VAR-201411-0245
Vulnerability from variot - Updated: 2023-12-18 14:01Cisco IOS XE 3.5E and earlier on WS-C3850, WS-C3860, and AIR-CT5760 devices does not properly parse the "request system shell" challenge response, which allows local users to obtain Linux root access by leveraging administrative privilege, aka Bug ID CSCur09815. Cisco IOS is the interconnected network operating system used on most Cisco system routers and network switches. The Cisco IOS XE software has a local security bypass vulnerability that an attacker can use to bypass certain security restrictions and perform unauthorized operations in an affected system environment. This issue is being tracked by Cisco Bug ID CSCur09815. The vulnerability is caused by the program not correctly parsing the 'request system shell' challenge response
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201411-0245",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ios xe",
"scope": "lte",
"trust": 1.8,
"vendor": "cisco",
"version": "3.5e"
},
{
"model": "air-ct5760",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "ws-c3850",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "ws-c3860",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "air-ct5760",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "ws-c3850",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "ws-c3860",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe \u003c=3.5e",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "3.5e"
},
{
"model": "ios xe software 3.5e",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe software 3.4sg.2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe software 3.4sg.1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe software 3.4sg.0",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe software 3.3xo.0",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe software 3.3sg.2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe software 3.3sg.1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe software 3.3sg.0",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe software 3.3se.1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe software 3.3se.0",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe software 3.2xo.1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe software 3.2xo.0",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe software 3.2sg.5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe software 3.2sg.4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe software 3.2sg.3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe software 3.2sg.2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe software 3.2se.3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe software 3.2se.2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe software 3.2se.1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe software 3.2se.0",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe software 3.2sg.1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe software 3.2sg.0",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe software 3.1sg.1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-08192"
},
{
"db": "BID",
"id": "70968"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005287"
},
{
"db": "NVD",
"id": "CVE-2014-7990"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-109"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.5e",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:ws-c3860:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:cisco:air-ct5760:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:cisco:ws-c3850:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-7990"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco",
"sources": [
{
"db": "BID",
"id": "70968"
}
],
"trust": 0.3
},
"cve": "CVE-2014-7990",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.1,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 6.8,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2014-7990",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.1,
"id": "CNVD-2014-08192",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.1,
"id": "VHN-75935",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-7990",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2014-08192",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201411-109",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-75935",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-08192"
},
{
"db": "VULHUB",
"id": "VHN-75935"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005287"
},
{
"db": "NVD",
"id": "CVE-2014-7990"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-109"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco IOS XE 3.5E and earlier on WS-C3850, WS-C3860, and AIR-CT5760 devices does not properly parse the \"request system shell\" challenge response, which allows local users to obtain Linux root access by leveraging administrative privilege, aka Bug ID CSCur09815. Cisco IOS is the interconnected network operating system used on most Cisco system routers and network switches. The Cisco IOS XE software has a local security bypass vulnerability that an attacker can use to bypass certain security restrictions and perform unauthorized operations in an affected system environment. \nThis issue is being tracked by Cisco Bug ID CSCur09815. The vulnerability is caused by the program not correctly parsing the \u0027request system shell\u0027 challenge response",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-7990"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005287"
},
{
"db": "CNVD",
"id": "CNVD-2014-08192"
},
{
"db": "BID",
"id": "70968"
},
{
"db": "VULHUB",
"id": "VHN-75935"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-7990",
"trust": 3.4
},
{
"db": "BID",
"id": "70968",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1031179",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005287",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201411-109",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2014-08192",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-75935",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-08192"
},
{
"db": "VULHUB",
"id": "VHN-75935"
},
{
"db": "BID",
"id": "70968"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005287"
},
{
"db": "NVD",
"id": "CVE-2014-7990"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-109"
}
]
},
"id": "VAR-201411-0245",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-08192"
},
{
"db": "VULHUB",
"id": "VHN-75935"
}
],
"trust": 1.32263757
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-08192"
}
]
},
"last_update_date": "2023-12-18T14:01:56.594000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Cisco IOS XE Challenge/Response Bypass Vulnerability",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2014-7990"
},
{
"title": "36351",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=36351"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005287"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-75935"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005287"
},
{
"db": "NVD",
"id": "CVE-2014-7990"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2014-7990"
},
{
"trust": 2.0,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=36351"
},
{
"trust": 1.4,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-7990"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/70968"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031179"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98529"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-7990"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-08192"
},
{
"db": "VULHUB",
"id": "VHN-75935"
},
{
"db": "BID",
"id": "70968"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005287"
},
{
"db": "NVD",
"id": "CVE-2014-7990"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-109"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2014-08192"
},
{
"db": "VULHUB",
"id": "VHN-75935"
},
{
"db": "BID",
"id": "70968"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005287"
},
{
"db": "NVD",
"id": "CVE-2014-7990"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-109"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-11-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-08192"
},
{
"date": "2014-11-07T00:00:00",
"db": "VULHUB",
"id": "VHN-75935"
},
{
"date": "2014-11-06T00:00:00",
"db": "BID",
"id": "70968"
},
{
"date": "2014-11-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005287"
},
{
"date": "2014-11-07T11:55:03.907000",
"db": "NVD",
"id": "CVE-2014-7990"
},
{
"date": "2014-11-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201411-109"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-11-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-08192"
},
{
"date": "2017-09-08T00:00:00",
"db": "VULHUB",
"id": "VHN-75935"
},
{
"date": "2014-11-06T00:00:00",
"db": "BID",
"id": "70968"
},
{
"date": "2014-11-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005287"
},
{
"date": "2017-09-08T01:29:19.013000",
"db": "NVD",
"id": "CVE-2014-7990"
},
{
"date": "2014-11-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201411-109"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "70968"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-109"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Cisco Runs on the device Cisco IOS XE In Linux of root Vulnerability for which access rights are acquired",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005287"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201411-109"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…