cve-2019-12650
Vulnerability from cvelistv5
Published
2019-09-25 20:05
Modified
2024-11-21 19:14
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based user interface (Web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker to execute commands with elevated privileges on the affected device. For more information about these vulnerabilities, see the Details section of this advisory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco IOS XE Software 3.2.11aSG |
Version: unspecified < n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:24:39.291Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190925 Cisco IOS XE Software Web UI Command Injection Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-webui-cmd-injection"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-12650",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-21T18:57:01.417442Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T19:14:26.806Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IOS XE Software 3.2.11aSG",
"vendor": "Cisco",
"versions": [
{
"lessThan": "n/a",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-09-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the web-based user interface (Web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker to execute commands with elevated privileges on the affected device. For more information about these vulnerabilities, see the Details section of this advisory."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-25T20:05:12",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190925 Cisco IOS XE Software Web UI Command Injection Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-webui-cmd-injection"
}
],
"source": {
"advisory": "cisco-sa-20190925-webui-cmd-injection",
"defect": [
[
"CSCvo61821",
"CSCvp78858",
"CSCvp95724"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IOS XE Software Web UI Command Injection Vulnerabilities",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-09-25T16:00:00-0700",
"ID": "CVE-2019-12650",
"STATE": "PUBLIC",
"TITLE": "Cisco IOS XE Software Web UI Command Injection Vulnerabilities"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IOS XE Software 3.2.11aSG",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple vulnerabilities in the web-based user interface (Web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker to execute commands with elevated privileges on the affected device. For more information about these vulnerabilities, see the Details section of this advisory."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "7.6",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-77"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190925 Cisco IOS XE Software Web UI Command Injection Vulnerabilities",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-webui-cmd-injection"
}
]
},
"source": {
"advisory": "cisco-sa-20190925-webui-cmd-injection",
"defect": [
[
"CSCvo61821",
"CSCvp78858",
"CSCvp95724"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-12650",
"datePublished": "2019-09-25T20:05:12.419865Z",
"dateReserved": "2019-06-04T00:00:00",
"dateUpdated": "2024-11-21T19:14:26.806Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:16.11.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"745B35AC-752A-4782-9B63-EB89F09FF964\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios_xe:16.6.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D83E34F4-F4DD-49CC-9C95-93F9D4D26B42\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:1100-4p_integrated_services_router:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A2D2305B-B69E-4F74-A44E-07B3205CE9F7\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:1100-8p_integrated_services_router:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"26DD41B3-1D1D-44D3-BA8E-5A66AFEE77E6\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:1101-4p_integrated_services_router:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5AAD4397-6DCF-493A-BD61-3A890F6F3AB2\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:1109-2p_integrated_services_router:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3F2F0A8E-97F6-41AC-BE67-4B2D60F9D36B\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:1109-4p_integrated_services_router:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BB9229F3-7BCE-46C4-9879-D57B5BAAE44E\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:1111x-8p_integrated_services_router:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A5A606FE-E6F1-43F9-B1CD-D9DF35FC3573\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:asr_1001-x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"09C913FF-63D5-43FB-8B39-598EF436BA5A\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:asr_1002-hx:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CD2794BD-C8CE-46EF-9857-1723FCF04E46\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:asr_1006-x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DE7401B7-094C-46EB-9869-2F0372E8B26B\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:asr_1009-x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8D8A72FD-D8B0-45B5-8FAD-6D8395BB218A\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_3650-12x48uq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7434059A-25B8-4FAC-A756-6E571348B76E\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_3650-12x48ur:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"858FEECF-CC69-4E68-8E8A-674643021964\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_3650-12x48uz:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"91B9F022-4C3D-493E-9418-E9CDDAFEC9B1\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_3650-24pd:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8904EAF5-25E7-4A6B-8117-1859F913B83B\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_3650-24pdm:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"59A990D6-B748-4AFD-B924-1D19680BD3DB\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_3650-48fq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"426B68A6-3A41-43DB-846F-AEFBA62E221B\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_3650-48fqm:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9C96215F-A300-4B4E-9D3A-C32E484BFC5B\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_3650-8x24uq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"991CBDFB-6836-4D1F-80A9-14EBCE3F855F\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_3850-12x48u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C8F7FAA3-003D-4BEE-99CC-C9F75D5293FC\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_3850-24u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EC5CB558-BD42-4615-BC31-41CCF25DE5C9\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_3850-24xs:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"295C46B4-5E9F-4DD8-861B-00BA43923306\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_3850-24xu:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F840171D-CA1C-4E25-BD41-6B871C47BB84\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_3850-48u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"47E4D5A8-7E4A-44C5-81DC-84712781206D\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_3850-48xs:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F8E9B149-AA2B-4421-8CC3-5A4B32B7AADF\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_3850-nm-2-40g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"35490BDE-DF21-495E-9F8A-7631FCB32A1F\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_3850-nm-8-10g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"20EFB5B8-4A38-48C5-A363-3C7F7763C1D5\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_9800-40:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1B9ED0E5-CB20-4106-9CF2-8EB587B33543\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_9800-80:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2B0E620C-8E09-4F7C-A326-26013173B993\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_9800-cl:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FF93F1C8-669F-4ECB-8D81-ECDA7B550175\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_9800-l:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2E0BA345-B7D7-4975-9199-4DC7875BBFD0\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_9800-l-c:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4E9EA95F-4E39-4D9C-8A84-D1F6014A4A40\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_9800-l-f:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EA0BC769-C244-41BD-BE80-E67F4E1CDDA4\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9200-24p:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"18736C74-F68F-4D0B-AE2B-4BC1834EF794\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9200-24t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D223C2AB-22A4-42B5-8BBB-78E2CBF23B40\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9200-48p:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BDD3EAA2-8F25-4099-B76F-5ACC3BE34610\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9200-48t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AE9BD57F-BDAC-46DD-AF87-8914B29670F2\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9200l-24p-4g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AFCEBFFC-DD60-4CB1-A7F2-9AC09977BA4F\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9200l-24p-4x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B9F7B21F-1DAA-45C7-8C24-D3A19F1C5459\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9200l-24pxg-2y:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1C4F9918-E075-4F78-AFD7-0BB7FA97C1F6\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9200l-24pxg-4x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C7E00A0B-A58E-472F-B107-0FE106751F2D\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9200l-24t-4g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BCB45406-5216-4A11-B8D3-C44639DC26B0\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9200l-24t-4x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"215D01AE-3767-482A-85C5-3361506F0AC3\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9200l-48p-4g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A06E37A8-166F-4534-9089-D20B1227F4DD\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9200l-48p-4x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B9D6DAE3-BAD0-46D8-B899-45B955F532F7\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9200l-48pxg-2y:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"327167E8-4B65-4F9D-8760-34CDA03887CA\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9200l-48pxg-4x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A0DA2253-C6A9-4749-B313-6552628A96F3\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9200l-48t-4g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C925086A-94B9-4FE0-9FEB-3242C1217453\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9200l-48t-4x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6EB14B34-4035-41D2-834B-7FB069264207\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9300-24p:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F257D2BE-7618-4B6A-AFCE-6D9D0084FA1D\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9300-24s:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8BA927CE-9D8E-4BC0-9EA6-641E7C4F71B3\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9300-24t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9A46D298-1685-410E-879C-2EBC45C185AC\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9300-24u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CA4ACF54-E576-4D8A-A4E6-17A37EEC53DA\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9300-24ux:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"196A7C06-8371-479D-973D-591DEB181739\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9300-48p:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EE42511E-9883-4779-A8E5-FC3E16EF2793\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9300-48s:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DB06AD21-91A7-46B8-8F44-683828A5422D\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9300-48t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5DA169AF-3743-4051-B63B-FF6E1ADCD886\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9300-48u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7D13CF5B-4482-4C7D-8D6A-E220F3E4F868\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9300-48un:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"92134C0A-4E5B-43EF-8439-484DF504C43C\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9300-48uxm:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"26ECF9BD-F632-4A02-8993-C0D44B91289C\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9300l-24p-4g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"48730DB5-94AF-4BE7-8047-52B8B47CE35A\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9300l-24p-4x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E3A88142-3284-4C25-8774-36004B5F9087\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9300l-24t-4g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8EB76311-4B6D-4897-A683-4244E92BD570\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9300l-24t-4x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CDDA2975-CDB7-4182-A03E-D34F15CDF6F1\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9300l-48p-4g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"35B9D0B5-4BE1-490E-9A68-00A3D357BC3D\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9300l-48p-4x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"71FA2F5A-6146-4142-96A8-552118E4BB67\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9300l-48t-4g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BEF786D6-F28F-49D8-A15C-BFD0AA934355\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9300l-48t-4x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CA32B0AC-1B0A-4ED8-8532-9C7BE6E059D4\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9500-12q:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6BFEE45F-C5AC-483D-9DE6-4CEB98D80A0C\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9500-16x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FD6F5BBC-4627-4A3E-B827-3CEE7EE969D0\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9500-24q:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8B2E41E2-00CE-42C4-8C91-9307D76F5D7A\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9500-24y4c:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"98CB2D23-B5F8-4FA9-8431-3B0124CE2140\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9500-32c:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E8A8BA9F-3361-43CD-8031-A5DF0AD68BEB\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9500-32qc:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6DFE4BB6-FC9A-42B3-B8A0-2610D71BB9B8\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9500-40x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"53D13F1D-345D-45D5-9000-DAFE8A85D71B\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9500-48y4c:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8CFB064E-E390-47B5-AA76-5D3D2E368055\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:integrated_services_virtual_router:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5361C70A-C036-4254-9698-BC58F48C465B\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios_xe:17.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E306B09C-CB48-4067-B60C-5F738555EEAC\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_3650-12x48uq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7434059A-25B8-4FAC-A756-6E571348B76E\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_3650-12x48ur:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"858FEECF-CC69-4E68-8E8A-674643021964\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_3650-12x48uz:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"91B9F022-4C3D-493E-9418-E9CDDAFEC9B1\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_3650-24pd:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8904EAF5-25E7-4A6B-8117-1859F913B83B\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_3650-24pdm:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"59A990D6-B748-4AFD-B924-1D19680BD3DB\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_3650-48fq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"426B68A6-3A41-43DB-846F-AEFBA62E221B\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_3650-48fqm:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9C96215F-A300-4B4E-9D3A-C32E484BFC5B\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_3650-8x24uq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"991CBDFB-6836-4D1F-80A9-14EBCE3F855F\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_3850-12x48u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C8F7FAA3-003D-4BEE-99CC-C9F75D5293FC\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_3850-24u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EC5CB558-BD42-4615-BC31-41CCF25DE5C9\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_3850-24xs:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"295C46B4-5E9F-4DD8-861B-00BA43923306\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_3850-24xu:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F840171D-CA1C-4E25-BD41-6B871C47BB84\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_3850-48u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"47E4D5A8-7E4A-44C5-81DC-84712781206D\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_3850-48xs:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F8E9B149-AA2B-4421-8CC3-5A4B32B7AADF\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_3850-nm-2-40g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"35490BDE-DF21-495E-9F8A-7631FCB32A1F\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_3850-nm-8-10g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"20EFB5B8-4A38-48C5-A363-3C7F7763C1D5\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9200-24p:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"18736C74-F68F-4D0B-AE2B-4BC1834EF794\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9200-24t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D223C2AB-22A4-42B5-8BBB-78E2CBF23B40\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9200-48p:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BDD3EAA2-8F25-4099-B76F-5ACC3BE34610\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9200-48t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AE9BD57F-BDAC-46DD-AF87-8914B29670F2\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9200l-24p-4g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AFCEBFFC-DD60-4CB1-A7F2-9AC09977BA4F\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9200l-24p-4x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B9F7B21F-1DAA-45C7-8C24-D3A19F1C5459\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9200l-24pxg-2y:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1C4F9918-E075-4F78-AFD7-0BB7FA97C1F6\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9200l-24pxg-4x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C7E00A0B-A58E-472F-B107-0FE106751F2D\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9200l-24t-4g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BCB45406-5216-4A11-B8D3-C44639DC26B0\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9200l-24t-4x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"215D01AE-3767-482A-85C5-3361506F0AC3\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9200l-48p-4g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A06E37A8-166F-4534-9089-D20B1227F4DD\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9200l-48p-4x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B9D6DAE3-BAD0-46D8-B899-45B955F532F7\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9200l-48pxg-2y:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"327167E8-4B65-4F9D-8760-34CDA03887CA\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9200l-48pxg-4x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A0DA2253-C6A9-4749-B313-6552628A96F3\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9200l-48t-4g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C925086A-94B9-4FE0-9FEB-3242C1217453\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9200l-48t-4x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6EB14B34-4035-41D2-834B-7FB069264207\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9300-24p:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F257D2BE-7618-4B6A-AFCE-6D9D0084FA1D\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9300-24s:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8BA927CE-9D8E-4BC0-9EA6-641E7C4F71B3\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9300-24t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9A46D298-1685-410E-879C-2EBC45C185AC\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9300-24u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CA4ACF54-E576-4D8A-A4E6-17A37EEC53DA\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9300-24ux:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"196A7C06-8371-479D-973D-591DEB181739\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9300-48p:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EE42511E-9883-4779-A8E5-FC3E16EF2793\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9300-48s:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DB06AD21-91A7-46B8-8F44-683828A5422D\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9300-48t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5DA169AF-3743-4051-B63B-FF6E1ADCD886\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9300-48u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7D13CF5B-4482-4C7D-8D6A-E220F3E4F868\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9300-48un:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"92134C0A-4E5B-43EF-8439-484DF504C43C\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9300-48uxm:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"26ECF9BD-F632-4A02-8993-C0D44B91289C\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9300l-24p-4g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"48730DB5-94AF-4BE7-8047-52B8B47CE35A\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9300l-24p-4x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E3A88142-3284-4C25-8774-36004B5F9087\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9300l-24t-4g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8EB76311-4B6D-4897-A683-4244E92BD570\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9300l-24t-4x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CDDA2975-CDB7-4182-A03E-D34F15CDF6F1\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9300l-48p-4g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"35B9D0B5-4BE1-490E-9A68-00A3D357BC3D\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9300l-48p-4x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"71FA2F5A-6146-4142-96A8-552118E4BB67\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9300l-48t-4g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BEF786D6-F28F-49D8-A15C-BFD0AA934355\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9300l-48t-4x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CA32B0AC-1B0A-4ED8-8532-9C7BE6E059D4\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9500-12q:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6BFEE45F-C5AC-483D-9DE6-4CEB98D80A0C\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9500-16x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FD6F5BBC-4627-4A3E-B827-3CEE7EE969D0\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9500-24q:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8B2E41E2-00CE-42C4-8C91-9307D76F5D7A\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9500-24y4c:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"98CB2D23-B5F8-4FA9-8431-3B0124CE2140\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9500-32c:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E8A8BA9F-3361-43CD-8031-A5DF0AD68BEB\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9500-32qc:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6DFE4BB6-FC9A-42B3-B8A0-2610D71BB9B8\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9500-40x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"53D13F1D-345D-45D5-9000-DAFE8A85D71B\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9500-48y4c:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8CFB064E-E390-47B5-AA76-5D3D2E368055\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:cloud_services_router_1000v:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4CCB8270-A01D-40A6-BF4B-26BAF65E68F3\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Multiple vulnerabilities in the web-based user interface (Web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker to execute commands with elevated privileges on the affected device. For more information about these vulnerabilities, see the Details section of this advisory.\"}, {\"lang\": \"es\", \"value\": \"M\\u00faltiples vulnerabilidades en la interfaz de usuario basada en web (UI web) del software Cisco IOS XE, podr\\u00edan permitir a un atacante remoto autenticado ejecutar comandos con privilegios elevados en el dispositivo afectado. Para m\\u00e1s informaci\\u00f3n sobre estas vulnerabilidades, consulte la secci\\u00f3n de Detalles de este aviso.\"}]",
"id": "CVE-2019-12650",
"lastModified": "2024-11-21T04:23:15.763",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}], \"cvssMetricV30\": [{\"source\": \"ykramarz@cisco.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H\", \"baseScore\": 7.6, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 4.7}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:S/C:C/I:C/A:C\", \"baseScore\": 9.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 8.0, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2019-09-25T20:15:10.650",
"references": "[{\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-webui-cmd-injection\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-webui-cmd-injection\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"ykramarz@cisco.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-77\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-78\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2019-12650\",\"sourceIdentifier\":\"ykramarz@cisco.com\",\"published\":\"2019-09-25T20:15:10.650\",\"lastModified\":\"2024-11-21T04:23:15.763\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Multiple vulnerabilities in the web-based user interface (Web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker to execute commands with elevated privileges on the affected device. For more information about these vulnerabilities, see the Details section of this advisory.\"},{\"lang\":\"es\",\"value\":\"M\u00faltiples vulnerabilidades en la interfaz de usuario basada en web (UI web) del software Cisco IOS XE, podr\u00edan permitir a un atacante remoto autenticado ejecutar comandos con privilegios elevados en el dispositivo afectado. Para m\u00e1s informaci\u00f3n sobre estas vulnerabilidades, consulte la secci\u00f3n de Detalles de este aviso.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"cvssMetricV30\":[{\"source\":\"ykramarz@cisco.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H\",\"baseScore\":7.6,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":4.7}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:C/I:C/A:C\",\"baseScore\":9.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"ykramarz@cisco.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-77\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-78\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:16.11.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"745B35AC-752A-4782-9B63-EB89F09FF964\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.6.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D83E34F4-F4DD-49CC-9C95-93F9D4D26B42\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:1100-4p_integrated_services_router:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2D2305B-B69E-4F74-A44E-07B3205CE9F7\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:1100-8p_integrated_services_router:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"26DD41B3-1D1D-44D3-BA8E-5A66AFEE77E6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:1101-4p_integrated_services_router:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5AAD4397-6DCF-493A-BD61-3A890F6F3AB2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:1109-2p_integrated_services_router:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F2F0A8E-97F6-41AC-BE67-4B2D60F9D36B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:1109-4p_integrated_services_router:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB9229F3-7BCE-46C4-9879-D57B5BAAE44E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:1111x-8p_integrated_services_router:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A5A606FE-E6F1-43F9-B1CD-D9DF35FC3573\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asr_1001-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09C913FF-63D5-43FB-8B39-598EF436BA5A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asr_1002-hx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD2794BD-C8CE-46EF-9857-1723FCF04E46\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asr_1006-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE7401B7-094C-46EB-9869-2F0372E8B26B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asr_1009-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D8A72FD-D8B0-45B5-8FAD-6D8395BB218A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_3650-12x48uq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7434059A-25B8-4FAC-A756-6E571348B76E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_3650-12x48ur:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"858FEECF-CC69-4E68-8E8A-674643021964\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_3650-12x48uz:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"91B9F022-4C3D-493E-9418-E9CDDAFEC9B1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_3650-24pd:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8904EAF5-25E7-4A6B-8117-1859F913B83B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_3650-24pdm:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"59A990D6-B748-4AFD-B924-1D19680BD3DB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_3650-48fq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"426B68A6-3A41-43DB-846F-AEFBA62E221B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_3650-48fqm:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C96215F-A300-4B4E-9D3A-C32E484BFC5B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_3650-8x24uq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"991CBDFB-6836-4D1F-80A9-14EBCE3F855F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_3850-12x48u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C8F7FAA3-003D-4BEE-99CC-C9F75D5293FC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_3850-24u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC5CB558-BD42-4615-BC31-41CCF25DE5C9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_3850-24xs:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"295C46B4-5E9F-4DD8-861B-00BA43923306\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_3850-24xu:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F840171D-CA1C-4E25-BD41-6B871C47BB84\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_3850-48u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"47E4D5A8-7E4A-44C5-81DC-84712781206D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_3850-48xs:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8E9B149-AA2B-4421-8CC3-5A4B32B7AADF\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_3850-nm-2-40g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"35490BDE-DF21-495E-9F8A-7631FCB32A1F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_3850-nm-8-10g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"20EFB5B8-4A38-48C5-A363-3C7F7763C1D5\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9800-40:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B9ED0E5-CB20-4106-9CF2-8EB587B33543\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9800-80:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B0E620C-8E09-4F7C-A326-26013173B993\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9800-cl:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FF93F1C8-669F-4ECB-8D81-ECDA7B550175\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9800-l:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E0BA345-B7D7-4975-9199-4DC7875BBFD0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9800-l-c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E9EA95F-4E39-4D9C-8A84-D1F6014A4A40\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9800-l-f:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA0BC769-C244-41BD-BE80-E67F4E1CDDA4\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9200-24p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"18736C74-F68F-4D0B-AE2B-4BC1834EF794\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9200-24t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D223C2AB-22A4-42B5-8BBB-78E2CBF23B40\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9200-48p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BDD3EAA2-8F25-4099-B76F-5ACC3BE34610\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9200-48t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE9BD57F-BDAC-46DD-AF87-8914B29670F2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9200l-24p-4g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AFCEBFFC-DD60-4CB1-A7F2-9AC09977BA4F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9200l-24p-4x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9F7B21F-1DAA-45C7-8C24-D3A19F1C5459\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9200l-24pxg-2y:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C4F9918-E075-4F78-AFD7-0BB7FA97C1F6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9200l-24pxg-4x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7E00A0B-A58E-472F-B107-0FE106751F2D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9200l-24t-4g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BCB45406-5216-4A11-B8D3-C44639DC26B0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9200l-24t-4x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"215D01AE-3767-482A-85C5-3361506F0AC3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9200l-48p-4g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A06E37A8-166F-4534-9089-D20B1227F4DD\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9200l-48p-4x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9D6DAE3-BAD0-46D8-B899-45B955F532F7\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9200l-48pxg-2y:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"327167E8-4B65-4F9D-8760-34CDA03887CA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9200l-48pxg-4x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0DA2253-C6A9-4749-B313-6552628A96F3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9200l-48t-4g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C925086A-94B9-4FE0-9FEB-3242C1217453\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9200l-48t-4x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6EB14B34-4035-41D2-834B-7FB069264207\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9300-24p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F257D2BE-7618-4B6A-AFCE-6D9D0084FA1D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9300-24s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8BA927CE-9D8E-4BC0-9EA6-641E7C4F71B3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9300-24t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A46D298-1685-410E-879C-2EBC45C185AC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9300-24u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA4ACF54-E576-4D8A-A4E6-17A37EEC53DA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9300-24ux:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"196A7C06-8371-479D-973D-591DEB181739\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9300-48p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE42511E-9883-4779-A8E5-FC3E16EF2793\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9300-48s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB06AD21-91A7-46B8-8F44-683828A5422D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9300-48t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DA169AF-3743-4051-B63B-FF6E1ADCD886\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9300-48u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D13CF5B-4482-4C7D-8D6A-E220F3E4F868\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9300-48un:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92134C0A-4E5B-43EF-8439-484DF504C43C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9300-48uxm:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"26ECF9BD-F632-4A02-8993-C0D44B91289C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9300l-24p-4g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48730DB5-94AF-4BE7-8047-52B8B47CE35A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9300l-24p-4x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E3A88142-3284-4C25-8774-36004B5F9087\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9300l-24t-4g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8EB76311-4B6D-4897-A683-4244E92BD570\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9300l-24t-4x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CDDA2975-CDB7-4182-A03E-D34F15CDF6F1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9300l-48p-4g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"35B9D0B5-4BE1-490E-9A68-00A3D357BC3D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9300l-48p-4x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"71FA2F5A-6146-4142-96A8-552118E4BB67\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9300l-48t-4g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BEF786D6-F28F-49D8-A15C-BFD0AA934355\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9300l-48t-4x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA32B0AC-1B0A-4ED8-8532-9C7BE6E059D4\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9500-12q:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6BFEE45F-C5AC-483D-9DE6-4CEB98D80A0C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9500-16x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD6F5BBC-4627-4A3E-B827-3CEE7EE969D0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9500-24q:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B2E41E2-00CE-42C4-8C91-9307D76F5D7A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9500-24y4c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"98CB2D23-B5F8-4FA9-8431-3B0124CE2140\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9500-32c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E8A8BA9F-3361-43CD-8031-A5DF0AD68BEB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9500-32qc:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6DFE4BB6-FC9A-42B3-B8A0-2610D71BB9B8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9500-40x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"53D13F1D-345D-45D5-9000-DAFE8A85D71B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9500-48y4c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8CFB064E-E390-47B5-AA76-5D3D2E368055\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:integrated_services_virtual_router:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5361C70A-C036-4254-9698-BC58F48C465B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:17.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E306B09C-CB48-4067-B60C-5F738555EEAC\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_3650-12x48uq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7434059A-25B8-4FAC-A756-6E571348B76E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_3650-12x48ur:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"858FEECF-CC69-4E68-8E8A-674643021964\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_3650-12x48uz:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"91B9F022-4C3D-493E-9418-E9CDDAFEC9B1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_3650-24pd:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8904EAF5-25E7-4A6B-8117-1859F913B83B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_3650-24pdm:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"59A990D6-B748-4AFD-B924-1D19680BD3DB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_3650-48fq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"426B68A6-3A41-43DB-846F-AEFBA62E221B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_3650-48fqm:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C96215F-A300-4B4E-9D3A-C32E484BFC5B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_3650-8x24uq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"991CBDFB-6836-4D1F-80A9-14EBCE3F855F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_3850-12x48u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C8F7FAA3-003D-4BEE-99CC-C9F75D5293FC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_3850-24u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC5CB558-BD42-4615-BC31-41CCF25DE5C9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_3850-24xs:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"295C46B4-5E9F-4DD8-861B-00BA43923306\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_3850-24xu:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F840171D-CA1C-4E25-BD41-6B871C47BB84\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_3850-48u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"47E4D5A8-7E4A-44C5-81DC-84712781206D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_3850-48xs:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8E9B149-AA2B-4421-8CC3-5A4B32B7AADF\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_3850-nm-2-40g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"35490BDE-DF21-495E-9F8A-7631FCB32A1F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_3850-nm-8-10g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"20EFB5B8-4A38-48C5-A363-3C7F7763C1D5\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9200-24p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"18736C74-F68F-4D0B-AE2B-4BC1834EF794\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9200-24t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D223C2AB-22A4-42B5-8BBB-78E2CBF23B40\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9200-48p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BDD3EAA2-8F25-4099-B76F-5ACC3BE34610\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9200-48t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE9BD57F-BDAC-46DD-AF87-8914B29670F2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9200l-24p-4g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AFCEBFFC-DD60-4CB1-A7F2-9AC09977BA4F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9200l-24p-4x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9F7B21F-1DAA-45C7-8C24-D3A19F1C5459\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9200l-24pxg-2y:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C4F9918-E075-4F78-AFD7-0BB7FA97C1F6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9200l-24pxg-4x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7E00A0B-A58E-472F-B107-0FE106751F2D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9200l-24t-4g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BCB45406-5216-4A11-B8D3-C44639DC26B0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9200l-24t-4x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"215D01AE-3767-482A-85C5-3361506F0AC3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9200l-48p-4g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A06E37A8-166F-4534-9089-D20B1227F4DD\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9200l-48p-4x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9D6DAE3-BAD0-46D8-B899-45B955F532F7\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9200l-48pxg-2y:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"327167E8-4B65-4F9D-8760-34CDA03887CA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9200l-48pxg-4x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0DA2253-C6A9-4749-B313-6552628A96F3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9200l-48t-4g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C925086A-94B9-4FE0-9FEB-3242C1217453\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9200l-48t-4x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6EB14B34-4035-41D2-834B-7FB069264207\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9300-24p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F257D2BE-7618-4B6A-AFCE-6D9D0084FA1D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9300-24s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8BA927CE-9D8E-4BC0-9EA6-641E7C4F71B3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9300-24t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A46D298-1685-410E-879C-2EBC45C185AC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9300-24u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA4ACF54-E576-4D8A-A4E6-17A37EEC53DA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9300-24ux:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"196A7C06-8371-479D-973D-591DEB181739\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9300-48p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE42511E-9883-4779-A8E5-FC3E16EF2793\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9300-48s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB06AD21-91A7-46B8-8F44-683828A5422D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9300-48t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DA169AF-3743-4051-B63B-FF6E1ADCD886\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9300-48u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D13CF5B-4482-4C7D-8D6A-E220F3E4F868\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9300-48un:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92134C0A-4E5B-43EF-8439-484DF504C43C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9300-48uxm:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"26ECF9BD-F632-4A02-8993-C0D44B91289C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9300l-24p-4g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48730DB5-94AF-4BE7-8047-52B8B47CE35A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9300l-24p-4x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E3A88142-3284-4C25-8774-36004B5F9087\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9300l-24t-4g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8EB76311-4B6D-4897-A683-4244E92BD570\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9300l-24t-4x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CDDA2975-CDB7-4182-A03E-D34F15CDF6F1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9300l-48p-4g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"35B9D0B5-4BE1-490E-9A68-00A3D357BC3D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9300l-48p-4x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"71FA2F5A-6146-4142-96A8-552118E4BB67\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9300l-48t-4g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BEF786D6-F28F-49D8-A15C-BFD0AA934355\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9300l-48t-4x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA32B0AC-1B0A-4ED8-8532-9C7BE6E059D4\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9500-12q:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6BFEE45F-C5AC-483D-9DE6-4CEB98D80A0C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9500-16x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD6F5BBC-4627-4A3E-B827-3CEE7EE969D0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9500-24q:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B2E41E2-00CE-42C4-8C91-9307D76F5D7A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9500-24y4c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"98CB2D23-B5F8-4FA9-8431-3B0124CE2140\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9500-32c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E8A8BA9F-3361-43CD-8031-A5DF0AD68BEB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9500-32qc:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6DFE4BB6-FC9A-42B3-B8A0-2610D71BB9B8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9500-40x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"53D13F1D-345D-45D5-9000-DAFE8A85D71B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9500-48y4c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8CFB064E-E390-47B5-AA76-5D3D2E368055\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:cloud_services_router_1000v:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4CCB8270-A01D-40A6-BF4B-26BAF65E68F3\"}]}]}],\"references\":[{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-webui-cmd-injection\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-webui-cmd-injection\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-webui-cmd-injection\", \"name\": \"20190925 Cisco IOS XE Software Web UI Command Injection Vulnerabilities\", \"tags\": [\"vendor-advisory\", \"x_refsource_CISCO\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-04T23:24:39.291Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2019-12650\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-11-21T18:57:01.417442Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-11-21T18:58:24.254Z\"}}], \"cna\": {\"title\": \"Cisco IOS XE Software Web UI Command Injection Vulnerabilities\", \"source\": {\"defect\": [[\"CSCvo61821\", \"CSCvp78858\", \"CSCvp95724\"]], \"advisory\": \"cisco-sa-20190925-webui-cmd-injection\", \"discovery\": \"INTERNAL\"}, \"metrics\": [{\"cvssV3_0\": {\"scope\": \"UNCHANGED\", \"version\": \"3.0\", \"baseScore\": 7.6, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"LOW\"}}], \"affected\": [{\"vendor\": \"Cisco\", \"product\": \"Cisco IOS XE Software 3.2.11aSG\", \"versions\": [{\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"n/a\", \"versionType\": \"custom\"}]}], \"exploits\": [{\"lang\": \"en\", \"value\": \"The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.\"}], \"datePublic\": \"2019-09-25T00:00:00\", \"references\": [{\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-webui-cmd-injection\", \"name\": \"20190925 Cisco IOS XE Software Web UI Command Injection Vulnerabilities\", \"tags\": [\"vendor-advisory\", \"x_refsource_CISCO\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Multiple vulnerabilities in the web-based user interface (Web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker to execute commands with elevated privileges on the affected device. For more information about these vulnerabilities, see the Details section of this advisory.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-77\", \"description\": \"CWE-77\"}]}], \"providerMetadata\": {\"orgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"shortName\": \"cisco\", \"dateUpdated\": \"2019-09-25T20:05:12\"}, \"x_legacyV4Record\": {\"impact\": {\"cvss\": {\"version\": \"3.0\", \"baseScore\": \"7.6\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H\"}}, \"source\": {\"defect\": [[\"CSCvo61821\", \"CSCvp78858\", \"CSCvp95724\"]], \"advisory\": \"cisco-sa-20190925-webui-cmd-injection\", \"discovery\": \"INTERNAL\"}, \"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"affected\": \"\u003c\", \"version_value\": \"n/a\", \"version_affected\": \"\u003c\"}]}, \"product_name\": \"Cisco IOS XE Software 3.2.11aSG\"}]}, \"vendor_name\": \"Cisco\"}]}}, \"exploit\": [{\"lang\": \"en\", \"value\": \"The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.\"}], \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-webui-cmd-injection\", \"name\": \"20190925 Cisco IOS XE Software Web UI Command Injection Vulnerabilities\", \"refsource\": \"CISCO\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"Multiple vulnerabilities in the web-based user interface (Web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker to execute commands with elevated privileges on the affected device. For more information about these vulnerabilities, see the Details section of this advisory.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"CWE-77\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2019-12650\", \"STATE\": \"PUBLIC\", \"TITLE\": \"Cisco IOS XE Software Web UI Command Injection Vulnerabilities\", \"ASSIGNER\": \"psirt@cisco.com\", \"DATE_PUBLIC\": \"2019-09-25T16:00:00-0700\"}}}}",
"cveMetadata": "{\"cveId\": \"CVE-2019-12650\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-11-21T19:14:26.806Z\", \"dateReserved\": \"2019-06-04T00:00:00\", \"assignerOrgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"datePublished\": \"2019-09-25T20:05:12.419865Z\", \"assignerShortName\": \"cisco\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.