Details of VAR-201804-1022

ID

VAR-201804-1022

CVE

CVE-2018-0194

TITLE

Cisco IOS XE In software OS Command injection vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-003372

DESCRIPTION

Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute commands with root privileges on the device. The vulnerabilities exist because the affected software does not sufficiently sanitize command arguments before passing commands to the Linux shell for execution. An attacker could exploit these vulnerabilities by submitting a malicious CLI command to the affected software. A successful exploit could allow the attacker to break from the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell on an affected device and execute arbitrary commands with root privileges on the device. Cisco Bug IDs: CSCuz03145, CSCuz56419, CSCva31971, CSCvb09542. Cisco IOS XE The software includes OS A command injection vulnerability exists. Vendors have confirmed this vulnerability Bug ID CSCuz03145 , CSCuz56419 , CSCva31971 ,and CSCvb09542 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This may aid in further attacks. CLI parser is one of the command line command parsers

Trust: 2.07

sources: NVD: CVE-2018-0194 // JVNDB: JVNDB-2018-003372 // BID: 103547 // VULHUB: VHN-118396 // VULMON: CVE-2018-0194

AFFECTED PRODUCTS

vendor:	cisco	model:	ios xe	scope:	lt	version:	16.3.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	ios xe	scope:	eq	version:	2.1.2	Trust: 0.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	2.1.1	Trust: 0.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	2.3.0t	Trust: 0.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	2.2.3	Trust: 0.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	2.2.1	Trust: 0.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	2.1.0	Trust: 0.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	2.3.0	Trust: 0.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	-	Trust: 0.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	2.2.2	Trust: 0.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.2.1s	Trust: 0.6
vendor:	cisco	model:	ios xe software	scope:	eq	version:	16.2	Trust: 0.3
vendor:	cisco	model:	ios xe software	scope:	eq	version:	16.1	Trust: 0.3
vendor:	cisco	model:	ios	scope:	eq	version:	16.2	Trust: 0.3
vendor:	cisco	model:	ios	scope:	eq	version:	16.1.2	Trust: 0.3
vendor:	cisco	model:	ios	scope:	eq	version:	16.3(0)	Trust: 0.3
vendor:	cisco	model:	ios xe software	scope:	ne	version:	16.3.1	Trust: 0.3
vendor:	cisco	model:	ios	scope:	ne	version:	16.3.1	Trust: 0.3

sources: BID: 103547 // JVNDB: JVNDB-2018-003372 // CNNVD: CNNVD-201804-083 // NVD: CVE-2018-0194

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-0194
value:	HIGH
Trust: 1.0
NVD:	CVE-2018-0194
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201804-083
value:	HIGH
Trust: 0.6
VULHUB:	VHN-118396
value:	HIGH
Trust: 0.1
VULMON:	CVE-2018-0194
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2018-0194
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-118396
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-0194
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: VULHUB: VHN-118396 // VULMON: CVE-2018-0194 // JVNDB: JVNDB-2018-003372 // CNNVD: CNNVD-201804-083 // NVD: CVE-2018-0194

PROBLEMTYPE DATA

problemtype:

CWE-78

Trust: 1.9

sources: VULHUB: VHN-118396 // JVNDB: JVNDB-2018-003372 // NVD: CVE-2018-0194

THREAT TYPE

local

Trust: 0.9

sources: BID: 103547 // CNNVD: CNNVD-201804-083

TYPE

operating system commend injection

Trust: 0.6

sources: CNNVD: CNNVD-201804-083

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-003372

PATCH

title:	cisco-sa-20180328-cmdinj	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-cmdinj	Trust: 0.8
title:	Cisco IOS XE Software CLI Resolver for resolver operating system command injection vulnerability	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=82945	Trust: 0.6
title:	Cisco: Cisco IOS XE Software CLI Command Injection Vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20180328-cmdinj	Trust: 0.1

sources: VULMON: CVE-2018-0194 // JVNDB: JVNDB-2018-003372 // CNNVD: CNNVD-201804-083

EXTERNAL IDS

db:	NVD	id:	CVE-2018-0194	Trust: 2.9
db:	BID	id:	103547	Trust: 2.1
db:	JVNDB	id:	JVNDB-2018-003372	Trust: 0.8
db:	CNNVD	id:	CNNVD-201804-083	Trust: 0.6
db:	VULHUB	id:	VHN-118396	Trust: 0.1
db:	VULMON	id:	CVE-2018-0194	Trust: 0.1

sources: VULHUB: VHN-118396 // VULMON: CVE-2018-0194 // BID: 103547 // JVNDB: JVNDB-2018-003372 // CNNVD: CNNVD-201804-083 // NVD: CVE-2018-0194

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180328-cmdinj	Trust: 2.2
url:	http://www.securityfocus.com/bid/103547	Trust: 1.9
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0194	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-0194	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/78.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULHUB: VHN-118396 // VULMON: CVE-2018-0194 // BID: 103547 // JVNDB: JVNDB-2018-003372 // CNNVD: CNNVD-201804-083 // NVD: CVE-2018-0194

CREDITS

Cisco.

Trust: 0.3

sources: BID: 103547

SOURCES

db:	VULHUB	id:	VHN-118396
db:	VULMON	id:	CVE-2018-0194
db:	BID	id:	103547
db:	JVNDB	id:	JVNDB-2018-003372
db:	CNNVD	id:	CNNVD-201804-083
db:	NVD	id:	CVE-2018-0194

LAST UPDATE DATE

2024-11-23T21:53:15.617000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-118396	date:	2019-10-09T00:00:00
db:	VULMON	id:	CVE-2018-0194	date:	2019-10-09T00:00:00
db:	BID	id:	103547	date:	2018-03-28T00:00:00
db:	JVNDB	id:	JVNDB-2018-003372	date:	2018-05-23T00:00:00
db:	CNNVD	id:	CNNVD-201804-083	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2018-0194	date:	2024-11-21T03:37:42.147

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-118396	date:	2018-04-02T00:00:00
db:	VULMON	id:	CVE-2018-0194	date:	2018-04-02T00:00:00
db:	BID	id:	103547	date:	2018-03-28T00:00:00
db:	JVNDB	id:	JVNDB-2018-003372	date:	2018-05-23T00:00:00
db:	CNNVD	id:	CNNVD-201804-083	date:	2018-04-03T00:00:00
db:	NVD	id:	CVE-2018-0194	date:	2018-04-02T14:29:00.207