CVE-2019-1883

Published Aug 21, 2019

Last updated 2 years ago

CVSS high 7.8

Overview

Description: A vulnerability in the command-line interface of Cisco Integrated Management Controller (IMC) could allow an authenticated, local attacker with read-only credentials to inject arbitrary commands that could allow them to obtain root privileges. The vulnerability is due to insufficient validation of user-supplied input on the command-line interface. An attacker could exploit this vulnerability by authenticating with read-only privileges via the CLI of an affected device and submitting crafted input to the affected commands. A successful exploit could allow an attacker to execute arbitrary commands on the device with root privileges.
Source: ykramarz@cisco.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 7.8
Impact score: 5.9
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH

CVSS 3.0

Type: Secondary
Base score: 7
Impact score: 5.9
Exploitability score: 1
Vector string: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 7.2
Impact score: 10
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-78
ykramarz@cisco.com: CWE-78

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cisco:unified_computing_system:4.0\\(1c\\)hs3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "39F8601E-730B-489B-AD2A-FD10FAF28595"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0056011A-04F0-4185-8EE7-B1B30CAAA863",
            "versionEndExcluding": "3.0\\(4k\\)",
            "versionStartIncluding": "3.0.0.0"
          },
          {
            "criteria": "cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "59EE9E78-D09E-4069-BC84-ED42E3EE76F1",
            "versionEndExcluding": "4.0\\(4b\\)",
            "versionStartIncluding": "4.0.0.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:encs_5100:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "678F3A32-372A-441E-8115-95181FBAF628"
          },
          {
            "criteria": "cpe:2.3:h:cisco:encs_5400:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "01AE8153-6C23-46AB-BEAA-A6F27FDFEED7"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ucs-e1120d-m3:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DF77273F-73C0-40EB-BB4E-75269D46F074"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ucs-e140s-m2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "757958F5-F58C-4128-B128-D989A56ACA34"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ucs-e160d-m2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F62D6B73-1AB7-4B93-A92E-275E78DF114C"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ucs-e160s-m3:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A0E6AAD9-824C-4126-8347-2FF1895E6D33"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ucs-e168d-m2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3BD31E5A-518C-482F-A926-383ADCC7015E"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ucs-e180d-m3:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "155D990F-C7DA-48DD-92CC-18542DBBE572"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ucs_c125_m5:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "ADD4A429-F168-460B-A964-8F1BD94C6387"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ucs_c4200:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BD25964B-08B7-477E-A507-5FE5EE7CD286"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ucs_s3260:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2FDC8A69-0914-44C1-8AEA-262E0A285C81"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F5549F4C-CF65-4F22-9675-EFAA99964CA0",
            "versionEndExcluding": "4.0\\(2f\\)",
            "versionStartIncluding": "4.0.0.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:encs_5100:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "678F3A32-372A-441E-8115-95181FBAF628"
          },
          {
            "criteria": "cpe:2.3:h:cisco:encs_5400:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "01AE8153-6C23-46AB-BEAA-A6F27FDFEED7"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ucs-e1120d-m3:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DF77273F-73C0-40EB-BB4E-75269D46F074"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ucs-e140s-m2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "757958F5-F58C-4128-B128-D989A56ACA34"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ucs-e160d-m2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F62D6B73-1AB7-4B93-A92E-275E78DF114C"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ucs-e160s-m3:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A0E6AAD9-824C-4126-8347-2FF1895E6D33"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ucs-e168d-m2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3BD31E5A-518C-482F-A926-383ADCC7015E"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ucs-e180d-m3:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "155D990F-C7DA-48DD-92CC-18542DBBE572"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ucs_c125_m5:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "ADD4A429-F168-460B-A964-8F1BD94C6387"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ucs_c4200:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BD25964B-08B7-477E-A507-5FE5EE7CD286"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ucs_s3260:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2FDC8A69-0914-44C1-8AEA-262E0A285C81"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References