Management Controller Command Injection Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-08-21T16:00:00-0700",
"ID": "CVE-2019-1864",
"STATE": "PUBLIC",
"TITLE": "Cisco Integrated Management Controller Command Injection Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Unified Computing System E-Series Software (UCSE)",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "2.0(13o)"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges on an affected device. The vulnerability is due to insufficient validation of command input by the affected software. An attacker could exploit this vulnerability by sending malicious commands to the web-based management interface of the affected software. A successful exploit could allow the attacker, with read-only privileges, to inject and execute arbitrary, system-level commands with root privileges on an affected device."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.8",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-78"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190821 Cisco Integrated Management Controller Command Injection Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imc-cmdinj-1864"
}
]
},
"source": {
"advisory": "cisco-sa-20190821-imc-cmdinj-1864",
"defect": [
[
"CSCvn21003"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1864",
"datePublished": "2019-08-21T18:15:23.313073Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-20T17:11:55.287Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20228
Vulnerability from cvelistv5
Published
2023-08-16 20:59
Modified
2024-08-02 09:05
Severity ?
EPSS score ?
Summary
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.
This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the browser of the targeted user or access sensitive, browser-based information.
References
Impacted products
| Vendor | Product | Version | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Cisco | Cisco Identity Services Engine Software |
Version: N/A |
||||||||
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:05:35.864Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-sa-cimc-xss-UMYtYEtr",
"tags": [
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-xss-UMYtYEtr"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco Identity Services Engine Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"product": "Cisco Unified Computing System (Standalone)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.1(1d)"
},
{
"status": "affected",
"version": "3.1(2b)"
},
{
"status": "affected",
"version": "3.1(2c)"
},
{
"status": "affected",
"version": "3.1(2d)"
},
{
"status": "affected",
"version": "3.1(2e)"
},
{
"status": "affected",
"version": "3.1(2g)"
},
{
"status": "affected",
"version": "3.1(2i)"
},
{
"status": "affected",
"version": "3.1(3a)"
},
{
"status": "affected",
"version": "3.1(3b)"
},
{
"status": "affected",
"version": "3.1(3c)"
},
{
"status": "affected",
"version": "3.1(3d)"
},
{
"status": "affected",
"version": "3.1(3g)"
},
{
"status": "affected",
"version": "3.1(3h)"
},
{
"status": "affected",
"version": "3.1(3i)"
},
{
"status": "affected",
"version": "3.1(3j)"
},
{
"status": "affected",
"version": "3.1(3k)"
},
{
"status": "affected",
"version": "4.0(1.240)"
},
{
"status": "affected",
"version": "4.0(1a)"
},
{
"status": "affected",
"version": "4.0(1b)"
},
{
"status": "affected",
"version": "4.0(1c)"
},
{
"status": "affected",
"version": "4.0(1d)"
},
{
"status": "affected",
"version": "4.0(1e)"
},
{
"status": "affected",
"version": "4.0(1g)"
},
{
"status": "affected",
"version": "4.0(1h)"
},
{
"status": "affected",
"version": "4.0(2c)"
},
{
"status": "affected",
"version": "4.0(2d)"
},
{
"status": "affected",
"version": "4.0(2f)"
},
{
"status": "affected",
"version": "4.0(2g)"
},
{
"status": "affected",
"version": "4.0(2h)"
},
{
"status": "affected",
"version": "4.0(2i)"
},
{
"status": "affected",
"version": "4.0(2l)"
},
{
"status": "affected",
"version": "4.0(2n)"
},
{
"status": "affected",
"version": "4.0(4b)"
},
{
"status": "affected",
"version": "4.0(4c)"
},
{
"status": "affected",
"version": "4.0(4d)"
},
{
"status": "affected",
"version": "4.0(4e)"
},
{
"status": "affected",
"version": "4.0(4f)"
},
{
"status": "affected",
"version": "4.0(4h)"
},
{
"status": "affected",
"version": "4.0(4i)"
},
{
"status": "affected",
"version": "4.0(4k)"
},
{
"status": "affected",
"version": "4.0(4l)"
},
{
"status": "affected",
"version": "4.0(4m)"
},
{
"status": "affected",
"version": "4.0(2o)"
},
{
"status": "affected",
"version": "4.0(2p)"
},
{
"status": "affected",
"version": "4.0(4n)"
},
{
"status": "affected",
"version": "4.0(2q)"
},
{
"status": "affected",
"version": "4.0(2r)"
},
{
"status": "affected",
"version": "4.1(1c)"
},
{
"status": "affected",
"version": "4.1(1d)"
},
{
"status": "affected",
"version": "4.1(1f)"
},
{
"status": "affected",
"version": "4.1(1g)"
},
{
"status": "affected",
"version": "4.1(2a)"
},
{
"status": "affected",
"version": "4.1(1h)"
},
{
"status": "affected",
"version": "4.1(2b)"
},
{
"status": "affected",
"version": "4.1(2f)"
},
{
"status": "affected",
"version": "4.1(2e)"
},
{
"status": "affected",
"version": "4.1(3b)"
},
{
"status": "affected",
"version": "4.1(2d)"
},
{
"status": "affected",
"version": "4.1(3c)"
},
{
"status": "affected",
"version": "4.1(3d)"
},
{
"status": "affected",
"version": "4.1(2g)"
},
{
"status": "affected",
"version": "4.1(3f)"
},
{
"status": "affected",
"version": "4.1(2h)"
},
{
"status": "affected",
"version": "4.1(2j)"
},
{
"status": "affected",
"version": "4.1(2k)"
},
{
"status": "affected",
"version": "4.1(2l)"
},
{
"status": "affected",
"version": "4.1(3h)"
},
{
"status": "affected",
"version": "4.1(3i)"
},
{
"status": "affected",
"version": "4.1(3l)"
},
{
"status": "affected",
"version": "4.2(1a)"
},
{
"status": "affected",
"version": "4.2(1b)"
},
{
"status": "affected",
"version": "4.2(1c)"
},
{
"status": "affected",
"version": "4.2(1e)"
},
{
"status": "affected",
"version": "4.2(1f)"
},
{
"status": "affected",
"version": "4.2(1g)"
},
{
"status": "affected",
"version": "4.2(1i)"
},
{
"status": "affected",
"version": "4.2(1j)"
},
{
"status": "affected",
"version": "4.2(2a)"
},
{
"status": "affected",
"version": "4.2(2f)"
},
{
"status": "affected",
"version": "4.2(2g)"
},
{
"status": "affected",
"version": "4.2(3b)"
},
{
"status": "affected",
"version": "4.2(3d)"
},
{
"status": "affected",
"version": "4.2(3e)"
},
{
"status": "affected",
"version": "4.3(1.230097)"
},
{
"status": "affected",
"version": "4.3(1.230124)"
},
{
"status": "affected",
"version": "4.3(1.230138)"
}
]
},
{
"product": "Cisco Unified Computing System E-Series Software (UCSE)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "2.1.0"
},
{
"status": "affected",
"version": "2.4.0"
},
{
"status": "affected",
"version": "2.4.1"
},
{
"status": "affected",
"version": "2.4.2"
},
{
"status": "affected",
"version": "3.2.1"
},
{
"status": "affected",
"version": "3.2.2"
},
{
"status": "affected",
"version": "3.2.3"
},
{
"status": "affected",
"version": "3.2.4"
},
{
"status": "affected",
"version": "3.2.6"
},
{
"status": "affected",
"version": "3.2.7"
},
{
"status": "affected",
"version": "3.2.10"
},
{
"status": "affected",
"version": "3.2.11.1"
},
{
"status": "affected",
"version": "3.2.8"
},
{
"status": "affected",
"version": "3.2.11.3"
},
{
"status": "affected",
"version": "3.2.11.5"
},
{
"status": "affected",
"version": "3.2.12.2"
},
{
"status": "affected",
"version": "3.2.13.6"
},
{
"status": "affected",
"version": "3.2.14"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.2"
},
{
"status": "affected",
"version": "3.1.3"
},
{
"status": "affected",
"version": "3.1.4"
},
{
"status": "affected",
"version": "3.1.5"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.0.1"
},
{
"status": "affected",
"version": "3.0.2"
},
{
"status": "affected",
"version": "2.3.1"
},
{
"status": "affected",
"version": "2.3.2"
},
{
"status": "affected",
"version": "2.3.3"
},
{
"status": "affected",
"version": "2.3.5"
},
{
"status": "affected",
"version": "2.2.1"
},
{
"status": "affected",
"version": "2.2.2"
},
{
"status": "affected",
"version": "2.0.0"
},
{
"status": "affected",
"version": "2.10"
},
{
"status": "affected",
"version": "3.06"
},
{
"status": "affected",
"version": "3.02"
},
{
"status": "affected",
"version": "4.11.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.\r\n\r This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the browser of the targeted user or access sensitive, browser-based information."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-80",
"description": "Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-25T16:58:25.643Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-cimc-xss-UMYtYEtr",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-xss-UMYtYEtr"
}
],
"source": {
"advisory": "cisco-sa-cimc-xss-UMYtYEtr",
"defects": [
"CSCwe96259",
"CSCwf98681",
"CSCwh65092"
],
"discovery": "EXTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2023-20228",
"datePublished": "2023-08-16T20:59:07.910Z",
"dateReserved": "2022-10-27T18:47:50.369Z",
"dateUpdated": "2024-08-02T09:05:35.864Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1649
Vulnerability from cvelistv5
Published
2019-05-13 19:10
Modified
2024-11-20 17:23
Severity ?
EPSS score ?
Summary
A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. This vulnerability affects multiple Cisco products that support hardware-based Secure Boot functionality. The vulnerability is due to an improper check on the area of code that manages on-premise updates to a Field Programmable Gate Array (FPGA) part of the Secure Boot hardware implementation. An attacker with elevated privileges and access to the underlying operating system that is running on the affected device could exploit this vulnerability by writing a modified firmware image to the FPGA. A successful exploit could either cause the device to become unusable (and require a hardware replacement) or allow tampering with the Secure Boot verification process, which under some circumstances may allow the attacker to install and boot a malicious software image. An attacker will need to fulfill all the following conditions to attempt to exploit this vulnerability: Have privileged administrative access to the device. Be able to access the underlying operating system running on the device; this can be achieved either by using a supported, documented mechanism or by exploiting another vulnerability that would provide an attacker with such access. Develop or have access to a platform-specific exploit. An attacker attempting to exploit this vulnerability across multiple affected platforms would need to research each one of those platforms and then develop a platform-specific exploit. Although the research process could be reused across different platforms, an exploit developed for a given hardware platform is unlikely to work on a different hardware platform.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190513-secureboot | vendor-advisory, x_refsource_CISCO | |
| https://www.kb.cert.org/vuls/id/400865 | third-party-advisory, x_refsource_CERT-VN | |
| http://www.securityfocus.com/bid/108350 | vdb-entry, x_refsource_BID | |
| https://www.us-cert.gov/ics/advisories/icsa-20-072-03 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Routers |
Version: unspecified < 16.12.1 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:20:28.350Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190513 Cisco Secure Boot Hardware Tampering Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190513-secureboot"
},
{
"name": "VU#400865",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/400865"
},
{
"name": "108350",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/108350"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-072-03"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1649",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-20T16:55:08.575056Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-20T17:23:01.830Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Routers",
"vendor": "Cisco",
"versions": [
{
"lessThan": "16.12.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-05-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the logic that handles access control to one of the hardware components in Cisco\u0027s proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. This vulnerability affects multiple Cisco products that support hardware-based Secure Boot functionality. The vulnerability is due to an improper check on the area of code that manages on-premise updates to a Field Programmable Gate Array (FPGA) part of the Secure Boot hardware implementation. An attacker with elevated privileges and access to the underlying operating system that is running on the affected device could exploit this vulnerability by writing a modified firmware image to the FPGA. A successful exploit could either cause the device to become unusable (and require a hardware replacement) or allow tampering with the Secure Boot verification process, which under some circumstances may allow the attacker to install and boot a malicious software image. An attacker will need to fulfill all the following conditions to attempt to exploit this vulnerability: Have privileged administrative access to the device. Be able to access the underlying operating system running on the device; this can be achieved either by using a supported, documented mechanism or by exploiting another vulnerability that would provide an attacker with such access. Develop or have access to a platform-specific exploit. An attacker attempting to exploit this vulnerability across multiple affected platforms would need to research each one of those platforms and then develop a platform-specific exploit. Although the research process could be reused across different platforms, an exploit developed for a given hardware platform is unlikely to work on a different hardware platform."
}
],
"exploits": [
{
"lang": "en",
"value": "This vulnerability was publicly disclosed by Red Balloon Security on May 13, 2019."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T02:22:29",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190513 Cisco Secure Boot Hardware Tampering Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190513-secureboot"
},
{
"name": "VU#400865",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/400865"
},
{
"name": "108350",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/108350"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-072-03"
}
],
"source": {
"advisory": "cisco-sa-20190513-secureboot",
"defect": [
[
"CSCvn77141",
"CSCvn77142",
"CSCvn77143",
"CSCvn77147",
"CSCvn77150",
"CSCvn77151",
"CSCvn77152",
"CSCvn77153",
"CSCvn77154",
"CSCvn77155",
"CSCvn77156",
"CSCvn77158",
"CSCvn77159",
"CSCvn77160",
"CSCvn77162",
"CSCvn77166",
"CSCvn77167",
"CSCvn77168",
"CSCvn77169",
"CSCvn77170",
"CSCvn77171",
"CSCvn77172",
"CSCvn77175",
"CSCvn77178",
"CSCvn77180",
"CSCvn77181",
"CSCvn77182",
"CSCvn77183",
"CSCvn77184",
"CSCvn77185",
"CSCvn77191",
"CSCvn77201",
"CSCvn77202",
"CSCvn77205",
"CSCvn77207",
"CSCvn77209",
"CSCvn77212",
"CSCvn77219",
"CSCvn77220",
"CSCvn77222",
"CSCvn77245",
"CSCvn77246",
"CSCvn77248",
"CSCvn77249",
"CSCvn89137",
"CSCvn89138",
"CSCvn89140",
"CSCvn89143",
"CSCvn89144",
"CSCvn89145",
"CSCvn89146",
"CSCvn89150",
"CSCvp42792"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Secure Boot Hardware Tampering Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-05-13T17:30:00-0700",
"ID": "CVE-2019-1649",
"STATE": "PUBLIC",
"TITLE": "Cisco Secure Boot Hardware Tampering Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Routers",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "16.12.1"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the logic that handles access control to one of the hardware components in Cisco\u0027s proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. This vulnerability affects multiple Cisco products that support hardware-based Secure Boot functionality. The vulnerability is due to an improper check on the area of code that manages on-premise updates to a Field Programmable Gate Array (FPGA) part of the Secure Boot hardware implementation. An attacker with elevated privileges and access to the underlying operating system that is running on the affected device could exploit this vulnerability by writing a modified firmware image to the FPGA. A successful exploit could either cause the device to become unusable (and require a hardware replacement) or allow tampering with the Secure Boot verification process, which under some circumstances may allow the attacker to install and boot a malicious software image. An attacker will need to fulfill all the following conditions to attempt to exploit this vulnerability: Have privileged administrative access to the device. Be able to access the underlying operating system running on the device; this can be achieved either by using a supported, documented mechanism or by exploiting another vulnerability that would provide an attacker with such access. Develop or have access to a platform-specific exploit. An attacker attempting to exploit this vulnerability across multiple affected platforms would need to research each one of those platforms and then develop a platform-specific exploit. Although the research process could be reused across different platforms, an exploit developed for a given hardware platform is unlikely to work on a different hardware platform."
}
]
},
"exploit": [
{
"lang": "en",
"value": "This vulnerability was publicly disclosed by Red Balloon Security on May 13, 2019."
}
],
"impact": {
"cvss": {
"baseScore": "6.7",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190513 Cisco Secure Boot Hardware Tampering Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190513-secureboot"
},
{
"name": "VU#400865",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/400865"
},
{
"name": "108350",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/108350"
},
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-20-072-03",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-072-03"
}
]
},
"source": {
"advisory": "cisco-sa-20190513-secureboot",
"defect": [
[
"CSCvn77141",
"CSCvn77142",
"CSCvn77143",
"CSCvn77147",
"CSCvn77150",
"CSCvn77151",
"CSCvn77152",
"CSCvn77153",
"CSCvn77154",
"CSCvn77155",
"CSCvn77156",
"CSCvn77158",
"CSCvn77159",
"CSCvn77160",
"CSCvn77162",
"CSCvn77166",
"CSCvn77167",
"CSCvn77168",
"CSCvn77169",
"CSCvn77170",
"CSCvn77171",
"CSCvn77172",
"CSCvn77175",
"CSCvn77178",
"CSCvn77180",
"CSCvn77181",
"CSCvn77182",
"CSCvn77183",
"CSCvn77184",
"CSCvn77185",
"CSCvn77191",
"CSCvn77201",
"CSCvn77202",
"CSCvn77205",
"CSCvn77207",
"CSCvn77209",
"CSCvn77212",
"CSCvn77219",
"CSCvn77220",
"CSCvn77222",
"CSCvn77245",
"CSCvn77246",
"CSCvn77248",
"CSCvn77249",
"CSCvn89137",
"CSCvn89138",
"CSCvn89140",
"CSCvn89143",
"CSCvn89144",
"CSCvn89145",
"CSCvn89146",
"CSCvn89150",
"CSCvp42792"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1649",
"datePublished": "2019-05-13T19:10:14.147871Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-20T17:23:01.830Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1896
Vulnerability from cvelistv5
Published
2019-08-21 18:20
Modified
2024-11-20 17:11
Severity ?
EPSS score ?
Summary
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to inject arbitrary commands and obtain root privileges. The vulnerability is due to insufficient validation of user-supplied input in the Certificate Signing Request (CSR) function of the web-based management interface. An attacker could exploit this vulnerability by submitting a crafted CSR in the web-based management interface. A successful exploit could allow an attacker with administrator privileges to execute arbitrary commands on the device with full root privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imc-cmdinject-1896 | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Unified Computing System E-Series Software (UCSE) |
Version: unspecified < 3.0(4k) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:35:51.570Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190821 Cisco Integrated Management Controller CSR Generation Command Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imc-cmdinject-1896"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1896",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-20T16:52:21.918460Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-20T17:11:47.410Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Unified Computing System E-Series Software (UCSE)",
"vendor": "Cisco",
"versions": [
{
"lessThan": "3.0(4k)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-08-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to inject arbitrary commands and obtain root privileges. The vulnerability is due to insufficient validation of user-supplied input in the Certificate Signing Request (CSR) function of the web-based management interface. An attacker could exploit this vulnerability by submitting a crafted CSR in the web-based management interface. A successful exploit could allow an attacker with administrator privileges to execute arbitrary commands on the device with full root privileges."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-21T18:20:28",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190821 Cisco Integrated Management Controller CSR Generation Command Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imc-cmdinject-1896"
}
],
"source": {
"advisory": "cisco-sa-20190821-imc-cmdinject-1896",
"defect": [
[
"CSCvo36057"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Integrated Management Controller CSR Generation Command Injection Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-08-21T16:00:00-0700",
"ID": "CVE-2019-1896",
"STATE": "PUBLIC",
"TITLE": "Cisco Integrated Management Controller CSR Generation Command Injection Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Unified Computing System E-Series Software (UCSE)",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "3.0(4k)"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to inject arbitrary commands and obtain root privileges. The vulnerability is due to insufficient validation of user-supplied input in the Certificate Signing Request (CSR) function of the web-based management interface. An attacker could exploit this vulnerability by submitting a crafted CSR in the web-based management interface. A successful exploit could allow an attacker with administrator privileges to execute arbitrary commands on the device with full root privileges."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "7.2",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-78"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190821 Cisco Integrated Management Controller CSR Generation Command Injection Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imc-cmdinject-1896"
}
]
},
"source": {
"advisory": "cisco-sa-20190821-imc-cmdinject-1896",
"defect": [
[
"CSCvo36057"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1896",
"datePublished": "2019-08-21T18:20:28.706884Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-20T17:11:47.410Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-1397
Vulnerability from cvelistv5
Published
2021-05-06 12:42
Modified
2024-11-08 23:17
Severity ?
EPSS score ?
Summary
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of the parameters in an HTTP request. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to redirect a user to a malicious website. This vulnerability is known as an open redirect attack, which is used in phishing attacks to get users to visit malicious sites without their knowledge.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-imc-openred-zAYrU6d2 | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Unified Computing System (Standalone) |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:11:16.928Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210505 Cisco Integrated Management Controller Open Redirect Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-imc-openred-zAYrU6d2"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1397",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T20:43:58.144792Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T23:17:54.152Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Unified Computing System (Standalone)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of the parameters in an HTTP request. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to redirect a user to a malicious website. This vulnerability is known as an open redirect attack, which is used in phishing attacks to get users to visit malicious sites without their knowledge."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "CWE-601",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-06T12:42:43",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210505 Cisco Integrated Management Controller Open Redirect Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-imc-openred-zAYrU6d2"
}
],
"source": {
"advisory": "cisco-sa-imc-openred-zAYrU6d2",
"defect": [
[
"CSCvv79920",
"CSCvx48060"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Integrated Management Controller Open Redirect Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-05-05T16:00:00",
"ID": "CVE-2021-1397",
"STATE": "PUBLIC",
"TITLE": "Cisco Integrated Management Controller Open Redirect Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Unified Computing System (Standalone)",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of the parameters in an HTTP request. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to redirect a user to a malicious website. This vulnerability is known as an open redirect attack, which is used in phishing attacks to get users to visit malicious sites without their knowledge."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "4.7",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-601"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210505 Cisco Integrated Management Controller Open Redirect Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-imc-openred-zAYrU6d2"
}
]
},
"source": {
"advisory": "cisco-sa-imc-openred-zAYrU6d2",
"defect": [
[
"CSCvv79920",
"CSCvx48060"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1397",
"datePublished": "2021-05-06T12:42:43.586166Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-08T23:17:54.152Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1634
Vulnerability from cvelistv5
Published
2019-08-21 18:10
Modified
2024-11-20 17:12
Severity ?
EPSS score ?
Summary
A vulnerability in the Intelligent Platform Management Interface (IPMI) of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges on the underlying operating system (OS). The vulnerability is due to insufficient input validation of user-supplied commands. An attacker who has administrator privileges and access to the network where the IPMI resides could exploit this vulnerability by submitting crafted input to the affected commands. A successful exploit could allow the attacker to gain root privileges on the affected device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imc-cmdinject-1634 | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Unified Computing System E-Series Software (UCSE) |
Version: unspecified < 2.0(13o) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:20:28.540Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190821 Cisco Integrated Management Controller Command Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imc-cmdinject-1634"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1634",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-20T16:52:32.268721Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-20T17:12:22.326Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Unified Computing System E-Series Software (UCSE)",
"vendor": "Cisco",
"versions": [
{
"lessThan": "2.0(13o)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-08-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Intelligent Platform Management Interface (IPMI) of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges on the underlying operating system (OS). The vulnerability is due to insufficient input validation of user-supplied commands. An attacker who has administrator privileges and access to the network where the IPMI resides could exploit this vulnerability by submitting crafted input to the affected commands. A successful exploit could allow the attacker to gain root privileges on the affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-21T18:10:22",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190821 Cisco Integrated Management Controller Command Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imc-cmdinject-1634"
}
],
"source": {
"advisory": "cisco-sa-20190821-imc-cmdinject-1634",
"defect": [
[
"CSCvo35971"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Integrated Management Controller Command Injection Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-08-21T16:00:00-0700",
"ID": "CVE-2019-1634",
"STATE": "PUBLIC",
"TITLE": "Cisco Integrated Management Controller Command Injection Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Unified Computing System E-Series Software (UCSE)",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "2.0(13o)"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Intelligent Platform Management Interface (IPMI) of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges on the underlying operating system (OS). The vulnerability is due to insufficient input validation of user-supplied commands. An attacker who has administrator privileges and access to the network where the IPMI resides could exploit this vulnerability by submitting crafted input to the affected commands. A successful exploit could allow the attacker to gain root privileges on the affected device."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "7.2",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-78"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190821 Cisco Integrated Management Controller Command Injection Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imc-cmdinject-1634"
}
]
},
"source": {
"advisory": "cisco-sa-20190821-imc-cmdinject-1634",
"defect": [
[
"CSCvo35971"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1634",
"datePublished": "2019-08-21T18:10:22.475514Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-20T17:12:22.326Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2019-08-21 19:15
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an authenticated, remote attacker to make unauthorized changes to the system configuration. The vulnerability is due to insufficient authorization enforcement. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected software. A successful exploit could allow a user with read-only privileges to change critical system configurations using administrator privileges.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_computing_system:4.0\\(1c\\)hs3:*:*:*:*:*:*:*",
"matchCriteriaId": "39F8601E-730B-489B-AD2A-FD10FAF28595",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD570463-F539-47E7-B455-9376BD3EE99D",
"versionEndExcluding": "1.5\\(9g\\)",
"versionStartIncluding": "1.5.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "416F7C96-3EF0-4B6D-B414-3FC0D0848144",
"versionEndExcluding": "2.0\\(13o\\)",
"versionStartIncluding": "2.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0056011A-04F0-4185-8EE7-B1B30CAAA863",
"versionEndExcluding": "3.0\\(4k\\)",
"versionStartIncluding": "3.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "59EE9E78-D09E-4069-BC84-ED42E3EE76F1",
"versionEndExcluding": "4.0\\(4b\\)",
"versionStartIncluding": "4.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:encs_5100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "678F3A32-372A-441E-8115-95181FBAF628",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:encs_5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "01AE8153-6C23-46AB-BEAA-A6F27FDFEED7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e1120d-m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DF77273F-73C0-40EB-BB4E-75269D46F074",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e140s-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "757958F5-F58C-4128-B128-D989A56ACA34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e160d-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F62D6B73-1AB7-4B93-A92E-275E78DF114C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e160s-m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0E6AAD9-824C-4126-8347-2FF1895E6D33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e168d-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BD31E5A-518C-482F-A926-383ADCC7015E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e180d-m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "155D990F-C7DA-48DD-92CC-18542DBBE572",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_c125_m5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADD4A429-F168-460B-A964-8F1BD94C6387",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_c4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD25964B-08B7-477E-A507-5FE5EE7CD286",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_s3260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDC8A69-0914-44C1-8AEA-262E0A285C81",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1D094D51-8F25-430F-99C4-1A734CAA63E4",
"versionEndExcluding": "4.0\\(1d\\)",
"versionStartIncluding": "4.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:encs_5100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "678F3A32-372A-441E-8115-95181FBAF628",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:encs_5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "01AE8153-6C23-46AB-BEAA-A6F27FDFEED7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e1120d-m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DF77273F-73C0-40EB-BB4E-75269D46F074",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e140s-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "757958F5-F58C-4128-B128-D989A56ACA34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e160d-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F62D6B73-1AB7-4B93-A92E-275E78DF114C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e160s-m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0E6AAD9-824C-4126-8347-2FF1895E6D33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e168d-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BD31E5A-518C-482F-A926-383ADCC7015E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e180d-m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "155D990F-C7DA-48DD-92CC-18542DBBE572",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_c125_m5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADD4A429-F168-460B-A964-8F1BD94C6387",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_c4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD25964B-08B7-477E-A507-5FE5EE7CD286",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_s3260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDC8A69-0914-44C1-8AEA-262E0A285C81",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B9AB71C7-E751-4390-84B0-D88794FE2E5A",
"versionEndExcluding": "4.0\\(2c\\)",
"versionStartIncluding": "4.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:encs_5100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "678F3A32-372A-441E-8115-95181FBAF628",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:encs_5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "01AE8153-6C23-46AB-BEAA-A6F27FDFEED7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e1120d-m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DF77273F-73C0-40EB-BB4E-75269D46F074",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e140s-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "757958F5-F58C-4128-B128-D989A56ACA34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e160d-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F62D6B73-1AB7-4B93-A92E-275E78DF114C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e160s-m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0E6AAD9-824C-4126-8347-2FF1895E6D33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e168d-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BD31E5A-518C-482F-A926-383ADCC7015E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e180d-m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "155D990F-C7DA-48DD-92CC-18542DBBE572",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_c125_m5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADD4A429-F168-460B-A964-8F1BD94C6387",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_c4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD25964B-08B7-477E-A507-5FE5EE7CD286",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_s3260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDC8A69-0914-44C1-8AEA-262E0A285C81",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an authenticated, remote attacker to make unauthorized changes to the system configuration. The vulnerability is due to insufficient authorization enforcement. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected software. A successful exploit could allow a user with read-only privileges to change critical system configurations using administrator privileges."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en la web del software Cisco Integrated Management Controller (IMC) podr\u00eda permitir que un atacante remoto autenticado realice cambios no autorizados en la configuraci\u00f3n del sistema. La vulnerabilidad se debe a la insuficiente aplicaci\u00f3n de la autorizaci\u00f3n. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una solicitud HTTP dise\u00f1ada al software afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir a un usuario con privilegios de solo lectura cambiar configuraciones cr\u00edticas del sistema utilizando privilegios de administrador."
}
],
"id": "CVE-2019-1863",
"lastModified": "2024-11-21T04:37:33.743",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-08-21T19:15:14.277",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imc-privilege"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imc-privilege"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-285"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-08-21 19:15
Modified
2024-11-21 04:37
Severity ?
7.2 (High) - CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges on an affected device. An attacker would need to have valid administrator credentials on the device. The vulnerability is due to insufficient validation of user-supplied input by the affected software. An attacker with elevated privileges could exploit this vulnerability by sending crafted commands to the administrative web management interface of the affected software. A successful exploit could allow the attacker to inject and execute arbitrary, system-level commands with root privileges on an affected device.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | unified_computing_system | 4.0\(1c\)hs3 | |
| cisco | integrated_management_controller_supervisor | * | |
| cisco | integrated_management_controller_supervisor | * | |
| cisco | encs_5100 | - | |
| cisco | encs_5400 | - | |
| cisco | ucs-e1120d-m3 | - | |
| cisco | ucs-e140s-m2 | - | |
| cisco | ucs-e160d-m2 | - | |
| cisco | ucs-e160s-m3 | - | |
| cisco | ucs-e168d-m2 | - | |
| cisco | ucs-e180d-m3 | - | |
| cisco | ucs_c125_m5 | - | |
| cisco | ucs_c4200 | - | |
| cisco | ucs_s3260 | - | |
| cisco | integrated_management_controller_supervisor | * | |
| cisco | encs_5100 | - | |
| cisco | encs_5400 | - | |
| cisco | ucs-e1120d-m3 | - | |
| cisco | ucs-e140s-m2 | - | |
| cisco | ucs-e160d-m2 | - | |
| cisco | ucs-e160s-m3 | - | |
| cisco | ucs-e168d-m2 | - | |
| cisco | ucs-e180d-m3 | - | |
| cisco | ucs_c125_m5 | - | |
| cisco | ucs_c4200 | - | |
| cisco | ucs_s3260 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_computing_system:4.0\\(1c\\)hs3:*:*:*:*:*:*:*",
"matchCriteriaId": "39F8601E-730B-489B-AD2A-FD10FAF28595",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0056011A-04F0-4185-8EE7-B1B30CAAA863",
"versionEndExcluding": "3.0\\(4k\\)",
"versionStartIncluding": "3.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "59EE9E78-D09E-4069-BC84-ED42E3EE76F1",
"versionEndExcluding": "4.0\\(4b\\)",
"versionStartIncluding": "4.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:encs_5100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "678F3A32-372A-441E-8115-95181FBAF628",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:encs_5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "01AE8153-6C23-46AB-BEAA-A6F27FDFEED7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e1120d-m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DF77273F-73C0-40EB-BB4E-75269D46F074",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e140s-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "757958F5-F58C-4128-B128-D989A56ACA34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e160d-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F62D6B73-1AB7-4B93-A92E-275E78DF114C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e160s-m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0E6AAD9-824C-4126-8347-2FF1895E6D33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e168d-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BD31E5A-518C-482F-A926-383ADCC7015E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e180d-m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "155D990F-C7DA-48DD-92CC-18542DBBE572",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_c125_m5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADD4A429-F168-460B-A964-8F1BD94C6387",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_c4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD25964B-08B7-477E-A507-5FE5EE7CD286",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_s3260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDC8A69-0914-44C1-8AEA-262E0A285C81",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5549F4C-CF65-4F22-9675-EFAA99964CA0",
"versionEndExcluding": "4.0\\(2f\\)",
"versionStartIncluding": "4.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:encs_5100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "678F3A32-372A-441E-8115-95181FBAF628",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:encs_5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "01AE8153-6C23-46AB-BEAA-A6F27FDFEED7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e1120d-m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DF77273F-73C0-40EB-BB4E-75269D46F074",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e140s-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "757958F5-F58C-4128-B128-D989A56ACA34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e160d-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F62D6B73-1AB7-4B93-A92E-275E78DF114C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e160s-m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0E6AAD9-824C-4126-8347-2FF1895E6D33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e168d-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BD31E5A-518C-482F-A926-383ADCC7015E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e180d-m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "155D990F-C7DA-48DD-92CC-18542DBBE572",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_c125_m5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADD4A429-F168-460B-A964-8F1BD94C6387",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_c4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD25964B-08B7-477E-A507-5FE5EE7CD286",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_s3260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDC8A69-0914-44C1-8AEA-262E0A285C81",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges on an affected device. An attacker would need to have valid administrator credentials on the device. The vulnerability is due to insufficient validation of user-supplied input by the affected software. An attacker with elevated privileges could exploit this vulnerability by sending crafted commands to the administrative web management interface of the affected software. A successful exploit could allow the attacker to inject and execute arbitrary, system-level commands with root privileges on an affected device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en la web del software Cisco Integrated Management Controller (IMC) podr\u00eda permitir que un atacante remoto autenticado inyecte comandos arbitrarios que se ejecutan con privilegios de root en un dispositivo afectado. Un atacante necesitar\u00eda tener credenciales de administrador v\u00e1lidas en el dispositivo. La vulnerabilidad se debe a una validaci\u00f3n insuficiente de las entradas proporcionadas por el usuario por el software afectado. Un atacante con privilegios elevados podr\u00eda aprovechar esta vulnerabilidad enviando comandos dise\u00f1ados a la interfaz administrativa de administraci\u00f3n web del software afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante inyectar y ejecutar comandos arbitrarios a nivel de sistema con privilegios de root en un dispositivo afectado."
}
],
"id": "CVE-2019-1850",
"lastModified": "2024-11-21T04:37:31.670",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-08-21T19:15:14.217",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imc-cmdinj-1850"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imc-cmdinj-1850"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-08-21 19:15
Modified
2024-11-21 04:37
Severity ?
7.2 (High) - CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the Import Cisco IMC configuration utility of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition and implement arbitrary commands with root privileges on an affected device. The vulnerability is due to improper bounds checking by the import-config process. An attacker could exploit this vulnerability by sending malicious packets to an affected device. When the packets are processed, an exploitable buffer overflow condition may occur. A successful exploit could allow the attacker to implement arbitrary code on the affected device with elevated privileges.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | unified_computing_system | 4.0\(1c\)hs3 | |
| cisco | integrated_management_controller_supervisor | * | |
| cisco | integrated_management_controller_supervisor | * | |
| cisco | encs_5100 | - | |
| cisco | encs_5400 | - | |
| cisco | ucs-e1120d-m3 | - | |
| cisco | ucs-e140s-m2 | - | |
| cisco | ucs-e160d-m2 | - | |
| cisco | ucs-e160s-m3 | - | |
| cisco | ucs-e168d-m2 | - | |
| cisco | ucs-e180d-m3 | - | |
| cisco | ucs_c125_m5 | - | |
| cisco | ucs_c4200 | - | |
| cisco | ucs_s3260 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_computing_system:4.0\\(1c\\)hs3:*:*:*:*:*:*:*",
"matchCriteriaId": "39F8601E-730B-489B-AD2A-FD10FAF28595",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0056011A-04F0-4185-8EE7-B1B30CAAA863",
"versionEndExcluding": "3.0\\(4k\\)",
"versionStartIncluding": "3.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "59EE9E78-D09E-4069-BC84-ED42E3EE76F1",
"versionEndExcluding": "4.0\\(4b\\)",
"versionStartIncluding": "4.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:encs_5100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "678F3A32-372A-441E-8115-95181FBAF628",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:encs_5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "01AE8153-6C23-46AB-BEAA-A6F27FDFEED7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e1120d-m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DF77273F-73C0-40EB-BB4E-75269D46F074",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e140s-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "757958F5-F58C-4128-B128-D989A56ACA34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e160d-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F62D6B73-1AB7-4B93-A92E-275E78DF114C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e160s-m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0E6AAD9-824C-4126-8347-2FF1895E6D33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e168d-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BD31E5A-518C-482F-A926-383ADCC7015E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e180d-m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "155D990F-C7DA-48DD-92CC-18542DBBE572",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_c125_m5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADD4A429-F168-460B-A964-8F1BD94C6387",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_c4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD25964B-08B7-477E-A507-5FE5EE7CD286",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_s3260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDC8A69-0914-44C1-8AEA-262E0A285C81",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Import Cisco IMC configuration utility of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition and implement arbitrary commands with root privileges on an affected device. The vulnerability is due to improper bounds checking by the import-config process. An attacker could exploit this vulnerability by sending malicious packets to an affected device. When the packets are processed, an exploitable buffer overflow condition may occur. A successful exploit could allow the attacker to implement arbitrary code on the affected device with elevated privileges."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la utilidad de configuraci\u00f3n Importar Cisco IMC de Cisco Integrated Management Controller (IMC) podr\u00eda permitir que un atacante remoto autenticado cause una condici\u00f3n de denegaci\u00f3n de servicio (DoS) e implemente comandos arbitrarios con privilegios de root en un dispositivo afectado. La vulnerabilidad se debe a una comprobaci\u00f3n incorrecta de los l\u00edmites por parte del proceso import-config. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando paquetes maliciosos a un dispositivo afectado. Cuando se procesan los paquetes, puede ocurrir una condici\u00f3n de desbordamiento de b\u00fafer explotable. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante implementar c\u00f3digo arbitrario en el dispositivo afectado con privilegios elevados."
}
],
"id": "CVE-2019-1871",
"lastModified": "2024-11-21T04:37:34.953",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-08-21T19:15:14.480",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imc-bo"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imc-bo"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-08-21 19:15
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges on an affected device. The vulnerability is due to insufficient validation of user-supplied input by the affected software. An attacker could exploit this vulnerability by invoking an interface monitoring mechanism with a crafted argument on the affected software. A successful exploit could allow the attacker to inject and execute arbitrary, system-level commands with root privileges on an affected device.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_computing_system:4.0\\(1c\\)hs3:*:*:*:*:*:*:*",
"matchCriteriaId": "39F8601E-730B-489B-AD2A-FD10FAF28595",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD570463-F539-47E7-B455-9376BD3EE99D",
"versionEndExcluding": "1.5\\(9g\\)",
"versionStartIncluding": "1.5.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "416F7C96-3EF0-4B6D-B414-3FC0D0848144",
"versionEndExcluding": "2.0\\(13o\\)",
"versionStartIncluding": "2.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0056011A-04F0-4185-8EE7-B1B30CAAA863",
"versionEndExcluding": "3.0\\(4k\\)",
"versionStartIncluding": "3.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "59EE9E78-D09E-4069-BC84-ED42E3EE76F1",
"versionEndExcluding": "4.0\\(4b\\)",
"versionStartIncluding": "4.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:encs_5100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "678F3A32-372A-441E-8115-95181FBAF628",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:encs_5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "01AE8153-6C23-46AB-BEAA-A6F27FDFEED7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e1120d-m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DF77273F-73C0-40EB-BB4E-75269D46F074",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e140s-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "757958F5-F58C-4128-B128-D989A56ACA34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e160d-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F62D6B73-1AB7-4B93-A92E-275E78DF114C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e160s-m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0E6AAD9-824C-4126-8347-2FF1895E6D33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e168d-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BD31E5A-518C-482F-A926-383ADCC7015E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e180d-m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "155D990F-C7DA-48DD-92CC-18542DBBE572",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_c125_m5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADD4A429-F168-460B-A964-8F1BD94C6387",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_c4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD25964B-08B7-477E-A507-5FE5EE7CD286",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_s3260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDC8A69-0914-44C1-8AEA-262E0A285C81",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1D094D51-8F25-430F-99C4-1A734CAA63E4",
"versionEndExcluding": "4.0\\(1d\\)",
"versionStartIncluding": "4.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:encs_5100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "678F3A32-372A-441E-8115-95181FBAF628",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:encs_5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "01AE8153-6C23-46AB-BEAA-A6F27FDFEED7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e1120d-m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DF77273F-73C0-40EB-BB4E-75269D46F074",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e140s-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "757958F5-F58C-4128-B128-D989A56ACA34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e160d-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F62D6B73-1AB7-4B93-A92E-275E78DF114C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e160s-m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0E6AAD9-824C-4126-8347-2FF1895E6D33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e168d-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BD31E5A-518C-482F-A926-383ADCC7015E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e180d-m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "155D990F-C7DA-48DD-92CC-18542DBBE572",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_c125_m5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADD4A429-F168-460B-A964-8F1BD94C6387",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_c4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD25964B-08B7-477E-A507-5FE5EE7CD286",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_s3260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDC8A69-0914-44C1-8AEA-262E0A285C81",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B9AB71C7-E751-4390-84B0-D88794FE2E5A",
"versionEndExcluding": "4.0\\(2c\\)",
"versionStartIncluding": "4.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:encs_5100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "678F3A32-372A-441E-8115-95181FBAF628",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:encs_5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "01AE8153-6C23-46AB-BEAA-A6F27FDFEED7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e1120d-m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DF77273F-73C0-40EB-BB4E-75269D46F074",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e140s-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "757958F5-F58C-4128-B128-D989A56ACA34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e160d-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F62D6B73-1AB7-4B93-A92E-275E78DF114C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e160s-m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0E6AAD9-824C-4126-8347-2FF1895E6D33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e168d-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BD31E5A-518C-482F-A926-383ADCC7015E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e180d-m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "155D990F-C7DA-48DD-92CC-18542DBBE572",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_c125_m5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADD4A429-F168-460B-A964-8F1BD94C6387",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_c4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD25964B-08B7-477E-A507-5FE5EE7CD286",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_s3260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDC8A69-0914-44C1-8AEA-262E0A285C81",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges on an affected device. The vulnerability is due to insufficient validation of user-supplied input by the affected software. An attacker could exploit this vulnerability by invoking an interface monitoring mechanism with a crafted argument on the affected software. A successful exploit could allow the attacker to inject and execute arbitrary, system-level commands with root privileges on an affected device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en la web del software Cisco Integrated Management Controller (IMC) podr\u00eda permitir que un atacante remoto autenticado inyecte comandos arbitrarios que se ejecutan con privilegios de root en un dispositivo afectado. La vulnerabilidad se debe a una validaci\u00f3n insuficiente de las entradas proporcionadas por el usuario por el software afectado. Un atacante podr\u00eda aprovechar esta vulnerabilidad invocando un mecanismo de monitoreo de interfaz con un argumento dise\u00f1ado sobre el software afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante inyectar y ejecutar comandos arbitrarios a nivel de sistema con privilegios de root en un dispositivo afectado."
}
],
"id": "CVE-2019-1865",
"lastModified": "2024-11-21T04:37:34.050",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-08-21T19:15:14.420",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imc-cmdinj-1865"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imc-cmdinj-1865"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-09-25 20:15
Modified
2024-11-21 04:23
Severity ?
Summary
A vulnerability in the Network Address Translation (NAT) Session Initiation Protocol (SIP) Application Layer Gateway (ALG) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to improper processing of transient SIP packets on which NAT is performed on an affected device. An attacker could exploit this vulnerability by using UDP port 5060 to send crafted SIP packets through an affected device that is performing NAT for SIP packets. A successful exploit could allow an attacker to cause the device to reload, resulting in a denial of service (DoS) condition.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | ios_xe | 15.4\(3\)s | |
| cisco | ios_xe | 15.5\(3\)s | |
| cisco | ios_xe | 15.6\(1\)s | |
| cisco | ios_xe | 16.3.1 | |
| cisco | ios_xe | 16.4.1 | |
| cisco | ios_xe | 16.5.1 | |
| cisco | ios_xe | 16.6.1 | |
| cisco | ios_xe | 16.7.1 | |
| cisco | ios_xe | 16.8.1 | |
| cisco | ios_xe | 16.9.1 | |
| cisco | ios_xe | 16.10.1 | |
| cisco | ios_xe | 16.11.1 | |
| cisco | ios_xe | 16.12.1 | |
| cisco | 1100-4p | - | |
| cisco | 1100-8p | - | |
| cisco | 1101-4p | - | |
| cisco | 1109-2p | - | |
| cisco | 1109-4p | - | |
| cisco | 1111x-8p | - | |
| cisco | 4221_integrated_services_router | - | |
| cisco | 4331_integrated_services_router | - | |
| cisco | csr_1000v | - | |
| cisco | encs_5100 | - | |
| cisco | encs_5400 | - | |
| cisco | isrv | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe:15.4\\(3\\)s:*:*:*:*:*:*:*",
"matchCriteriaId": "7E142E50-BDDB-4F49-8270-CB7E2D3C815C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:15.5\\(3\\)s:*:*:*:*:*:*:*",
"matchCriteriaId": "E64CE383-D9D5-45EF-9E68-E048D8DD9231",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:15.6\\(1\\)s:*:*:*:*:*:*:*",
"matchCriteriaId": "6A4A987C-C8E2-4193-9D92-9D97D4A1CE8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "296636F1-9242-429B-8472-90352C056106",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "77E8AF15-AB46-4EAB-8872-8C55E8601599",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FE7B2557-821D-4E05-B5C3-67192573D97D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F821EBD7-91E2-4460-BFAF-18482CF6CB8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "623BF701-ADC9-4F24-93C5-043A6A7FEF5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "57D4F634-03D5-4D9F-901C-7E9CE45F2F38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "119A964D-ABC8-424D-8097-85B832A833BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6BD18B-B9BD-452F-986E-16A6668E46B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E91F8704-6DAD-474A-84EA-04E4AF7BB9B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C98DED36-D4B5-48D6-964E-EEEE97936700",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:1100-4p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA8D5057-138A-42C4-BA35-8077A0A60068",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100-8p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED555B12-41F4-4D62-B519-22601FB7AF8D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1101-4p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B10158-5235-483E-BACD-C407609EA6BE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1109-2p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8964F9BA-6E6C-44BF-9A8C-93D081B6678C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1109-4p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51251FE1-67D2-4903-B7D3-E0C727B9A93C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1111x-8p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "784E4562-FE26-4049-9D23-4CA46432EE14",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4221_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C8AED7C-DDA3-4C29-BB95-6518C02C551A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4331_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5419CB9F-241F-4431-914F-2659BE27BEA5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:csr_1000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF8B0B49-2C99-410B-B011-5B821C5992FB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:encs_5100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "678F3A32-372A-441E-8115-95181FBAF628",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:encs_5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "01AE8153-6C23-46AB-BEAA-A6F27FDFEED7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:isrv:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA48CFE9-2791-40D2-9F33-763C97F7D988",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Network Address Translation (NAT) Session Initiation Protocol (SIP) Application Layer Gateway (ALG) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to improper processing of transient SIP packets on which NAT is performed on an affected device. An attacker could exploit this vulnerability by using UDP port 5060 to send crafted SIP packets through an affected device that is performing NAT for SIP packets. A successful exploit could allow an attacker to cause the device to reload, resulting in a denial of service (DoS) condition."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el Network Address Translation (NAT) Session Initiation Protocol (SIP) Application Layer Gateway (ALG) del Software Cisco IOS XE, podr\u00eda permitir a un atacante remoto no autenticado causar que un dispositivo afectado se recargue. La vulnerabilidad es debido al procesamiento inapropiado de paquetes SIP transitorios en los que se realiza NAT en un dispositivo afectado. Un atacante podr\u00eda explotar esta vulnerabilidad utilizando el puerto UDP 5060 para enviar paquetes SIP dise\u00f1ados por medio de un dispositivo afectado que est\u00e1 realizando NAT para paquetes SIP. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante causar que el dispositivo se recargue, conllevando a una condici\u00f3n de denegaci\u00f3n de servicio (DoS)."
}
],
"id": "CVE-2019-12646",
"lastModified": "2024-11-21T04:23:15.173",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-09-25T20:15:10.353",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-sip-alg"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-sip-alg"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-665"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-08-21 19:15
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the command-line interface of Cisco Integrated Management Controller (IMC) could allow an authenticated, local attacker with read-only credentials to inject arbitrary commands that could allow them to obtain root privileges. The vulnerability is due to insufficient validation of user-supplied input on the command-line interface. An attacker could exploit this vulnerability by authenticating with read-only privileges via the CLI of an affected device and submitting crafted input to the affected commands. A successful exploit could allow an attacker to execute arbitrary commands on the device with root privileges.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | unified_computing_system | 4.0\(1c\)hs3 | |
| cisco | integrated_management_controller_supervisor | * | |
| cisco | integrated_management_controller_supervisor | * | |
| cisco | encs_5100 | - | |
| cisco | encs_5400 | - | |
| cisco | ucs-e1120d-m3 | - | |
| cisco | ucs-e140s-m2 | - | |
| cisco | ucs-e160d-m2 | - | |
| cisco | ucs-e160s-m3 | - | |
| cisco | ucs-e168d-m2 | - | |
| cisco | ucs-e180d-m3 | - | |
| cisco | ucs_c125_m5 | - | |
| cisco | ucs_c4200 | - | |
| cisco | ucs_s3260 | - | |
| cisco | integrated_management_controller_supervisor | * | |
| cisco | encs_5100 | - | |
| cisco | encs_5400 | - | |
| cisco | ucs-e1120d-m3 | - | |
| cisco | ucs-e140s-m2 | - | |
| cisco | ucs-e160d-m2 | - | |
| cisco | ucs-e160s-m3 | - | |
| cisco | ucs-e168d-m2 | - | |
| cisco | ucs-e180d-m3 | - | |
| cisco | ucs_c125_m5 | - | |
| cisco | ucs_c4200 | - | |
| cisco | ucs_s3260 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_computing_system:4.0\\(1c\\)hs3:*:*:*:*:*:*:*",
"matchCriteriaId": "39F8601E-730B-489B-AD2A-FD10FAF28595",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0056011A-04F0-4185-8EE7-B1B30CAAA863",
"versionEndExcluding": "3.0\\(4k\\)",
"versionStartIncluding": "3.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "59EE9E78-D09E-4069-BC84-ED42E3EE76F1",
"versionEndExcluding": "4.0\\(4b\\)",
"versionStartIncluding": "4.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:encs_5100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "678F3A32-372A-441E-8115-95181FBAF628",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:encs_5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "01AE8153-6C23-46AB-BEAA-A6F27FDFEED7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e1120d-m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DF77273F-73C0-40EB-BB4E-75269D46F074",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e140s-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "757958F5-F58C-4128-B128-D989A56ACA34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e160d-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F62D6B73-1AB7-4B93-A92E-275E78DF114C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e160s-m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0E6AAD9-824C-4126-8347-2FF1895E6D33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e168d-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BD31E5A-518C-482F-A926-383ADCC7015E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e180d-m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "155D990F-C7DA-48DD-92CC-18542DBBE572",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_c125_m5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADD4A429-F168-460B-A964-8F1BD94C6387",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_c4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD25964B-08B7-477E-A507-5FE5EE7CD286",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_s3260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDC8A69-0914-44C1-8AEA-262E0A285C81",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5549F4C-CF65-4F22-9675-EFAA99964CA0",
"versionEndExcluding": "4.0\\(2f\\)",
"versionStartIncluding": "4.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:encs_5100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "678F3A32-372A-441E-8115-95181FBAF628",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:encs_5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "01AE8153-6C23-46AB-BEAA-A6F27FDFEED7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e1120d-m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DF77273F-73C0-40EB-BB4E-75269D46F074",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e140s-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "757958F5-F58C-4128-B128-D989A56ACA34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e160d-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F62D6B73-1AB7-4B93-A92E-275E78DF114C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e160s-m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0E6AAD9-824C-4126-8347-2FF1895E6D33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e168d-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BD31E5A-518C-482F-A926-383ADCC7015E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e180d-m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "155D990F-C7DA-48DD-92CC-18542DBBE572",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_c125_m5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADD4A429-F168-460B-A964-8F1BD94C6387",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_c4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD25964B-08B7-477E-A507-5FE5EE7CD286",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_s3260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDC8A69-0914-44C1-8AEA-262E0A285C81",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the command-line interface of Cisco Integrated Management Controller (IMC) could allow an authenticated, local attacker with read-only credentials to inject arbitrary commands that could allow them to obtain root privileges. The vulnerability is due to insufficient validation of user-supplied input on the command-line interface. An attacker could exploit this vulnerability by authenticating with read-only privileges via the CLI of an affected device and submitting crafted input to the affected commands. A successful exploit could allow an attacker to execute arbitrary commands on the device with root privileges."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de l\u00ednea de comandos de Cisco Integrated Management Controller (IMC) podr\u00eda permitir que un atacante local autenticado con credenciales de solo lectura inyecte comandos arbitrarios que podr\u00edan permitirles obtener privilegios de root. La vulnerabilidad se debe a una validaci\u00f3n insuficiente de la entrada proporcionada por el usuario en la interfaz de l\u00ednea de comandos. Un atacante podr\u00eda aprovechar esta vulnerabilidad autentic\u00e1ndose con privilegios de solo lectura a trav\u00e9s de la CLI de un dispositivo afectado y enviando una entrada dise\u00f1ada a los comandos afectados. Una explotaci\u00f3n exitosa podr\u00eda permitir a un atacante ejecutar comandos arbitrarios en el dispositivo con privilegios de root."
}
],
"id": "CVE-2019-1883",
"lastModified": "2024-11-21T04:37:36.547",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-08-21T19:15:14.637",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-cimc-cli-inject"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-cimc-cli-inject"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-05-13 19:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. This vulnerability affects multiple Cisco products that support hardware-based Secure Boot functionality. The vulnerability is due to an improper check on the area of code that manages on-premise updates to a Field Programmable Gate Array (FPGA) part of the Secure Boot hardware implementation. An attacker with elevated privileges and access to the underlying operating system that is running on the affected device could exploit this vulnerability by writing a modified firmware image to the FPGA. A successful exploit could either cause the device to become unusable (and require a hardware replacement) or allow tampering with the Secure Boot verification process, which under some circumstances may allow the attacker to install and boot a malicious software image. An attacker will need to fulfill all the following conditions to attempt to exploit this vulnerability: Have privileged administrative access to the device. Be able to access the underlying operating system running on the device; this can be achieved either by using a supported, documented mechanism or by exploiting another vulnerability that would provide an attacker with such access. Develop or have access to a platform-specific exploit. An attacker attempting to exploit this vulnerability across multiple affected platforms would need to research each one of those platforms and then develop a platform-specific exploit. Although the research process could be reused across different platforms, an exploit developed for a given hardware platform is unlikely to work on a different hardware platform.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securityfocus.com/bid/108350 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190513-secureboot | Vendor Advisory | |
| ykramarz@cisco.com | https://www.kb.cert.org/vuls/id/400865 | Third Party Advisory, US Government Resource | |
| ykramarz@cisco.com | https://www.us-cert.gov/ics/advisories/icsa-20-072-03 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/108350 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190513-secureboot | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.kb.cert.org/vuls/id/400865 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.us-cert.gov/ics/advisories/icsa-20-072-03 | Third Party Advisory, US Government Resource |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "524E28A1-ABD9-416B-804C-EFFD7F822DE5",
"versionEndExcluding": "1.1.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5506-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "763B801D-CA1E-4C56-8B06-3373EA307C7E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5506h-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "30AC6907-3091-409F-967D-64A82A0C5A8C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5506w-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D11AF728-8EB0-45EB-A7DD-F2D52B3BB7B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5508-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "92AE506A-E710-465B-B795-470FDE0E0ECA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5516-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E07AF10-FFB2-4AC7-BBE7-199C3EFED81F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_2100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "32B7016C-C909-4F30-A80E-E30E9C2FB607",
"versionEndExcluding": "2.6.1.134",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52D96810-5F79-4A83-B8CA-D015790FCF72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16FE2945-4975-4003-AE48-7E134E167A7F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*",
"matchCriteriaId": "976901BF-C52C-4F81-956A-711AF8A60140",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_4000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0B8DB36E-D0AC-4FFC-8FDB-C5520689013A",
"versionEndExcluding": "1.0.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38AE6DC0-2B03-4D36-9856-42530312CC46",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3DB2822B-B752-4CD9-A178-934957E306B4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65378F3A-777C-4AE2-87FB-1E7402F9EA1B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E924AE61-94D5-4A68-A586-CA7119487F67",
"versionEndExcluding": "1.0.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DAFDDA-718B-4B69-A524-B0CEB80FE960",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ons_15454_mstp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F8A7F11-B920-4C5B-B3CA-D29740FFE891",
"versionEndExcluding": "11.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ons_15454_mstp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BEBE1DDE-6C69-45EC-A666-D9596E8721DA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:analog_voice_network_interface_modules_firmware:*:*:*:*:*:*:4000_series_isrs:*",
"matchCriteriaId": "00BCB49E-E2D2-4374-8D48-A287FC538F4A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nim-2bri-nt\\/te:-:*:*:*:*:*:*:*",
"matchCriteriaId": "637D7CA3-89CD-418A-BF87-0935A7805173",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nim-2fox:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4CBE2B16-B9AD-4ED2-AE18-7087C478FEEC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nim-2fxs:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D94B415B-08E2-4845-BD11-7EBCD08215E0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nim-2fxs\\/4fxo:-:*:*:*:*:*:*:*",
"matchCriteriaId": "784ECC2E-F4AC-4430-9F33-9B1DBD89692F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nim-2fxs\\/4fxop:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A34FAE4-7B2A-47BF-AB0A-5FAF8E8920CE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nim-2fxsp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3FADBF85-52F4-468C-A44C-5107484757EA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nim-4bri-nt\\/te:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90E418C4-F91B-4E0D-B1DC-2B099D991F80",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nim-4e\\/m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E22A4B07-04DF-4AF2-B2A9-E4430C4F3A64",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nim-4fxo:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFDCD640-E1BB-48F8-BEB4-85AAF7099FA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nim-4fxs:-:*:*:*:*:*:*:*",
"matchCriteriaId": "893147FC-1AD0-441C-B031-6C432ED2FFD8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nim-4fxsp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE30FCF9-DFF6-419C-8DCA-0B695E3FADE7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:integrated_services_router_t1\\/e1_voice_and_wan_network_interface_modules_firmware:*:*:*:*:*:*:4000_series:*",
"matchCriteriaId": "239EC4DE-5E2C-44D7-9C32-BFCD854670AC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nim-1ce1t1-pri:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2956624-92FC-43D7-A038-15071A90E0B4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nim-1mft-t1\\/e1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "988125C4-DB88-438F-8F6D-0992424081A5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nim-2ce1t1-pri:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD9B34B9-78EC-49AE-B342-F2BAD63CD50C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nim-2mft-t1\\/e1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D258F96-93A5-455E-9542-2C95B3D31455",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nim-4mft-t1\\/e1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B443FC34-767F-45B4-8516-A1A8B6C8D917",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nim-8ce1t1-pri:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08C3403A-3943-4A69-A536-3FA6DEDFF21B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nim-8mft-t1\\/e1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7259F6BC-BA31-47E4-BFA6-647068A946CD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:supervisor_a\\+_firmware:*:*:*:*:*:*:nexus_9500:*",
"matchCriteriaId": "3F825D9C-25C6-4F76-A7EE-F61A548A0CE1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:n9k-sup-a\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "360B9A25-5272-487A-AF1A-CE2FDFD6F23C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:supervisor_b\\+_firmware:*:*:*:*:*:*:nexus_9500:*",
"matchCriteriaId": "77C59A0F-F256-42C3-A3E1-71F02614F55A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:n9k-sup-b\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3ADE8708-95D4-4D30-85ED-BE870410F3B6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:15454-m-wse-k9_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F99FC1A-2738-468B-BD01-4F715A1B7809",
"versionEndExcluding": "11.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:15454-m-wse-k9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90242967-37AB-4124-87DE-D826A3895BE7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EB99D062-EE0C-4695-AA4D-2DCE3E2B15AF",
"versionEndExcluding": "16.12.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:cbr-8_converged_broadband_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6CCBE67-E509-43EC-9AFB-8A9B6A115126",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "39C9F8C2-9E34-4027-9112-42AEC0B84F7C",
"versionEndExcluding": "16.3.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "76843179-3569-4556-9F4C-6543B8A8E1DE",
"versionEndExcluding": "16.6.7",
"versionStartIncluding": "16.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B526102-9DDC-4E23-B582-DEF7EA35E42C",
"versionEndExcluding": "16.9.4",
"versionStartIncluding": "16.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F50DDAE4-2C87-4B8B-9BCB-2FD32A6976D6",
"versionEndExcluding": "16.12.1",
"versionStartIncluding": "16.10.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nim-1ge-cu-sfp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C56A1D02-3061-40C5-AD87-0BEA869838F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nim-2ge-cu-sfp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1F98C767-8E9F-4B01-A09E-359A496B2B3A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:sm-x-pvdm-1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FCAA286-6B36-4EB7-9AE5-CA082D125E78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:sm-x-pvdm-2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B1C2CF-0EF1-428F-8FB8-D45E4C6CB340",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:sm-x-pvdm-3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "450EA21E-68E0-4617-85A9-9C39B96E12ED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:sm-x-pvdm-500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17B65497-2EAC-4B9E-9D05-58A0B6D1F399",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35726753-BAA4-479F-AF9C-F4D012881F83",
"versionEndExcluding": "15.6\\(3\\)m7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A3FBAE1-F786-4799-AF70-6E7B5DC19BB9",
"versionEndIncluding": "15.7\\(3\\)m5",
"versionStartIncluding": "15.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72240B45-0D8E-4EA6-8208-068BF6EF8B30",
"versionEndExcluding": "15.8\\(3\\)m3",
"versionStartIncluding": "15.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B7F56D01-F647-452D-A564-4198A893BC70",
"versionEndExcluding": "15.9\\(3\\)m",
"versionStartIncluding": "15.9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:1120_connected_grid_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6835F8AD-B55D-4B57-B3B5-0095E309B2B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1240_connected_grid_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1AB6ACAE-8C89-48F6-95BA-DE32F4F81FE6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:industrial_security_appliances_3000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "83AA5C75-B959-4167-906C-BE9C84C7E676",
"versionEndExcluding": "1.0.05",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:industrial_security_appliances_3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FBBA8E7-14B2-4869-8ED4-72F120E547FC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:integrated_services_router_4200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CB084F19-E475-41FA-A72F-23D4D6913523",
"versionEndExcluding": "1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:4221_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C8AED7C-DDA3-4C29-BB95-6518C02C551A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:integrated_services_router_4300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C49E8AE0-745B-459C-AAD9-D41690D48DDE",
"versionEndExcluding": "1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:4321_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9421DBEF-AE42-4234-B49F-FCC34B804D7F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4331_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5419CB9F-241F-4431-914F-2659BE27BEA5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4351_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7DE02DBE-EAD5-4F37-8AB7-DF46A605A0E2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:integrated_services_router_4400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC5D8FF8-60F8-4F89-A488-F815D0FB00E1",
"versionEndExcluding": "1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:4431_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5720462A-BE6B-4E84-A1A1-01E80BBA86AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:44461_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "697BEF89-6D9B-4870-BE85-9090152F3E6E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4451-x_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "818CEFA6-208C-43C3-8E43-474A93ADCF21",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13C3D17D-DD95-49CA-918A-A0F5289B0C3D",
"versionEndExcluding": "15.6\\(3\\)m6b",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DA254534-247F-47BA-B146-0E3B7E9F9269",
"versionEndIncluding": "15.7\\(3\\)m4b",
"versionStartIncluding": "15.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E0F05F3A-A38F-4922-AE54-BE1BC64C4B7C",
"versionEndExcluding": "15.8\\(3\\)m2a",
"versionStartIncluding": "15.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:809_industrial_integrated_services_routers:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C996F3B-0333-4B9A-B3E7-F50E64B0AAB3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:829_industrial_integrated_services_routers:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0D05CC9-8D04-4DE0-A854-375192B4D46C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asr_1000_series_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "64C3BBBB-4349-4D2B-9944-84BE03407650",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asr_1000-esp100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C5C1005-0C12-4EDA-BC4A-B52201C4F516",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1000_series:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76B7C13F-46C5-460A-A6C9-3837A28A0CE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr1000-2t\\+20x1ge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "77D24BB4-6357-4BFC-A4CB-B33ECDEB3BEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr1000-6tge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B1F849A-05BA-4CA2-96AA-F8DFD5E725A5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr1000-esp200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB060D83-2924-4D1D-9FEE-F8087FA8976D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr1000-mip100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8CF4D0E5-FF09-4919-B603-B42DB535386C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr1000-rp3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "22C36989-4353-4B81-8B0F-FC6322C1C179",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asr_1001_firmware:16.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A267A86B-144D-46C3-9F63-95606106A5B1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asr_1001-hx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7594E307-AC80-41EC-AE94-07E664A7D701",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1001-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09C913FF-63D5-43FB-8B39-598EF436BA5A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002-hx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD2794BD-C8CE-46EF-9857-1723FCF04E46",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C807F789-3038-42C3-B5EB-6CD628EBF718",
"versionEndExcluding": "16.2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:a900-rsp2a-128:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DED2353D-A508-4764-975F-57F9DACD91FA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:a900-rsp2a-64:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9EBA765C-B6F0-4D4D-8933-06E655084AF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:a900-rsp3c-200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC6F34E1-7DE4-459B-AF41-D973201ADC49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:a900-rsp3c-400\\/w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8DAC3AF-FEFC-4B14-A7BE-7008E65FD012",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr-920-10sz-pd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FCA2DB2-AE09-4A99-90C9-60AE0CD9A035",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr-920-12cz-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11B83BED-5A49-4CF0-9827-AA291D01F60E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr-920-12cz-d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2C1E8937-51D9-43E6-876E-5D39AD3D32C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr-920-12sz-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CA7AE63-99B9-4F28-8670-639A9B31E494",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr-920-12sz-d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E858B4AB-49B1-4F1C-8722-6E6911194924",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr-920-12sz-im-cc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "577D1BF2-5180-4301-941C-3C0ADDD23AA6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr-920-24sz-m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FE70CCD-6062-45D8-8566-7C9E237E030F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr-920-24tz-im:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5EA3A897-ED4E-417F-BA6C-C1A825A210F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr-920-24tz-m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "375F9E12-A61B-4FD3-AE07-D4E686EB112A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr-920-4sz-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D724F932-4548-429D-8CAA-E82C3435A194",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr-920-4sz-d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0BCC94C3-9EEF-4600-BE82-8AEDEB0F1446",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:c9300-24p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16088337-C057-4271-B5C7-74FE1573B0F0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:c9300-24t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A69B8AFD-17F5-4809-BDB9-3337BA52BC58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:c9300-24u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A628A7B-FE58-4881-B705-C3BCBED6F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:c9300-24ux:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0A9C769E-ED9C-4F06-928D-CC7FFBA54EC7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:c9300-48p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C5B19A31-99E3-4141-9FE8-7A5FD16FAE5C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:c9300-48t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB1DFCD7-F14A-4530-8E36-55FE0EE1E7C7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:c9300-48u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "84C89BB9-D62D-4E36-8BFD-D583F383120D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:c9300-48un:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88262B7E-8C2F-49FE-9F58-8A1C78285A93",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:c9300-48uxm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6109DBC-5489-4FF9-B940-E174126488AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9600_supervisor_engine-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5EA59279-3504-417D-9E86-E5886EE198BD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:cbr-ccap-lc-40g-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C44B33A5-DB73-4A3B-AA5B-97B8493AD28B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:cbr-lc-8d31-16u31:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CAB82552-DD9D-45C9-8296-B4C8D510FFA1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xr:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "82AF763B-9299-4EDC-B42D-B83736839CA1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:a99-16x100ge-x-se:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EA89F6-14B5-4EC7-BAEB-E783FF1982AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:a99-32x100ge-cm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5BF29D2-7C65-4724-B6AE-249BB22725CE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:a99-32x100ge-tr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D55DC09B-CF82-4461-8886-BE90451BFF9E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:a99-rp3-se:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F393681D-7EC1-46D5-BAFB-786528E259B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:a99-rp3-tr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABE8CE5B-09CF-4138-9495-7223FFA64443",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:a9k-16x100ge-cm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15AEC57E-7851-4C8D-AB02-A932C3929F26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:a9k-16x100ge-tr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B14DB778-9B07-4AFF-8BF3-4631B23501BD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:a9k-rsp5-se:-:*:*:*:*:*:*:*",
"matchCriteriaId": "326F9936-57E7-4E8F-9C51-093788454A3A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:a9k-rsp5-tr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "884F1D0A-8A6F-45E4-9AC7-A8603AB8AE4E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:network_convergence_system_1002:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D54F012-3136-4CA8-B119-FD7446EC96C6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0514874D-C8F0-496E-9B04-FA699B339EEE",
"versionEndExcluding": "15.5\\(1\\)sy4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:c6800-16p10g-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F508C81E-D31B-44BA-82C8-FEDA00324B8B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:c6800-32p10g-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05A9E0CA-BB70-4F74-BAD6-BE80669D1699",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:c6800-8p10g-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4CAE1989-0E75-414E-BCB3-E0057F1492E7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:c6800-8p40g-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1A1BA05-615E-4304-992D-6EEA176D852F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:c6800-sup6t-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D883A807-6909-4087-892B-1E505521EA7A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:c6816-x-le:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE2D76C8-552A-44C2-9C30-0CF31F6BC719",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:c6824-x-le-40g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "649A1287-A03D-48B8-ADFA-26F175366C91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:c6832-x-le:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8776111D-894D-4EEB-8ADD-A9AC26AE30D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:c6840-x-le-40g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "975D2EC3-3499-48FD-87F2-4BAD1CDB0E4C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "27ACCA11-D39B-468E-9C3C-BBF110ED3581",
"versionEndExcluding": "16.9.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5BB36C23-9303-4E3D-8C4A-B2E2150CF3FE",
"versionEndExcluding": "16.12.1",
"versionStartIncluding": "16.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:c9500-12q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B37D793-0EE3-49CA-98B2-3E1F3D561A9F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:c9500-16x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03F5F6FA-9499-4232-A80A-494CE287A87A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:c9500-24q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58918BAA-7070-4901-B1C8-344E8A4DBEE9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:c9500-24y4c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08B9D533-FCF5-4B35-A0D2-2EA1E4A907AE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:c9500-32c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C809A939-105E-471E-A150-859015641989",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:c9500-32qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2C657B7-172E-4E85-8027-4B5563F2CE14",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:c9500-40x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B42926F-0841-4D40-BABE-852893C6020F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:c9500-48y4c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "381144D6-7CDE-46E6-ADE7-76372740F283",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9800-40_wireless_controller_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "902D1451-9E2E-4BC3-8B61-D87C142F4485",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9800-40_wireless_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E283C34-43AE-49A5-A72B-32DEA185ABD3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9800-80_wireless_controller_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "59CD23DF-9B9D-459F-A3BF-F2D53FBDAF71",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9800-80_wireless_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB3AF13-5324-42CD-8EDB-6F730BF46214",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ic3000-k9_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13174CD9-8564-4041-93EC-8E8D7F4F3443",
"versionEndExcluding": "1.0.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ic3000-k9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B443B2C3-E3C1-4ADF-BF9B-164D00318B08",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D5DCCAC-A8CC-40B5-AA01-6D46CB9B7053",
"versionEndExcluding": "8.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ds-x9334-k9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ECE54217-EF6D-4191-9267-113041B14A08",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ncs2k-mr-mxp-k9_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6DE58C19-66CD-45DD-BF5C-C333A30AA096",
"versionEndExcluding": "11.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ncs2k-mr-mxp-k9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6EFF3999-1FF6-42C0-BE62-3FA227297264",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xr:7.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E90BEFD1-AAA5-4D39-A180-4B5ED3427AFC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nc55-24h12f-se:-:*:*:*:*:*:*:*",
"matchCriteriaId": "966F7DF8-1F20-4A74-B633-8B5AEE63C193",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nc55-36x100g-a-se:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46EA0E17-C399-4DA0-A550-F5469CC82F3F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nc55-36x100g-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41C4BF85-7077-463B-8E52-F67949849123",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nc55-5504-fc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F9102353-A21A-41C2-AA0B-9B00F66B693E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nc55-5516-fc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1536A363-E423-42DD-928B-FC6E91264371",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nc55-6x200-dwdm-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB4F5CA4-BBD2-4DC9-8F99-9CC1B2A90BF2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nc55-mod-a-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2442B13-F163-4219-AED9-7FA4CCD1A8D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ncs-5501:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7617BA24-6474-49CF-B78D-0056D3F8385B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ncs-5501-se:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C3DCE7D6-0E78-4CF3-BF7A-6A4945ADD4F1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ncs-5502:-:*:*:*:*:*:*:*",
"matchCriteriaId": "344675F6-9045-492D-9577-E0CE333AD6E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ncs-5502-se:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC7F2221-B5BE-408C-BA84-9776469EE2D5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ncs-55a1-24h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8D61548-61B4-4B53-8574-9DB92B00A627",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ncs-55a1-36h-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FF08FAF-67DD-4361-947A-40D5938DB8BA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ncs-55a1-36h-se:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CE2AD36-5D52-4489-AAC1-A7AC1B3D2581",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ncs-55a2-mod-hd-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A95FEA95-703B-44E0-A7CA-9E38B2EB1980",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ncs-55a2-mod-hx-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D37BF94-9D5F-4A88-8115-3A88FF144845",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ncs-55a2-mod-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C33F0D81-1314-440B-9FC2-56D76CA4CD79",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ncs-55a2-mod-se-h-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E50806D-115D-4903-A5B2-62654FFDD9F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ncs-55a2-mod-se-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15AE071E-0CEF-4305-A92D-9F4C324BD4ED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:network_convergence_system_5001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E007368-04AF-49C7-892F-ED2BB1E4EA61",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:network_convergence_system_5002:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9DBEF775-EC98-4391-BAD2-61870A7DEE88",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "68A586A3-0291-4BA3-9211-6EE0BBB7F39C",
"versionEndExcluding": "9.3\\(2\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:n3k-c31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5AEB8547-3FA8-42F5-8106-57B0F994BEC5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n3k-c31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4D2069C-23A2-4113-B674-024D36E40BDD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n3k-c3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "572F9105-9B6C-4460-8B49-14812AC3DC28",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n3k-c3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C5CF4C9-3B75-4DC5-BC38-8A2B87FEAE01",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE8EFEE8-FC8D-480C-917E-24C3B8D56E29",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7482F9FB-CA6A-4CA2-B6FB-FD0DCDF603ED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6487A95B-0D04-4ABA-B491-8A935694AFD3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2E84307-41BC-4F85-BC9A-FF02178765F8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55A31452-5B60-4273-BA38-8FA684DED953",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C3FCA39-927B-4C89-A58B-E6859ED8176A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D7B464B3-DE25-4980-ABC3-10D7C79C12E6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "214472EB-424C-48B7-8EF3-7B679A5042BF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D5DCCAC-A8CC-40B5-AA01-6D46CB9B7053",
"versionEndExcluding": "8.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ds-x9648-1536k9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57E3CF0C-5AD0-4A30-9335-4945CBC04A60",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n3k-c3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C5CF4C9-3B75-4DC5-BC38-8A2B87FEAE01",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-m312cq-26l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9AFA9BC1-3386-4AAE-A1B6-D81761D3EA9B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-m348xp-23l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6AC35C-29B2-42C7-862D-D9AC3461D8D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-sup3e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F33AB95C-62FC-48EC-84AB-5EFA5C061F3B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-m324fq-25l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B6BF05BA-E0CC-45D6-963F-27F0BD7B3C4F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-m348xp-25l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D409BDF3-9F35-4D94-9DF0-7B58A519A005",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sm-x-1t3\\/e3_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98B12A01-8EF8-4DDE-9A40-51A9BC7D42AC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sm-x-1t3\\/e3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "696AFE49-10E1-4C56-93D3-F4118B3E01AB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:encs_5100_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD6741CC-EEA4-4DC8-A21B-DB84B861316B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:encs_5100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "678F3A32-372A-441E-8115-95181FBAF628",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:encs_5400_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF426F3E-4474-43C7-84F5-EF61957E5004",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:encs_5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "01AE8153-6C23-46AB-BEAA-A6F27FDFEED7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the logic that handles access control to one of the hardware components in Cisco\u0027s proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. This vulnerability affects multiple Cisco products that support hardware-based Secure Boot functionality. The vulnerability is due to an improper check on the area of code that manages on-premise updates to a Field Programmable Gate Array (FPGA) part of the Secure Boot hardware implementation. An attacker with elevated privileges and access to the underlying operating system that is running on the affected device could exploit this vulnerability by writing a modified firmware image to the FPGA. A successful exploit could either cause the device to become unusable (and require a hardware replacement) or allow tampering with the Secure Boot verification process, which under some circumstances may allow the attacker to install and boot a malicious software image. An attacker will need to fulfill all the following conditions to attempt to exploit this vulnerability: Have privileged administrative access to the device. Be able to access the underlying operating system running on the device; this can be achieved either by using a supported, documented mechanism or by exploiting another vulnerability that would provide an attacker with such access. Develop or have access to a platform-specific exploit. An attacker attempting to exploit this vulnerability across multiple affected platforms would need to research each one of those platforms and then develop a platform-specific exploit. Although the research process could be reused across different platforms, an exploit developed for a given hardware platform is unlikely to work on a different hardware platform."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la l\u00f3gica que maneja el control de acceso de uno de los componentes de hardware en la implementaci\u00f3n Secure Boot de propiedad de Cisco, podr\u00eda permitir que un atacante local autenticado escriba una imagen de firmware modificada en el componente. Esta vulnerabilidad afecta a varios productos de Cisco que admiten la funcionalidad de Secure Boot basada en hardware. La vulnerabilidad se genera por una comprobaci\u00f3n incorrecta en el \u00e1rea de c\u00f3digo que administra las actualizaciones en las instalaciones de Field Programmable Gate Array (FPGA) parte de la implementaci\u00f3n del hardware Secure Boot. Un atacante con privilegios elevados y acceso al sistema operativo subyacente que se ejecuta en el dispositivo afectado podr\u00eda explotar esta vulnerabilidad al escribir una imagen de firmware modificada en el FPGA. Una explotaci\u00f3n exitosa podr\u00eda hacer que el dispositivo se vuelva inutilizable (y requiera un reemplazo de hardware) o permitir la manipulaci\u00f3n del proceso de comprobaci\u00f3n de Secure Boot, que en algunas circunstancias puede permitir al atacante instalar y arrancar una imagen de software malicioso. Un atacante deber\u00e1 cumplir todas las condiciones siguientes para intentar explotar esta vulnerabilidad: Tener acceso administrativo privilegiado al dispositivo. Poder acceder al sistema operativo subyacente que se ejecuta en el dispositivo; Esto se puede lograr mediante el uso de un mecanismo documentado de soporte o mediante la explotaci\u00f3n de otra vulnerabilidad que proporcionar\u00eda a un atacante con dicho acceso. Desarrollar o tener acceso a un exploit espec\u00edfico de la plataforma. Un atacante que busque explotar esta vulnerabilidad en m\u00faltiples plataformas afectadas necesitar\u00e1 investigar cada una de esas plataformas y despu\u00e9s desarrollar una vulnerabilidad espec\u00edfica de la plataforma. Si bien el proceso de investigaci\u00f3n se podr\u00eda realizar en diferentes plataformas, es poco probable que una vulnerabilidad desarrollada para una plataforma de hardware determinada opere en una plataforma de hardware diferente."
}
],
"id": "CVE-2019-1649",
"lastModified": "2024-11-21T04:37:00.627",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-05-13T19:29:01.520",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108350"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190513-secureboot"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/400865"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-072-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108350"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190513-secureboot"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/400865"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-072-03"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-667"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-08-21 19:15
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to inject arbitrary commands and obtain root privileges. The vulnerability is due to insufficient validation of user-supplied input in the Certificate Signing Request (CSR) function of the web-based management interface. An attacker could exploit this vulnerability by submitting a crafted CSR in the web-based management interface. A successful exploit could allow an attacker with administrator privileges to execute arbitrary commands on the device with full root privileges.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_computing_system:4.0\\(1c\\)hs3:*:*:*:*:*:*:*",
"matchCriteriaId": "39F8601E-730B-489B-AD2A-FD10FAF28595",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "416F7C96-3EF0-4B6D-B414-3FC0D0848144",
"versionEndExcluding": "2.0\\(13o\\)",
"versionStartIncluding": "2.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0056011A-04F0-4185-8EE7-B1B30CAAA863",
"versionEndExcluding": "3.0\\(4k\\)",
"versionStartIncluding": "3.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "59EE9E78-D09E-4069-BC84-ED42E3EE76F1",
"versionEndExcluding": "4.0\\(4b\\)",
"versionStartIncluding": "4.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:encs_5100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "678F3A32-372A-441E-8115-95181FBAF628",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:encs_5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "01AE8153-6C23-46AB-BEAA-A6F27FDFEED7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e1120d-m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DF77273F-73C0-40EB-BB4E-75269D46F074",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e140s-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "757958F5-F58C-4128-B128-D989A56ACA34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e160d-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F62D6B73-1AB7-4B93-A92E-275E78DF114C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e160s-m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0E6AAD9-824C-4126-8347-2FF1895E6D33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e168d-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BD31E5A-518C-482F-A926-383ADCC7015E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e180d-m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "155D990F-C7DA-48DD-92CC-18542DBBE572",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_c125_m5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADD4A429-F168-460B-A964-8F1BD94C6387",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_c4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD25964B-08B7-477E-A507-5FE5EE7CD286",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_s3260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDC8A69-0914-44C1-8AEA-262E0A285C81",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5549F4C-CF65-4F22-9675-EFAA99964CA0",
"versionEndExcluding": "4.0\\(2f\\)",
"versionStartIncluding": "4.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:encs_5100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "678F3A32-372A-441E-8115-95181FBAF628",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:encs_5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "01AE8153-6C23-46AB-BEAA-A6F27FDFEED7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e1120d-m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DF77273F-73C0-40EB-BB4E-75269D46F074",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e140s-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "757958F5-F58C-4128-B128-D989A56ACA34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e160d-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F62D6B73-1AB7-4B93-A92E-275E78DF114C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e160s-m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0E6AAD9-824C-4126-8347-2FF1895E6D33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e168d-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BD31E5A-518C-482F-A926-383ADCC7015E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e180d-m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "155D990F-C7DA-48DD-92CC-18542DBBE572",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_c125_m5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADD4A429-F168-460B-A964-8F1BD94C6387",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_c4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD25964B-08B7-477E-A507-5FE5EE7CD286",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_s3260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDC8A69-0914-44C1-8AEA-262E0A285C81",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to inject arbitrary commands and obtain root privileges. The vulnerability is due to insufficient validation of user-supplied input in the Certificate Signing Request (CSR) function of the web-based management interface. An attacker could exploit this vulnerability by submitting a crafted CSR in the web-based management interface. A successful exploit could allow an attacker with administrator privileges to execute arbitrary commands on the device with full root privileges."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en la web de Cisco Integrated Management Controller (IMC) podr\u00eda permitir que un atacante remoto autenticado inyecte comandos arbitrarios y obtenga privilegios de root. La vulnerabilidad se debe a una validaci\u00f3n insuficiente de la entrada proporcionada por el usuario en la funci\u00f3n de Solicitud de firma de certificado (CSR) de la interfaz de administraci\u00f3n basada en la web. Un atacante podr\u00eda aprovechar esta vulnerabilidad al enviar una CSR dise\u00f1ada en la interfaz de administraci\u00f3n basada en la web. Una explotaci\u00f3n exitosa podr\u00eda permitir que un atacante con privilegios de administrador ejecute comandos arbitrarios en el dispositivo con todos los privilegios de root."
}
],
"id": "CVE-2019-1896",
"lastModified": "2024-11-21T04:37:38.333",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-08-21T19:15:15.013",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imc-cmdinject-1896"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imc-cmdinject-1896"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-08-21 19:15
Modified
2024-11-21 04:36
Severity ?
Summary
A vulnerability in the Intelligent Platform Management Interface (IPMI) of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges on the underlying operating system (OS). The vulnerability is due to insufficient input validation of user-supplied commands. An attacker who has administrator privileges and access to the network where the IPMI resides could exploit this vulnerability by submitting crafted input to the affected commands. A successful exploit could allow the attacker to gain root privileges on the affected device.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_computing_system:4.0\\(1c\\)hs3:*:*:*:*:*:*:*",
"matchCriteriaId": "39F8601E-730B-489B-AD2A-FD10FAF28595",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD570463-F539-47E7-B455-9376BD3EE99D",
"versionEndExcluding": "1.5\\(9g\\)",
"versionStartIncluding": "1.5.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "416F7C96-3EF0-4B6D-B414-3FC0D0848144",
"versionEndExcluding": "2.0\\(13o\\)",
"versionStartIncluding": "2.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0056011A-04F0-4185-8EE7-B1B30CAAA863",
"versionEndExcluding": "3.0\\(4k\\)",
"versionStartIncluding": "3.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "59EE9E78-D09E-4069-BC84-ED42E3EE76F1",
"versionEndExcluding": "4.0\\(4b\\)",
"versionStartIncluding": "4.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:encs_5100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "678F3A32-372A-441E-8115-95181FBAF628",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:encs_5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "01AE8153-6C23-46AB-BEAA-A6F27FDFEED7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e1120d-m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DF77273F-73C0-40EB-BB4E-75269D46F074",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e140s-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "757958F5-F58C-4128-B128-D989A56ACA34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e160d-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F62D6B73-1AB7-4B93-A92E-275E78DF114C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e160s-m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0E6AAD9-824C-4126-8347-2FF1895E6D33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e168d-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BD31E5A-518C-482F-A926-383ADCC7015E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e180d-m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "155D990F-C7DA-48DD-92CC-18542DBBE572",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_c125_m5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADD4A429-F168-460B-A964-8F1BD94C6387",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_c4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD25964B-08B7-477E-A507-5FE5EE7CD286",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_s3260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDC8A69-0914-44C1-8AEA-262E0A285C81",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5549F4C-CF65-4F22-9675-EFAA99964CA0",
"versionEndExcluding": "4.0\\(2f\\)",
"versionStartIncluding": "4.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:encs_5100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "678F3A32-372A-441E-8115-95181FBAF628",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:encs_5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "01AE8153-6C23-46AB-BEAA-A6F27FDFEED7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e1120d-m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DF77273F-73C0-40EB-BB4E-75269D46F074",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e140s-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "757958F5-F58C-4128-B128-D989A56ACA34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e160d-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F62D6B73-1AB7-4B93-A92E-275E78DF114C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e160s-m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0E6AAD9-824C-4126-8347-2FF1895E6D33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e168d-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BD31E5A-518C-482F-A926-383ADCC7015E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e180d-m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "155D990F-C7DA-48DD-92CC-18542DBBE572",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_c125_m5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADD4A429-F168-460B-A964-8F1BD94C6387",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_c4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD25964B-08B7-477E-A507-5FE5EE7CD286",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_s3260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDC8A69-0914-44C1-8AEA-262E0A285C81",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Intelligent Platform Management Interface (IPMI) of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges on the underlying operating system (OS). The vulnerability is due to insufficient input validation of user-supplied commands. An attacker who has administrator privileges and access to the network where the IPMI resides could exploit this vulnerability by submitting crafted input to the affected commands. A successful exploit could allow the attacker to gain root privileges on the affected device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la Interfaz de administraci\u00f3n de plataforma inteligente (IPMI) de Cisco Integrated Management Controller (IMC) podr\u00eda permitir que un atacante remoto autenticado inyecte comandos arbitrarios que se ejecutan con privilegios de ra\u00edz en el sistema operativo (SO) subyacente. La vulnerabilidad se debe a una validaci\u00f3n de entrada insuficiente de los comandos proporcionados por el usuario. Un atacante que tenga privilegios de administrador y acceso a la red donde reside el IPMI podr\u00eda aprovechar esta vulnerabilidad al enviar una entrada dise\u00f1ada a los comandos afectados. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante obtener privilegios de root en el dispositivo afectado."
}
],
"id": "CVE-2019-1634",
"lastModified": "2024-11-21T04:36:58.597",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-08-21T19:15:14.043",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imc-cmdinject-1634"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imc-cmdinject-1634"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-08-16 21:15
Modified
2024-11-21 07:40
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.
This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the browser of the targeted user or access sensitive, browser-based information.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | encs_5100_firmware | * | |
| cisco | encs_5100 | - | |
| cisco | encs_5400_firmware | * | |
| cisco | encs_5400 | - | |
| cisco | ucs_c220_m5_rack_server_firmware | * | |
| cisco | ucs_c220_m5_rack_server | - | |
| cisco | ucs_e160s_m3_firmware | * | |
| cisco | ucs_e160s_m3 | - | |
| cisco | ucs_e180d_m3_firmware | * | |
| cisco | ucs_e180d_m3 | - | |
| cisco | ucs-e1120d-m3_firmware | * | |
| cisco | ucs-e1120d-m3 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:encs_5100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3BFE88BB-D139-4118-A301-66381FE360D8",
"versionEndExcluding": "3.2.15.1",
"versionStartIncluding": "3.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:encs_5100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "678F3A32-372A-441E-8115-95181FBAF628",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:encs_5400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "50E1F7BF-6F2E-4664-BF11-757645A5F209",
"versionEndExcluding": "3.2.15.1",
"versionStartIncluding": "3.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:encs_5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "01AE8153-6C23-46AB-BEAA-A6F27FDFEED7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ucs_c220_m5_rack_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "03CC45CE-28B1-4901-859D-98DC10E80B8D",
"versionEndExcluding": "4.3.2.230207",
"versionStartIncluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ucs_c220_m5_rack_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B92DFE16-D552-4A12-B4EB-7B0713634182",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ucs_e160s_m3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A589EC14-2996-4D01-9323-696FC51982EB",
"versionEndExcluding": "3.2.15.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ucs_e160s_m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4CBB5AD3-0BBA-4908-AEB7-5402AB48E628",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ucs_e180d_m3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "21C26B22-9630-4891-9103-E393060F0D9B",
"versionEndExcluding": "3.2.15.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ucs_e180d_m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C14DE1B6-A8E0-4267-8FE8-45756051ED4C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ucs-e1120d-m3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2DAC4D5D-4AEA-4427-B855-D73E722BC59C",
"versionEndExcluding": "3.2.15.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ucs-e1120d-m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DF77273F-73C0-40EB-BB4E-75269D46F074",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.\r\n\r This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the browser of the targeted user or access sensitive, browser-based information."
}
],
"id": "CVE-2023-20228",
"lastModified": "2024-11-21T07:40:56.623",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-08-16T21:15:09.737",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-xss-UMYtYEtr"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-xss-UMYtYEtr"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-80"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-05-06 13:15
Modified
2024-11-21 05:44
Severity ?
4.7 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of the parameters in an HTTP request. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to redirect a user to a malicious website. This vulnerability is known as an open redirect attack, which is used in phishing attacks to get users to visit malicious sites without their knowledge.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:integrated_management_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8804FC02-F5DC-467F-AC53-C9E968537E98",
"versionEndExcluding": "3.2\\(12.4\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ucs_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA1B9BD7-4050-4F99-9412-F3E673FED790",
"versionEndIncluding": "4.1\\(3b\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:encs_5100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CF04641-9D9A-4FFC-B3AA-A8A4042EB2C9",
"versionEndIncluding": "4.4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:encs_5100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "678F3A32-372A-441E-8115-95181FBAF628",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:encs_5400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "247817B4-D34D-4ED5-8236-E7C36542538C",
"versionEndIncluding": "4.4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:encs_5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "01AE8153-6C23-46AB-BEAA-A6F27FDFEED7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:c220_m6_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EBB0B1A7-87BD-4594-8F8C-D89E0DF460EC",
"versionEndIncluding": "4.1\\(2f\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:c220_m6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "297A607F-E8CE-4943-BA92-B53585BA683E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:c225_m6_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A3E0DB28-6093-40BE-BD71-9E9A35F4C107",
"versionEndIncluding": "4.1\\(2f\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:c225_m6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3346CA68-1977-429F-BEF6-7CD165298852",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:c240_m6_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D90D18EE-2EC0-4C14-A679-6542ACBC81E6",
"versionEndIncluding": "4.1\\(2f\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:c240_m6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7301A230-B65F-40FB-A4D0-6D9D9B65F4E3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:c245_m6_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1216C5A1-F429-40E9-B0E1-8ED45ED81B48",
"versionEndIncluding": "4.1\\(2f\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:c245_m6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33A05B60-6E96-4DF8-A607-CC712D0D0A9E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:c125_m5_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4929AAEB-E6BF-43EB-8C0A-64B4ED82A3B7",
"versionEndIncluding": "4.1\\(2f\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:c125_m5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "773F05F8-CF38-4CC8-9FC8-528789073FB2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:c220_m5_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC1BE6F7-B0D0-4224-BB37-E024F2C9715F",
"versionEndIncluding": "4.1\\(2f\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:c220_m5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB5FBE2F-1920-48DC-8377-A4AD8202C123",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:c240_m5_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C4E9CCA0-1128-48FF-8C97-EF1139C9438E",
"versionEndIncluding": "4.1\\(2f\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:c240_m5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4570063-4744-4CF0-AC99-14693E639191",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:c480_m5_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DBB8527A-86C1-4413-AC52-3CB7D72FE120",
"versionEndIncluding": "4.1\\(2f\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:c480_m5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5717A4D4-9CBB-4A7B-A974-76CABB54B2E4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:c480_ml_m5_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "533C38A4-64FF-42CA-9649-2FAE80D12CED",
"versionEndIncluding": "4.1\\(2f\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:c480_ml_m5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CFB191A5-B7D8-49C3-9CE9-F5CBD506D4C8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ucs-e140s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "727956AA-0627-46B7-8394-E8A218E2A84D",
"versionEndIncluding": "3.2\\(11.5\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ucs-e140s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FEC2FF1-D0AB-49B1-AB28-D912384F5540",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ucs-e140d_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E10DD81-5526-4C8A-841F-2561740A0457",
"versionEndIncluding": "3.2\\(11.5\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ucs-e140d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD7BA377-87BD-4330-9A69-0356A4AEE457",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ucs-e160d_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "47BEB922-330E-4A84-8079-0AD69E0D25D7",
"versionEndIncluding": "3.2\\(11.5\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ucs-e160d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02A9C58E-5148-4671-BA3A-3A7216EC421B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ucs-e160s-m3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05C2C217-1A58-44CF-8934-05A27DA3650C",
"versionEndIncluding": "3.2\\(11.5\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ucs-e160s-m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0E6AAD9-824C-4126-8347-2FF1895E6D33",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ucs-e180d-m3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA106E3B-870C-442A-AB69-E749196E6A57",
"versionEndIncluding": "3.2\\(11.5\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ucs-e180d-m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "155D990F-C7DA-48DD-92CC-18542DBBE572",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ucs-e1120d-m3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13F12356-BDF4-4EE0-8E85-532BD826D67E",
"versionEndIncluding": "3.2\\(11.5\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ucs-e1120d-m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DF77273F-73C0-40EB-BB4E-75269D46F074",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ucs-e140s-m2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EE53EC1B-A239-41BD-A2F6-76F499EA3397",
"versionEndIncluding": "3.2\\(11.5\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ucs-e140s-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "757958F5-F58C-4128-B128-D989A56ACA34",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ucs-e160d_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "47BEB922-330E-4A84-8079-0AD69E0D25D7",
"versionEndIncluding": "3.2\\(11.5\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ucs-e160d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02A9C58E-5148-4671-BA3A-3A7216EC421B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ucs-e180d-m2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C5F0CBEF-1CA7-49D8-B7E2-5EDD2B3FB925",
"versionEndIncluding": "3.2\\(11.5\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ucs-e180d-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB3E47EB-9C60-4A06-956A-46B5D2E46239",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ucs-e140s-m1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1D49F74E-A2BD-4C55-A236-AEB3E479416D",
"versionEndIncluding": "3.2\\(11.5\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ucs-e140s-m1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94805A53-CCA0-4737-939F-1157F557770C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ucs-e140d_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E10DD81-5526-4C8A-841F-2561740A0457",
"versionEndIncluding": "3.2\\(11.5\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ucs-e140d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD7BA377-87BD-4330-9A69-0356A4AEE457",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ucs-e140dp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EF97AF37-C12A-452F-AD50-581CD5122BBA",
"versionEndIncluding": "3.2\\(11.5\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ucs-e140dp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE387668-61D1-459D-9871-C23252EF67D2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ucs-e160d_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "47BEB922-330E-4A84-8079-0AD69E0D25D7",
"versionEndIncluding": "3.2\\(11.5\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ucs-e160d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02A9C58E-5148-4671-BA3A-3A7216EC421B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ucs-e160dp-m1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8FDCFE0D-CAF5-4520-AE7B-25F0B66BD7FD",
"versionEndIncluding": "3.2\\(11.5\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ucs-e160dp-m1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67C1D42D-CEFF-4B66-B211-DAEA94D21F6D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ucs_s3260_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DF6CC866-6832-4F8F-B0B3-6D1A09E2F89B",
"versionEndIncluding": "4.0\\(2o\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ucs_s3260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDC8A69-0914-44C1-8AEA-262E0A285C81",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of the parameters in an HTTP request. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to redirect a user to a malicious website. This vulnerability is known as an open redirect attack, which is used in phishing attacks to get users to visit malicious sites without their knowledge."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web del software Cisco Integrated Management Controller (IMC), podr\u00eda permitir a un atacante remoto no autenticado redirija a un usuario a una p\u00e1gina web maliciosa.\u0026#xa0;Esta vulnerabilidad es debido a una comprobaci\u00f3n inapropiada de la entrada de los par\u00e1metros en una petici\u00f3n HTTP.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad al persuadir a un usuario para que haga clic en un v\u00ednculo dise\u00f1ado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante redirigir a un usuario a un sitio web malicioso.\u0026#xa0;Esta vulnerabilidad es conocida como un ataque de redireccionamiento abierto, que es usado en ataques de phishing para que los usuarios visiten sitios maliciosos sin su conocimiento"
}
],
"id": "CVE-2021-1397",
"lastModified": "2024-11-21T05:44:15.633",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-05-06T13:15:09.950",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-imc-openred-zAYrU6d2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-imc-openred-zAYrU6d2"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-601"
}
],
"source": "ykramarz@cisco.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-08-21 19:15
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges on an affected device. The vulnerability is due to insufficient validation of command input by the affected software. An attacker could exploit this vulnerability by sending malicious commands to the web-based management interface of the affected software. A successful exploit could allow the attacker, with read-only privileges, to inject and execute arbitrary, system-level commands with root privileges on an affected device.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_computing_system:4.0\\(1c\\)hs3:*:*:*:*:*:*:*",
"matchCriteriaId": "39F8601E-730B-489B-AD2A-FD10FAF28595",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD570463-F539-47E7-B455-9376BD3EE99D",
"versionEndExcluding": "1.5\\(9g\\)",
"versionStartIncluding": "1.5.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "416F7C96-3EF0-4B6D-B414-3FC0D0848144",
"versionEndExcluding": "2.0\\(13o\\)",
"versionStartIncluding": "2.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0056011A-04F0-4185-8EE7-B1B30CAAA863",
"versionEndExcluding": "3.0\\(4k\\)",
"versionStartIncluding": "3.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "59EE9E78-D09E-4069-BC84-ED42E3EE76F1",
"versionEndExcluding": "4.0\\(4b\\)",
"versionStartIncluding": "4.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:encs_5100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "678F3A32-372A-441E-8115-95181FBAF628",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:encs_5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "01AE8153-6C23-46AB-BEAA-A6F27FDFEED7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e1120d-m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DF77273F-73C0-40EB-BB4E-75269D46F074",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e140s-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "757958F5-F58C-4128-B128-D989A56ACA34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e160d-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F62D6B73-1AB7-4B93-A92E-275E78DF114C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e160s-m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0E6AAD9-824C-4126-8347-2FF1895E6D33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e168d-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BD31E5A-518C-482F-A926-383ADCC7015E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e180d-m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "155D990F-C7DA-48DD-92CC-18542DBBE572",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_c125_m5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADD4A429-F168-460B-A964-8F1BD94C6387",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_c4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD25964B-08B7-477E-A507-5FE5EE7CD286",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_s3260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDC8A69-0914-44C1-8AEA-262E0A285C81",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1D094D51-8F25-430F-99C4-1A734CAA63E4",
"versionEndExcluding": "4.0\\(1d\\)",
"versionStartIncluding": "4.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:encs_5100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "678F3A32-372A-441E-8115-95181FBAF628",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:encs_5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "01AE8153-6C23-46AB-BEAA-A6F27FDFEED7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e1120d-m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DF77273F-73C0-40EB-BB4E-75269D46F074",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e140s-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "757958F5-F58C-4128-B128-D989A56ACA34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e160d-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F62D6B73-1AB7-4B93-A92E-275E78DF114C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e160s-m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0E6AAD9-824C-4126-8347-2FF1895E6D33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e168d-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BD31E5A-518C-482F-A926-383ADCC7015E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e180d-m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "155D990F-C7DA-48DD-92CC-18542DBBE572",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_c125_m5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADD4A429-F168-460B-A964-8F1BD94C6387",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_c4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD25964B-08B7-477E-A507-5FE5EE7CD286",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_s3260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDC8A69-0914-44C1-8AEA-262E0A285C81",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B9AB71C7-E751-4390-84B0-D88794FE2E5A",
"versionEndExcluding": "4.0\\(2c\\)",
"versionStartIncluding": "4.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:encs_5100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "678F3A32-372A-441E-8115-95181FBAF628",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:encs_5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "01AE8153-6C23-46AB-BEAA-A6F27FDFEED7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e1120d-m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DF77273F-73C0-40EB-BB4E-75269D46F074",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e140s-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "757958F5-F58C-4128-B128-D989A56ACA34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e160d-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F62D6B73-1AB7-4B93-A92E-275E78DF114C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e160s-m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0E6AAD9-824C-4126-8347-2FF1895E6D33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e168d-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BD31E5A-518C-482F-A926-383ADCC7015E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs-e180d-m3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "155D990F-C7DA-48DD-92CC-18542DBBE572",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_c125_m5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADD4A429-F168-460B-A964-8F1BD94C6387",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_c4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD25964B-08B7-477E-A507-5FE5EE7CD286",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_s3260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDC8A69-0914-44C1-8AEA-262E0A285C81",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges on an affected device. The vulnerability is due to insufficient validation of command input by the affected software. An attacker could exploit this vulnerability by sending malicious commands to the web-based management interface of the affected software. A successful exploit could allow the attacker, with read-only privileges, to inject and execute arbitrary, system-level commands with root privileges on an affected device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en la web del software Cisco Integrated Management Controller (IMC) podr\u00eda permitir que un atacante remoto autenticado inyecte comandos arbitrarios que se ejecutan con privilegios de root en un dispositivo afectado. La vulnerabilidad se debe a una validaci\u00f3n insuficiente de la entrada de comandos por parte del software afectado. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando comandos maliciosos a la interfaz de administraci\u00f3n basada en web del software afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante, con privilegios de solo lectura, inyectar y ejecutar comandos arbitrarios a nivel de sistema con privilegios de root en un dispositivo afectado."
}
],
"id": "CVE-2019-1864",
"lastModified": "2024-11-21T04:37:33.893",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-08-21T19:15:14.357",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imc-cmdinj-1864"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imc-cmdinj-1864"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}