Sign-up

ID

VAR-201810-0586


CVE

CVE-2018-15442


TITLE

Windows for Cisco Webex Meetings Desktop In the application OS Command injection vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-013933

DESCRIPTION

A vulnerability in the update service of Cisco Webex Meetings Desktop App for Windows could allow an authenticated, local attacker to execute arbitrary commands as a privileged user. The vulnerability is due to insufficient validation of user-supplied parameters. An attacker could exploit this vulnerability by invoking the update service command with a crafted argument. An exploit could allow the attacker to run arbitrary commands with SYSTEM user privileges. While the CVSS Attack Vector metric denotes the requirement for an attacker to have local access, administrators should be aware that in Active Directory deployments, the vulnerability could be exploited remotely by leveraging the operating system remote management tools. This issue being tracked by Cisco Bug ID CSCvk70841. Webex Productivity Tools is a video conference scheduling and management tool. update service is one of the update services

Trust: 1.98

sources: NVD: CVE-2018-15442 // JVNDB: JVNDB-2018-013933 // BID: 105734 // VULHUB: VHN-125702

AFFECTED PRODUCTS

vendor:ciscomodel:webex productivity toolsscope:ltversion:33.0.6

Trust: 1.0

vendor:ciscomodel:webex meetings desktopscope:ltversion:33.6.4

Trust: 1.0

vendor:ciscomodel:webex productivity toolsscope:gteversion:32.6.0

Trust: 1.0

vendor:ciscomodel:webex meetings desktopscope: - version: -

Trust: 0.8

vendor:ciscomodel:webex productivity toolsscope: - version: -

Trust: 0.8

vendor:ciscomodel:webex productivity toolsscope:eqversion:32.6

Trust: 0.3

vendor:ciscomodel:webex productivity toolsscope:eqversion:2.40.5001.10012

Trust: 0.3

vendor:ciscomodel:webex productivity toolsscope:eqversion:2.32.600.15324

Trust: 0.3

vendor:ciscomodel:webex productivity toolsscope:eqversion:2.32

Trust: 0.3

vendor:ciscomodel:webex productivity toolsscope:eqversion:2.23

Trust: 0.3

vendor:ciscomodel:webex productivity toolsscope:eqversion:2.20.2200

Trust: 0.3

vendor:ciscomodel:webex meetings desktop appscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:webex productivity toolsscope:neversion:33.0.5

Trust: 0.3

vendor:ciscomodel:webex meetings desktop appscope:neversion:33.6

Trust: 0.3

sources: BID: 105734 // JVNDB: JVNDB-2018-013933 // NVD: CVE-2018-15442

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-15442
value: HIGH

Trust: 1.0

ykramarz@cisco.com: CVE-2018-15442
value: HIGH

Trust: 1.0

NVD: CVE-2018-15442
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201810-1218
value: HIGH

Trust: 0.6

VULHUB: VHN-125702
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2018-15442
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-125702
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-15442
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.0

Trust: 2.8

sources: VULHUB: VHN-125702 // JVNDB: JVNDB-2018-013933 // CNNVD: CNNVD-201810-1218 // NVD: CVE-2018-15442 // NVD: CVE-2018-15442

PROBLEMTYPE DATA

problemtype:CWE-78

Trust: 1.9

sources: VULHUB: VHN-125702 // JVNDB: JVNDB-2018-013933 // NVD: CVE-2018-15442

THREAT TYPE

local

Trust: 0.9

sources: BID: 105734 // CNNVD: CNNVD-201810-1218

TYPE

operating system commend injection

Trust: 0.6

sources: CNNVD: CNNVD-201810-1218

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-013933

EXPLOIT AVAILABILITY
sources:
            
            
            VULHUB: VHN-125702

PATCH
title:cisco-sa-20181024-webex-injectionurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181024-webex-injection
Trust: 0.8
title:Cisco Webex Meetings Desktop App  and Webex Productivity Tools Fixes for operating system command injection vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=86307
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2018-013933 // 
            
            
            
            CNNVD: CNNVD-201810-1218

EXTERNAL IDS
db:NVDid:CVE-2018-15442
Trust: 2.8
db:EXPLOIT-DBid:45695
Trust: 2.0
db:BIDid:105734
Trust: 2.0
db:EXPLOIT-DBid:45696
Trust: 1.7
db:SECTRACKid:1041942
Trust: 1.7
db:JVNDBid:JVNDB-2018-013933
Trust: 0.8
db:CNNVDid:CNNVD-201810-1218
Trust: 0.7
db:PACKETSTORMid:149945
Trust: 0.1
db:PACKETSTORMid:150495
Trust: 0.1
db:PACKETSTORMid:149946
Trust: 0.1
db:VULHUBid:VHN-125702
Trust: 0.1
sources:
            
            
            VULHUB: VHN-125702 // 
            
            
            
            BID: 105734 // 
            
            
            
            JVNDB: JVNDB-2018-013933 // 
            
            
            
            CNNVD: CNNVD-201810-1218 // 
            
            
            
            NVD: CVE-2018-15442

REFERENCES
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20181024-webex-injection
Trust: 2.0
url:https://www.exploit-db.com/exploits/45695/
Trust: 2.0
url:http://www.securityfocus.com/bid/105734
Trust: 1.7
url:https://www.exploit-db.com/exploits/45696/
Trust: 1.7
url:http://www.securitytracker.com/id/1041942
Trust: 1.7
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-15442
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-15442
Trust: 0.8
url:http://www.cisco.com/
Trust: 0.3
sources:
            
            
            VULHUB: VHN-125702 // 
            
            
            
            BID: 105734 // 
            
            
            
            JVNDB: JVNDB-2018-013933 // 
            
            
            
            CNNVD: CNNVD-201810-1218 // 
            
            
            
            NVD: CVE-2018-15442

CREDITS
Cisco would like to thank Ron Bowes and Jeff McJunkin of Counter Hack for reporting this vulnerability. Cisco would also like to thank the following researchers for independently reporting an additional attack that affected the previously fixed releases: Timothy Ferrell Steven Seeley (mr_me) of Source Incite working with iDefense Labs Marcos Accossatto of SecureAuth Ron Bowes of Counter Hack
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201810-1218

SOURCES
db:VULHUBid:VHN-125702
db:BIDid:105734
db:JVNDBid:JVNDB-2018-013933
db:CNNVDid:CNNVD-201810-1218
db:NVDid:CVE-2018-15442

LAST UPDATE DATE
2024-11-23T22:55:43.361000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-125702date:2019-10-09T00:00:00
db:BIDid:105734date:2018-10-24T00:00:00
db:JVNDBid:JVNDB-2018-013933date:2019-03-06T00:00:00
db:CNNVDid:CNNVD-201810-1218date:2019-10-17T00:00:00
db:NVDid:CVE-2018-15442date:2024-11-21T03:50:48.723

SOURCES RELEASE DATE
db:VULHUBid:VHN-125702date:2018-10-24T00:00:00
db:BIDid:105734date:2018-10-24T00:00:00
db:JVNDBid:JVNDB-2018-013933date:2019-03-06T00:00:00
db:CNNVDid:CNNVD-201810-1218date:2018-10-25T00:00:00
db:NVDid:CVE-2018-15442date:2018-10-24T19:29:00.290