Details of VAR-201803-1385

ID

VAR-201803-1385

CVE

CVE-2018-0169

TITLE

Cisco IOS XE Vulnerability related to authorization, authority, and access control in software

Trust: 0.8

sources: JVNDB: JVNDB-2018-003505

DESCRIPTION

Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device. The vulnerabilities are due to the affected software improperly sanitizing command arguments to prevent access to internal data structures on a device. An attacker who has user EXEC mode (privilege level 1) access to an affected device could exploit these vulnerabilities on the device by executing CLI commands that contain crafted arguments. A successful exploit could allow the attacker to gain access to the underlying Linux shell of the affected device and execute arbitrary commands with root privileges on the device. Cisco Bug IDs: CSCtw85441, CSCus42252, CSCuv95370. Cisco IOS XE The software contains vulnerabilities related to authorization, permissions, and access control. Vendors have confirmed this vulnerability Bug ID CSCtw85441 , CSCus42252 ,and CSCuv95370 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Cisco IOSXESoftware is a set of operating systems developed by Cisco for its network devices. CLIparser is one of the command line command parsers. There is an elevation of privilege vulnerability in the CLI parser in Cisco IOSXESoftware. The vulnerability stems from a program failing to properly filter command parameters. This may aid in further attacks

Trust: 2.52

sources: NVD: CVE-2018-0169 // JVNDB: JVNDB-2018-003505 // CNVD: CNVD-2018-08182 // BID: 103567 // VULHUB: VHN-118371

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2018-08182

AFFECTED PRODUCTS

vendor:	cisco	model:	ios	scope:	eq	version:	15.0\(5.59\)emd	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	-	version:	-	Trust: 1.4
vendor:	cisco	model:	ios xe software	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ios	scope:	eq	version:	16.2(0)	Trust: 0.3
vendor:	cisco	model:	ios	scope:	eq	version:	16.1(0)	Trust: 0.3
vendor:	cisco	model:	ios 15.0 emd	scope:	-	version:	-	Trust: 0.3

sources: CNVD: CNVD-2018-08182 // BID: 103567 // JVNDB: JVNDB-2018-003505 // CNNVD: CNNVD-201803-1024 // NVD: CVE-2018-0169

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-0169
value:	HIGH
Trust: 1.0
NVD:	CVE-2018-0169
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2018-08182
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201803-1024
value:	HIGH
Trust: 0.6
VULHUB:	VHN-118371
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2018-0169
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2018-08182
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-118371
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-0169
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2018-08182 // VULHUB: VHN-118371 // JVNDB: JVNDB-2018-003505 // CNNVD: CNNVD-201803-1024 // NVD: CVE-2018-0169

PROBLEMTYPE DATA

problemtype:	CWE-264	Trust: 1.9
problemtype:	CWE-78	Trust: 1.1

sources: VULHUB: VHN-118371 // JVNDB: JVNDB-2018-003505 // NVD: CVE-2018-0169

THREAT TYPE

local

Trust: 0.9

sources: BID: 103567 // CNNVD: CNNVD-201803-1024

TYPE

operating system commend injection

Trust: 0.6

sources: CNNVD: CNNVD-201803-1024

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-003505

PATCH

title:	cisco-sa-20180328-privesc1	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-privesc1	Trust: 0.8
title:	Patch for Cisco IOSXESoftwareCLI Parser Licensing Vulnerability (CNVD-2018-08182)	url:	https://www.cnvd.org.cn/patchInfo/show/126863	Trust: 0.6
title:	Cisco IOS XE Software CLI Fixes for resolver permissions and access control vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=79492	Trust: 0.6

sources: CNVD: CNVD-2018-08182 // JVNDB: JVNDB-2018-003505 // CNNVD: CNNVD-201803-1024

EXTERNAL IDS

db:	NVD	id:	CVE-2018-0169	Trust: 3.4
db:	BID	id:	103567	Trust: 2.0
db:	SECTRACK	id:	1040583	Trust: 1.7
db:	JVNDB	id:	JVNDB-2018-003505	Trust: 0.8
db:	CNNVD	id:	CNNVD-201803-1024	Trust: 0.7
db:	CNVD	id:	CNVD-2018-08182	Trust: 0.6
db:	VULHUB	id:	VHN-118371	Trust: 0.1

sources: CNVD: CNVD-2018-08182 // VULHUB: VHN-118371 // BID: 103567 // JVNDB: JVNDB-2018-003505 // CNNVD: CNNVD-201803-1024 // NVD: CVE-2018-0169

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180328-privesc1	Trust: 2.6
url:	http://www.securityfocus.com/bid/103567	Trust: 1.7
url:	http://www.securitytracker.com/id/1040583	Trust: 1.7
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0169	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-0169	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3

sources: CNVD: CNVD-2018-08182 // VULHUB: VHN-118371 // BID: 103567 // JVNDB: JVNDB-2018-003505 // CNNVD: CNNVD-201803-1024 // NVD: CVE-2018-0169

CREDITS

Cisco.

Trust: 0.3

sources: BID: 103567

SOURCES

db:	CNVD	id:	CNVD-2018-08182
db:	VULHUB	id:	VHN-118371
db:	BID	id:	103567
db:	JVNDB	id:	JVNDB-2018-003505
db:	CNNVD	id:	CNNVD-201803-1024
db:	NVD	id:	CVE-2018-0169

LAST UPDATE DATE

2024-11-23T22:38:15.508000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2018-08182	date:	2018-04-24T00:00:00
db:	VULHUB	id:	VHN-118371	date:	2019-10-09T00:00:00
db:	BID	id:	103567	date:	2018-03-28T00:00:00
db:	JVNDB	id:	JVNDB-2018-003505	date:	2018-05-25T00:00:00
db:	CNNVD	id:	CNNVD-201803-1024	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2018-0169	date:	2024-11-21T03:37:39.020

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2018-08182	date:	2018-04-24T00:00:00
db:	VULHUB	id:	VHN-118371	date:	2018-03-28T00:00:00
db:	BID	id:	103567	date:	2018-03-28T00:00:00
db:	JVNDB	id:	JVNDB-2018-003505	date:	2018-05-25T00:00:00
db:	CNNVD	id:	CNNVD-201803-1024	date:	2018-03-29T00:00:00
db:	NVD	id:	CVE-2018-0169	date:	2018-03-28T22:29:00.967