Lucene search

CiscoCVE-2019-1896

HistoryAug 21, 2019 - 7:15 p.m.

CVE-2019-1896

2019-08-2119:15:15

CWE-78

cisco

web.nvd.nist.gov

cisco

imc

vulnerability

authenticated

remote attacker

arbitrary commands

root privileges

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

CVSS3

7.2

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

AI Score

7.2

Confidence

High

EPSS

0.004

Percentile

74.6%

JSON

A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to inject arbitrary commands and obtain root privileges. The vulnerability is due to insufficient validation of user-supplied input in the Certificate Signing Request (CSR) function of the web-based management interface. An attacker could exploit this vulnerability by submitting a crafted CSR in the web-based management interface. A successful exploit could allow an attacker with administrator privileges to execute arbitrary commands on the device with full root privileges.

Affected configurations

Nvd

Node

ciscounified_computing_systemMatch4.0\(1c\)hs3

Node

ciscointegrated_management_controller_supervisorRange2.0.0.0–2.0\(13o\)

ciscointegrated_management_controller_supervisorRange3.0.0.0–3.0\(4k\)

ciscointegrated_management_controller_supervisorRange4.0.0.0–4.0\(4b\)

AND

ciscoencs_5100Match-

ciscoencs_5400Match-

ciscoucs-e1120d-m3Match-

ciscoucs-e140s-m2Match-

ciscoucs-e160d-m2Match-

ciscoucs-e160s-m3Match-

ciscoucs-e168d-m2Match-

ciscoucs-e180d-m3Match-

ciscoucs_c125_m5Match-

ciscoucs_c4200Match-

ciscoucs_s3260Match-

Node

ciscointegrated_management_controller_supervisorRange4.0.0.0–4.0\(2f\)

AND

ciscoencs_5100Match-

ciscoencs_5400Match-

ciscoucs-e1120d-m3Match-

ciscoucs-e140s-m2Match-

ciscoucs-e160d-m2Match-

ciscoucs-e160s-m3Match-

ciscoucs-e168d-m2Match-

ciscoucs-e180d-m3Match-

ciscoucs_c125_m5Match-

ciscoucs_c4200Match-

ciscoucs_s3260Match-

VendorProductVersionCPE
ciscounified_computing_system4.0(1c)hs3cpe:2.3:a:cisco:unified_computing_system:4.0\(1c\)hs3:*:*:*:*:*:*:*
ciscointegrated_management_controller_supervisor*cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*
ciscoencs_5100-cpe:2.3:h:cisco:encs_5100:-:*:*:*:*:*:*:*
ciscoencs_5400-cpe:2.3:h:cisco:encs_5400:-:*:*:*:*:*:*:*
ciscoucs-e1120d-m3-cpe:2.3:h:cisco:ucs-e1120d-m3:-:*:*:*:*:*:*:*
ciscoucs-e140s-m2-cpe:2.3:h:cisco:ucs-e140s-m2:-:*:*:*:*:*:*:*
ciscoucs-e160d-m2-cpe:2.3:h:cisco:ucs-e160d-m2:-:*:*:*:*:*:*:*
ciscoucs-e160s-m3-cpe:2.3:h:cisco:ucs-e160s-m3:-:*:*:*:*:*:*:*
ciscoucs-e168d-m2-cpe:2.3:h:cisco:ucs-e168d-m2:-:*:*:*:*:*:*:*
ciscoucs-e180d-m3-cpe:2.3:h:cisco:ucs-e180d-m3:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	unified_computing_system	4.0(1c)hs3	cpe:2.3:a:cisco:unified_computing_system:4.0\(1c\)hs3:::::::*
cisco	integrated_management_controller_supervisor	*	cpe:2.3:a:cisco:integrated_management_controller_supervisor::::::::
cisco	encs_5100	-	cpe:2.3:h:cisco:encs_5100:-:::::::*
cisco	encs_5400	-	cpe:2.3:h:cisco:encs_5400:-:::::::*
cisco	ucs-e1120d-m3	-	cpe:2.3:h:cisco:ucs-e1120d-m3:-:::::::*
cisco	ucs-e140s-m2	-	cpe:2.3:h:cisco:ucs-e140s-m2:-:::::::*
cisco	ucs-e160d-m2	-	cpe:2.3:h:cisco:ucs-e160d-m2:-:::::::*
cisco	ucs-e160s-m3	-	cpe:2.3:h:cisco:ucs-e160s-m3:-:::::::*
cisco	ucs-e168d-m2	-	cpe:2.3:h:cisco:ucs-e168d-m2:-:::::::*
cisco	ucs-e180d-m3	-	cpe:2.3:h:cisco:ucs-e180d-m3:-:::::::*

Rows per page:

1-10 of 131

CNA Affected

[
  {
    "product": "Cisco Unified Computing System E-Series Software (UCSE)",
    "vendor": "Cisco",
    "versions": [
      {
        "lessThan": "3.0(4k)",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imc-cmdinject-1896

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

CVSS3

7.2

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

AI Score

7.2

Confidence

High

EPSS

0.004

Percentile

74.6%

JSON

Related for CVE-2019-1896