CVE-2019-1865

Published Aug 21, 2019

Last updated 2 years ago

CVSS high 8.8

Overview

Description: A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges on an affected device. The vulnerability is due to insufficient validation of user-supplied input by the affected software. An attacker could exploit this vulnerability by invoking an interface monitoring mechanism with a crafted argument on the affected software. A successful exploit could allow the attacker to inject and execute arbitrary, system-level commands with root privileges on an affected device.
Source: ykramarz@cisco.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 8.8
Impact score: 5.9
Exploitability score: 2.8
Vector string: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH

CVSS 3.0

Type: Secondary
Base score: 8.8
Impact score: 5.9
Exploitability score: 2.8
Vector string: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 9
Impact score: 10
Exploitability score: 8
Vector string: AV:N/AC:L/Au:S/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-78
ykramarz@cisco.com: CWE-78

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cisco:unified_computing_system:4.0\\(1c\\)hs3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "39F8601E-730B-489B-AD2A-FD10FAF28595"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AD570463-F539-47E7-B455-9376BD3EE99D",
            "versionEndExcluding": "1.5\\(9g\\)",
            "versionStartIncluding": "1.5.0.0"
          },
          {
            "criteria": "cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "416F7C96-3EF0-4B6D-B414-3FC0D0848144",
            "versionEndExcluding": "2.0\\(13o\\)",
            "versionStartIncluding": "2.0.0.0"
          },
          {
            "criteria": "cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0056011A-04F0-4185-8EE7-B1B30CAAA863",
            "versionEndExcluding": "3.0\\(4k\\)",
            "versionStartIncluding": "3.0.0.0"
          },
          {
            "criteria": "cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "59EE9E78-D09E-4069-BC84-ED42E3EE76F1",
            "versionEndExcluding": "4.0\\(4b\\)",
            "versionStartIncluding": "4.0.0.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:encs_5100:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "678F3A32-372A-441E-8115-95181FBAF628"
          },
          {
            "criteria": "cpe:2.3:h:cisco:encs_5400:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "01AE8153-6C23-46AB-BEAA-A6F27FDFEED7"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ucs-e1120d-m3:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DF77273F-73C0-40EB-BB4E-75269D46F074"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ucs-e140s-m2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "757958F5-F58C-4128-B128-D989A56ACA34"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ucs-e160d-m2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F62D6B73-1AB7-4B93-A92E-275E78DF114C"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ucs-e160s-m3:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A0E6AAD9-824C-4126-8347-2FF1895E6D33"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ucs-e168d-m2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3BD31E5A-518C-482F-A926-383ADCC7015E"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ucs-e180d-m3:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "155D990F-C7DA-48DD-92CC-18542DBBE572"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ucs_c125_m5:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "ADD4A429-F168-460B-A964-8F1BD94C6387"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ucs_c4200:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BD25964B-08B7-477E-A507-5FE5EE7CD286"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ucs_s3260:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2FDC8A69-0914-44C1-8AEA-262E0A285C81"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1D094D51-8F25-430F-99C4-1A734CAA63E4",
            "versionEndExcluding": "4.0\\(1d\\)",
            "versionStartIncluding": "4.0.0.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:encs_5100:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "678F3A32-372A-441E-8115-95181FBAF628"
          },
          {
            "criteria": "cpe:2.3:h:cisco:encs_5400:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "01AE8153-6C23-46AB-BEAA-A6F27FDFEED7"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ucs-e1120d-m3:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DF77273F-73C0-40EB-BB4E-75269D46F074"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ucs-e140s-m2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "757958F5-F58C-4128-B128-D989A56ACA34"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ucs-e160d-m2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F62D6B73-1AB7-4B93-A92E-275E78DF114C"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ucs-e160s-m3:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A0E6AAD9-824C-4126-8347-2FF1895E6D33"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ucs-e168d-m2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3BD31E5A-518C-482F-A926-383ADCC7015E"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ucs-e180d-m3:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "155D990F-C7DA-48DD-92CC-18542DBBE572"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ucs_c125_m5:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "ADD4A429-F168-460B-A964-8F1BD94C6387"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ucs_c4200:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BD25964B-08B7-477E-A507-5FE5EE7CD286"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ucs_s3260:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2FDC8A69-0914-44C1-8AEA-262E0A285C81"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B9AB71C7-E751-4390-84B0-D88794FE2E5A",
            "versionEndExcluding": "4.0\\(2c\\)",
            "versionStartIncluding": "4.0.0.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:encs_5100:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "678F3A32-372A-441E-8115-95181FBAF628"
          },
          {
            "criteria": "cpe:2.3:h:cisco:encs_5400:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "01AE8153-6C23-46AB-BEAA-A6F27FDFEED7"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ucs-e1120d-m3:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DF77273F-73C0-40EB-BB4E-75269D46F074"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ucs-e140s-m2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "757958F5-F58C-4128-B128-D989A56ACA34"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ucs-e160d-m2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F62D6B73-1AB7-4B93-A92E-275E78DF114C"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ucs-e160s-m3:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A0E6AAD9-824C-4126-8347-2FF1895E6D33"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ucs-e168d-m2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3BD31E5A-518C-482F-A926-383ADCC7015E"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ucs-e180d-m3:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "155D990F-C7DA-48DD-92CC-18542DBBE572"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ucs_c125_m5:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "ADD4A429-F168-460B-A964-8F1BD94C6387"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ucs_c4200:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BD25964B-08B7-477E-A507-5FE5EE7CD286"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ucs_s3260:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2FDC8A69-0914-44C1-8AEA-262E0A285C81"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References