Sign-up

ID

VAR-201810-0350


CVE

CVE-2018-0481


TITLE

Cisco IOS XE Software command injection vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-011574

DESCRIPTION

A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability exist because the affected software improperly sanitizes command arguments, failing to prevent access to certain internal data structures on an affected device. An attacker who has privileged EXEC mode (privilege level 15) access to an affected device could exploit these vulnerabilities on the device by executing CLI commands that contain custom arguments. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the affected device. Cisco IOS XE The software contains a command injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Cisco IOSXESoftware is a set of operating systems developed by Cisco for its network devices. CLIparser is one of the command line command parsers. A CLI injection resolver exists in the CLI parser in Cisco IOSXESoftware that caused the affected application to fail to properly filter command parameters. Cisco IOS XE Software is prone to a local command-injection vulnerability because it fails to properly sanitize user-supplied input. This may aid in further attacks. This issue is being tracked by Cisco Bug ID CSCvh54202

Trust: 2.61

sources: NVD: CVE-2018-0481 // JVNDB: JVNDB-2018-011574 // CNVD: CNVD-2018-20299 // BID: 106312 // VULHUB: VHN-118683 // VULMON: CVE-2018-0481

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2018-20299

AFFECTED PRODUCTS

vendor:ciscomodel:ios xescope:eqversion:16.7\(1\)

Trust: 1.6

vendor:ciscomodel:ios xescope:eqversion:15.3\(3\)s3.16

Trust: 1.6

vendor:ciscomodel:ios xescope:eqversion:16.7.1

Trust: 1.6

vendor:ciscomodel:ios xescope: - version: -

Trust: 0.8

vendor:ciscomodel:ios xe softwarescope: - version: -

Trust: 0.6

vendor:ciscomodel:ios xe softwarescope:eqversion:0

Trust: 0.3

sources: CNVD: CNVD-2018-20299 // BID: 106312 // JVNDB: JVNDB-2018-011574 // CNNVD: CNNVD-201809-1258 // NVD: CVE-2018-0481

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-0481
value: MEDIUM

Trust: 1.0

NVD: CVE-2018-0481
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2018-20299
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201809-1258
value: MEDIUM

Trust: 0.6

VULHUB: VHN-118683
value: HIGH

Trust: 0.1

VULMON: CVE-2018-0481
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2018-0481
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2018-20299
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-118683
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-0481
baseSeverity: MEDIUM
baseScore: 6.7
vectorString: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 0.8
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2018-0481
baseSeverity: MEDIUM
baseScore: 6.7
vectorString: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2018-20299 // VULHUB: VHN-118683 // VULMON: CVE-2018-0481 // JVNDB: JVNDB-2018-011574 // CNNVD: CNNVD-201809-1258 // NVD: CVE-2018-0481

PROBLEMTYPE DATA

problemtype:CWE-77

Trust: 1.9

problemtype:CWE-78

Trust: 1.1

sources: VULHUB: VHN-118683 // JVNDB: JVNDB-2018-011574 // NVD: CVE-2018-0481

THREAT TYPE

local

Trust: 0.9

sources: BID: 106312 // CNNVD: CNNVD-201809-1258

TYPE

command injection

Trust: 0.6

sources: CNNVD: CNNVD-201809-1258

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-011574

PATCH
title:cisco-sa-20180926-iosxe-cmdinjurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-iosxe-cmdinj
Trust: 0.8
title:Patch for Cisco IOSXESoftwareCLI Parser Command Injection Vulnerability (CNVD-2018-20299)url:https://www.cnvd.org.cn/patchInfo/show/141485
Trust: 0.6
title:Cisco IOS XE Software CLI Fixup for parser command injection vulnerabilityurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=85267
Trust: 0.6
title:Cisco: Cisco IOS XE Software Command Injection Vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20180926-iosxe-cmdinj
Trust: 0.1
title:VSCANurl:https://github.com/lucabrasi83/vscan 
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2018-20299 // 
            
            
            
            VULMON: CVE-2018-0481 // 
            
            
            
            JVNDB: JVNDB-2018-011574 // 
            
            
            
            CNNVD: CNNVD-201809-1258

EXTERNAL IDS
db:NVDid:CVE-2018-0481
Trust: 3.5
db:SECTRACKid:1041737
Trust: 1.8
db:JVNDBid:JVNDB-2018-011574
Trust: 0.8
db:CNNVDid:CNNVD-201809-1258
Trust: 0.7
db:CNVDid:CNVD-2018-20299
Trust: 0.6
db:BIDid:106312
Trust: 0.3
db:VULHUBid:VHN-118683
Trust: 0.1
db:VULMONid:CVE-2018-0481
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2018-20299 // 
            
            
            
            VULHUB: VHN-118683 // 
            
            
            
            VULMON: CVE-2018-0481 // 
            
            
            
            BID: 106312 // 
            
            
            
            JVNDB: JVNDB-2018-011574 // 
            
            
            
            CNNVD: CNNVD-201809-1258 // 
            
            
            
            NVD: CVE-2018-0481

REFERENCES
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180926-iosxe-cmdinj
Trust: 2.8
url:http://www.securitytracker.com/id/1041737
Trust: 1.8
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0481
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-0481
Trust: 0.8
url:http://www.cisco.com/
Trust: 0.3
url:https://cwe.mitre.org/data/definitions/78.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://github.com/lucabrasi83/vscan
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2018-20299 // 
            
            
            
            VULHUB: VHN-118683 // 
            
            
            
            VULMON: CVE-2018-0481 // 
            
            
            
            BID: 106312 // 
            
            
            
            JVNDB: JVNDB-2018-011574 // 
            
            
            
            CNNVD: CNNVD-201809-1258 // 
            
            
            
            NVD: CVE-2018-0481

CREDITS
Cisco.
Trust: 0.3
sources:
            
            
            BID: 106312

SOURCES
db:CNVDid:CNVD-2018-20299
db:VULHUBid:VHN-118683
db:VULMONid:CVE-2018-0481
db:BIDid:106312
db:JVNDBid:JVNDB-2018-011574
db:CNNVDid:CNNVD-201809-1258
db:NVDid:CVE-2018-0481

LAST UPDATE DATE
2024-08-14T13:45:32.578000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2018-20299date:2018-09-30T00:00:00
db:VULHUBid:VHN-118683date:2020-08-28T00:00:00
db:VULMONid:CVE-2018-0481date:2020-08-28T00:00:00
db:BIDid:106312date:2018-09-26T00:00:00
db:JVNDBid:JVNDB-2018-011574date:2019-01-17T00:00:00
db:CNNVDid:CNNVD-201809-1258date:2019-10-17T00:00:00
db:NVDid:CVE-2018-0481date:2020-08-28T18:48:45.910

SOURCES RELEASE DATE
db:CNVDid:CNVD-2018-20299date:2018-09-30T00:00:00
db:VULHUBid:VHN-118683date:2018-10-05T00:00:00
db:VULMONid:CVE-2018-0481date:2018-10-05T00:00:00
db:BIDid:106312date:2018-09-26T00:00:00
db:JVNDBid:JVNDB-2018-011574date:2019-01-17T00:00:00
db:CNNVDid:CNNVD-201809-1258date:2018-09-28T00:00:00
db:NVDid:CVE-2018-0481date:2018-10-05T14:29:05.670