CVE-2019-1880

Published Jun 5, 2019

Last updated 5 years ago

CVSS medium 4.4

Overview

Description: A vulnerability in the BIOS upgrade utility of Cisco Unified Computing System (UCS) C-Series Rack Servers could allow an authenticated, local attacker to install compromised BIOS firmware on an affected device. The vulnerability is due to insufficient validation of the firmware image file. An attacker could exploit this vulnerability by executing the BIOS upgrade utility with a specific set of options. A successful exploit could allow the attacker to bypass the firmware signature-verification process and install compromised BIOS firmware on an affected device.
Source: ykramarz@cisco.com
NVD status: Modified

Risk scores

CVSS 3.0

Type: Primary
Base score: 4.4
Impact score: 3.6
Exploitability score: 0.8
Vector string: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
Severity: MEDIUM

CVSS 2.0

Type: Primary
Base score: 2.1
Impact score: 2.9
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-345
ykramarz@cisco.com: CWE-345

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:unified_computing_system_server_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C98B6DE4-8759-498A-93CC-B54376EAC099",
            "versionEndExcluding": "4.0\\(2g\\)"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:unified_computing_system_c125_m5:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0E940DBA-1F06-479A-B697-0070174EB2F5"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:unified_computing_system_server_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "83F54B3E-D792-4971-9EDC-31DA712FAFB9",
            "versionEndExcluding": "3.0\\(4l\\)"
          },
          {
            "criteria": "cpe:2.3:o:cisco:unified_computing_system_server_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3CD23D8E-C2E3-4C51-9E8C-58DDC810AEF6",
            "versionEndExcluding": "4.0\\(2g\\)",
            "versionStartIncluding": "4.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:unified_computing_system_c220_m4:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C5502506-02DD-43C8-AED7-847C71AFBBBD"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:unified_computing_system_server_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "845FBF06-3662-420A-A096-18EE3DEE18C3",
            "versionEndExcluding": "4.0\\(4c\\)"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:unified_computing_system_c220_m5:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4221A779-1C3C-4EA5-980A-4F9BA206824C"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:unified_computing_system_server_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "83F54B3E-D792-4971-9EDC-31DA712FAFB9",
            "versionEndExcluding": "3.0\\(4l\\)"
          },
          {
            "criteria": "cpe:2.3:o:cisco:unified_computing_system_server_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3CD23D8E-C2E3-4C51-9E8C-58DDC810AEF6",
            "versionEndExcluding": "4.0\\(2g\\)",
            "versionStartIncluding": "4.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:unified_computing_system_c240_m4:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "596E83E7-E11F-4BF7-AF79-C1A5805C0580"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:unified_computing_system_server_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "845FBF06-3662-420A-A096-18EE3DEE18C3",
            "versionEndExcluding": "4.0\\(4c\\)"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:unified_computing_system_c240_m5:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A69A9518-AC5F-440D-A3F1-328035D3157C"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:unified_computing_system_server_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "83F54B3E-D792-4971-9EDC-31DA712FAFB9",
            "versionEndExcluding": "3.0\\(4l\\)"
          },
          {
            "criteria": "cpe:2.3:o:cisco:unified_computing_system_server_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3CD23D8E-C2E3-4C51-9E8C-58DDC810AEF6",
            "versionEndExcluding": "4.0\\(2g\\)",
            "versionStartIncluding": "4.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:unified_computing_system_c460_m4:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "326CD3F6-3DC3-4840-811F-6ED353DC5F33"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:unified_computing_system_server_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "845FBF06-3662-420A-A096-18EE3DEE18C3",
            "versionEndExcluding": "4.0\\(4c\\)"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:unified_computing_system_c480_m5:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "51E29763-0766-4AEA-A434-37D48B6FAE08"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References