CVE-2019-1755

Published Mar 28, 2019

Last updated 5 years ago

Overview

Description: A vulnerability in the Web Services Management Agent (WSMA) function of Cisco IOS XE Software could allow an authenticated, remote attacker to execute arbitrary Cisco IOS commands as a privilege level 15 user. The vulnerability occurs because the affected software improperly sanitizes user-supplied input. An attacker could exploit this vulnerability by submitting crafted HTTP requests to the targeted application. A successful exploit could allow the attacker to execute arbitrary commands on the affected device.
Source: ykramarz@cisco.com
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 3.0

Type: Primary
Base score: 7.2
Impact score: 5.9
Exploitability score: 1.2
Vector string: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 9
Impact score: 10
Exploitability score: 8
Vector string: AV:N/AC:L/Au:S/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-20
ykramarz@cisco.com: CWE-20

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.2.0ja:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "52BC2A87-31EC-4E15-86E3-ECBEFA9E479A"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.6.10e:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D92991EE-BB4A-499D-8F14-F7D0E32BE31E"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:16.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0ED5527C-A638-4E20-9928-099E32E17743"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:16.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1A685A9A-235D-4D74-9D6C-AC49E75709CA"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:16.1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "43052998-0A27-4E83-A884-A94701A3F4CE"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:16.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "89526731-B712-43D3-B451-D7FC503D2D65"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:16.2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "302933FE-4B6A-48A3-97F0-4B943251B717"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:16.3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "296636F1-9242-429B-8472-90352C056106"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:16.3.1a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "77993343-0394-413F-ABF9-C1215E9AD800"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:16.3.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "283971DD-DD58-4A76-AC2A-F316534ED416"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:16.3.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A8F324A5-4830-482E-A684-AB3B6594CEAE"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:16.3.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E8120196-8648-49D0-8262-CD4C9C90C37A"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:16.3.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "33E7CCE2-C685-4019-9B55-B3BECB3E5F76"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:16.3.5b:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0699DD6E-BA74-4814-93AB-300329C9D032"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:16.3.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C2E2D781-2684-45F1-AC52-636572A0DCA8"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:16.3.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "479FB47B-AF2E-4FCB-8DE0-400BF325666C"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:16.3.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DF2B4C78-5C31-4F3D-9639-305E15576E79"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:16.4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "77E8AF15-AB46-4EAB-8872-8C55E8601599"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:16.4.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "957318BE-55D4-4585-AA52-C813301D01C3"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:16.4.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8F11B703-8A0F-47ED-AA70-951FF78B94A4"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:16.5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FE7B2557-821D-4E05-B5C3-67192573D97D"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:16.5.1a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5EE6EC32-51E4-43A3-BFB9-A0D842D08E87"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:16.5.1b:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "187F699A-AF2F-42B0-B855-27413140C384"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:16.5.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7E0B905E-4D92-4FD6-B2FF-41FF1F59A948"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:16.5.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "62EDEC28-661E-42EF-88F0-F62D0220D2E5"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:16.6.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F821EBD7-91E2-4460-BFAF-18482CF6CB8C"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:16.6.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E36D2D24-8F63-46DE-AC5F-8DE33332EBC6"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:16.6.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C9B825E6-5929-4890-BDBA-4CF4BD2314C9"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:16.7.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "623BF701-ADC9-4F24-93C5-043A6A7FEF5F"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:16.7.1a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E5311FBE-12BF-41AC-B8C6-D86007834863"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:16.7.1b:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "52FB055E-72F9-4CB7-A51D-BF096BD1A55D"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "57D4F634-03D5-4D9F-901C-7E9CE45F2F38"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4463A1D1-E169-4F0B-91B2-FA126BB444CB"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1b:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D97F69C3-CAA6-491C-A0B6-6DC12B5AB472"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1c:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CDD58C58-1B0C-4A71-8C02-F555CEF9C253"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1d:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "96852D16-AF50-4C70-B125-D2349E6765D7"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1e:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A15B882A-BA60-4932-A55E-F4A798B30EEB"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1s:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5C9C585C-A6EC-4385-B915-046C110BF95F"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Configurations

References