Details of VAR-201806-1034

ID

VAR-201806-1034

CVE

CVE-2018-0274

TITLE

Cisco Network Services Orchestrator Command injection vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-006126

DESCRIPTION

A vulnerability in the CLI parser of Cisco Network Services Orchestrator (NSO) could allow an authenticated, remote attacker to execute arbitrary shell commands with the privileges of the root user. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting malicious arguments into vulnerable commands. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the affected system. This vulnerability affects the following releases of Cisco Network Services Orchestrator (NSO): 4.1 through 4.1.6.0, 4.2 through 4.2.4.0, 4.3 through 4.3.3.0, 4.4 through 4.4.2.0. Cisco Bug IDs: CSCvf99982. Vendors have confirmed this vulnerability Bug ID CSCvf99982 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Network Services Orchestrator 4.1 through 4.1.6.0, 4.2 through 4.2.4.0, 4.3 through 4.3.3.0, and 4.4 through 4.4.2.0. CLI parser is one of the command line command parsers

Trust: 1.98

sources: NVD: CVE-2018-0274 // JVNDB: JVNDB-2018-006126 // BID: 104449 // VULHUB: VHN-118476

AFFECTED PRODUCTS

vendor:	cisco	model:	network services orchestrator	scope:	gte	version:	4.4	Trust: 1.0
vendor:	cisco	model:	network services orchestrator	scope:	gte	version:	4.2	Trust: 1.0
vendor:	cisco	model:	network services orchestrator	scope:	gte	version:	4.1	Trust: 1.0
vendor:	cisco	model:	network services orchestrator	scope:	lte	version:	4.2.4.0	Trust: 1.0
vendor:	cisco	model:	network services orchestrator	scope:	lte	version:	4.1.6.0	Trust: 1.0
vendor:	cisco	model:	network services orchestrator	scope:	lte	version:	4.4.2.0	Trust: 1.0
vendor:	cisco	model:	network services orchestrator	scope:	gte	version:	4.3	Trust: 1.0
vendor:	cisco	model:	network services orchestrator	scope:	lte	version:	4.3.3.0	Trust: 1.0
vendor:	cisco	model:	network services orchestrator	scope:	eq	version:	4.1.6.0 for up to 4.1	Trust: 0.8
vendor:	cisco	model:	network services orchestrator	scope:	eq	version:	4.2.4.0 for up to 4.2	Trust: 0.8
vendor:	cisco	model:	network services orchestrator	scope:	eq	version:	4.3.3.0 for up to 4.3	Trust: 0.8
vendor:	cisco	model:	network services orchestrator	scope:	eq	version:	4.4.2.0 for up to 4.4	Trust: 0.8
vendor:	cisco	model:	network services orchestrator	scope:	eq	version:	4.4.2.0	Trust: 0.3
vendor:	cisco	model:	network services orchestrator	scope:	eq	version:	4.4	Trust: 0.3
vendor:	cisco	model:	network services orchestrator	scope:	eq	version:	4.3.3.0	Trust: 0.3
vendor:	cisco	model:	network services orchestrator	scope:	eq	version:	4.3	Trust: 0.3
vendor:	cisco	model:	network services orchestrator	scope:	eq	version:	4.2.4.0	Trust: 0.3
vendor:	cisco	model:	network services orchestrator	scope:	eq	version:	4.2	Trust: 0.3
vendor:	cisco	model:	network services orchestrator	scope:	eq	version:	4.1.6.0	Trust: 0.3
vendor:	cisco	model:	network services orchestrator	scope:	eq	version:	4.1	Trust: 0.3
vendor:	cisco	model:	network services orchestrator	scope:	ne	version:	4.4.2.1	Trust: 0.3
vendor:	cisco	model:	network services orchestrator	scope:	ne	version:	4.3.3.1	Trust: 0.3
vendor:	cisco	model:	network services orchestrator	scope:	ne	version:	4.2.4.1	Trust: 0.3
vendor:	cisco	model:	network services orchestrator	scope:	ne	version:	4.1.6.1	Trust: 0.3

sources: BID: 104449 // JVNDB: JVNDB-2018-006126 // NVD: CVE-2018-0274

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-0274
value:	HIGH
Trust: 1.0
NVD:	CVE-2018-0274
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201806-402
value:	HIGH
Trust: 0.6
VULHUB:	VHN-118476
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2018-0274
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-118476
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-0274
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2018-0274
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-118476 // JVNDB: JVNDB-2018-006126 // CNNVD: CNNVD-201806-402 // NVD: CVE-2018-0274

PROBLEMTYPE DATA

problemtype:	CWE-20	Trust: 1.1
problemtype:	CWE-78	Trust: 1.1
problemtype:	CWE-77	Trust: 0.9

sources: VULHUB: VHN-118476 // JVNDB: JVNDB-2018-006126 // NVD: CVE-2018-0274

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201806-402

TYPE

operating system commend injection

Trust: 0.6

sources: CNNVD: CNNVD-201806-402

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-006126

PATCH

title:	cisco-sa-20180606-nso	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-nso	Trust: 0.8
title:	Cisco Network Services Orchestrator CLI Parser input validation vulnerability fixes	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=80749	Trust: 0.6

sources: JVNDB: JVNDB-2018-006126 // CNNVD: CNNVD-201806-402

EXTERNAL IDS

db:	NVD	id:	CVE-2018-0274	Trust: 2.8
db:	BID	id:	104449	Trust: 2.0
db:	JVNDB	id:	JVNDB-2018-006126	Trust: 0.8
db:	CNNVD	id:	CNNVD-201806-402	Trust: 0.7
db:	VULHUB	id:	VHN-118476	Trust: 0.1

sources: VULHUB: VHN-118476 // BID: 104449 // JVNDB: JVNDB-2018-006126 // CNNVD: CNNVD-201806-402 // NVD: CVE-2018-0274

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180606-nso	Trust: 2.0
url:	http://www.securityfocus.com/bid/104449	Trust: 1.7
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0274	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-0274	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3

sources: VULHUB: VHN-118476 // BID: 104449 // JVNDB: JVNDB-2018-006126 // CNNVD: CNNVD-201806-402 // NVD: CVE-2018-0274

CREDITS

The vendor reported this issue.

Trust: 0.3

sources: BID: 104449

SOURCES

db:	VULHUB	id:	VHN-118476
db:	BID	id:	104449
db:	JVNDB	id:	JVNDB-2018-006126
db:	CNNVD	id:	CNNVD-201806-402
db:	NVD	id:	CVE-2018-0274

LAST UPDATE DATE

2024-11-23T23:08:39.171000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-118476	date:	2020-09-04T00:00:00
db:	BID	id:	104449	date:	2018-06-06T00:00:00
db:	JVNDB	id:	JVNDB-2018-006126	date:	2018-08-07T00:00:00
db:	CNNVD	id:	CNNVD-201806-402	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2018-0274	date:	2024-11-21T03:37:52.380

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-118476	date:	2018-06-07T00:00:00
db:	BID	id:	104449	date:	2018-06-06T00:00:00
db:	JVNDB	id:	JVNDB-2018-006126	date:	2018-08-07T00:00:00
db:	CNNVD	id:	CNNVD-201806-402	date:	2018-06-08T00:00:00
db:	NVD	id:	CVE-2018-0274	date:	2018-06-07T12:29:00.340