var-201905-0597
Vulnerability from variot
A vulnerability in the web-based user interface (Web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability occurs because the affected software improperly sanitizes user-supplied input. An attacker who has valid administrator access to an affected device could exploit this vulnerability by supplying a crafted input parameter on a form in the Web UI and then submitting that form. A successful exploit could allow the attacker to run arbitrary commands on the device with root privileges, which may lead to complete system compromise. Cisco's Trust Anchor module (TAm) can be bypassed through manipulating the bitstream of the Field Programmable Gate Array (FPGA). This component handles access control to a hardware component within Cisco's Secure Boot implementations, which affects multiple products that support this functionality. An authenticated, local attacker could bypass the Secure Boot and make persistent changes to the root trust for software integrity. Cisco IOS XE The software contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Cisco IOS XE Software is prone to a remote command-injection vulnerability. The vulnerability stems from the failure of the network system or product to properly validate the input data
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201905-0597",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "16.3.7"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe software denali",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "16.3.7"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#400865"
},
{
"db": "BID",
"id": "108331"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003443"
},
{
"db": "NVD",
"id": "CVE-2019-1862"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:16.3.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-1862"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mr. James Chambers (Security Researcher) of Red Balloon Security,Mr. James Chambers of Red Balloon Security.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-342"
}
],
"trust": 0.6
},
"cve": "CVE-2019-1862",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2019-1862",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "VHN-150984",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.2,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-1862",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-1862",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ykramarz@cisco.com",
"id": "CVE-2019-1862",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201905-342",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-150984",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-150984"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003443"
},
{
"db": "NVD",
"id": "CVE-2019-1862"
},
{
"db": "NVD",
"id": "CVE-2019-1862"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-342"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the web-based user interface (Web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability occurs because the affected software improperly sanitizes user-supplied input. An attacker who has valid administrator access to an affected device could exploit this vulnerability by supplying a crafted input parameter on a form in the Web UI and then submitting that form. A successful exploit could allow the attacker to run arbitrary commands on the device with root privileges, which may lead to complete system compromise. Cisco\u0027s Trust Anchor module (TAm) can be bypassed through manipulating the bitstream of the Field Programmable Gate Array (FPGA). This component handles access control to a hardware component within Cisco\u0027s Secure Boot implementations, which affects multiple products that support this functionality. An authenticated, local attacker could bypass the Secure Boot and make persistent changes to the root trust for software integrity. Cisco IOS XE The software contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Cisco IOS XE Software is prone to a remote command-injection vulnerability. The vulnerability stems from the failure of the network system or product to properly validate the input data",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-1862"
},
{
"db": "CERT/CC",
"id": "VU#400865"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003443"
},
{
"db": "BID",
"id": "108331"
},
{
"db": "VULHUB",
"id": "VHN-150984"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#400865",
"trust": 3.6
},
{
"db": "NVD",
"id": "CVE-2019-1862",
"trust": 2.8
},
{
"db": "BID",
"id": "108331",
"trust": 2.0
},
{
"db": "JVN",
"id": "JVNVU97735735",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003443",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201905-342",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2019.1687",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-150984",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#400865"
},
{
"db": "VULHUB",
"id": "VHN-150984"
},
{
"db": "BID",
"id": "108331"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003443"
},
{
"db": "NVD",
"id": "CVE-2019-1862"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-342"
}
]
},
"id": "VAR-201905-0597",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-150984"
}
],
"trust": 0.72263757
},
"last_update_date": "2023-12-18T12:36:14.743000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20190513-webui",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190513-webui"
},
{
"title": "Cisco IOS XE Software Enter the fix for the verification error vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=92501"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003443"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-342"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-150984"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003443"
},
{
"db": "NVD",
"id": "CVE-2019-1862"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190513-webui"
},
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/108331"
},
{
"trust": 1.7,
"url": "https://www.kb.cert.org/vuls/id/400865/"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-1862"
},
{
"trust": 1.1,
"url": "https://www.kb.cert.org/vuls/id/400865"
},
{
"trust": 0.9,
"url": "http://www.cisco.com/"
},
{
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190513-secureboot"
},
{
"trust": 0.8,
"url": "https://thrangrycat.com/"
},
{
"trust": 0.8,
"url": "https://www.cisco.com/c/en/us/support/docs/ip/access-lists/13608-21.html"
},
{
"trust": 0.8,
"url": "https://www.cisco.com/c/dam/en_us/about/doing_business/trust-center/docs/trustworthy-technologies-datasheet.pdf"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1862"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu97735735/"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/cisco-ios-xe-shell-command-execution-via-web-ui-29280"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/80794"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#400865"
},
{
"db": "VULHUB",
"id": "VHN-150984"
},
{
"db": "BID",
"id": "108331"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003443"
},
{
"db": "NVD",
"id": "CVE-2019-1862"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-342"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#400865"
},
{
"db": "VULHUB",
"id": "VHN-150984"
},
{
"db": "BID",
"id": "108331"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003443"
},
{
"db": "NVD",
"id": "CVE-2019-1862"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-342"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-14T00:00:00",
"db": "CERT/CC",
"id": "VU#400865"
},
{
"date": "2019-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-150984"
},
{
"date": "2019-05-13T00:00:00",
"db": "BID",
"id": "108331"
},
{
"date": "2019-05-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003443"
},
{
"date": "2019-05-13T20:29:03.007000",
"db": "NVD",
"id": "CVE-2019-1862"
},
{
"date": "2019-05-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-342"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-16T00:00:00",
"db": "CERT/CC",
"id": "VU#400865"
},
{
"date": "2019-05-15T00:00:00",
"db": "VULHUB",
"id": "VHN-150984"
},
{
"date": "2019-05-13T00:00:00",
"db": "BID",
"id": "108331"
},
{
"date": "2019-05-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003443"
},
{
"date": "2019-05-15T15:09:00.257000",
"db": "NVD",
"id": "CVE-2019-1862"
},
{
"date": "2019-05-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-342"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-342"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Trust Anchor module (TAm) improperly checks code and Cisco IOS XE web UI does not sanitize user input",
"sources": [
{
"db": "CERT/CC",
"id": "VU#400865"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "108331"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-342"
}
],
"trust": 0.9
}
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.