Details of VAR-201811-0177

ID

VAR-201811-0177

CVE

CVE-2018-15439

TITLE

Cisco Small Business Switches Vulnerability in the use of hard-coded credentials in software

Trust: 0.8

sources: JVNDB: JVNDB-2018-011646

DESCRIPTION

A vulnerability in the Cisco Small Business Switches software could allow an unauthenticated, remote attacker to bypass the user authentication mechanism of an affected device. The vulnerability exists because under specific circumstances, the affected software enables a privileged user account without notifying administrators of the system. An attacker could exploit this vulnerability by using this account to log in to an affected device and execute commands with full admin rights. Cisco has not released software updates that address this vulnerability. This advisory will be updated with fixed software information once fixed software becomes available. There is a workaround to address this vulnerability. CiscoSmallBusiness200SeriesSmartSwitches are small smart switch devices from Cisco. SmallBusinessSwitchesSoftware is a set of switch software that runs on it. This issue is being tracked by Cisco bugs CSCvk20713 and CSCvm11846

Trust: 2.61

sources: NVD: CVE-2018-15439 // JVNDB: JVNDB-2018-011646 // CNVD: CNVD-2019-00343 // BID: 105873 // VULHUB: VHN-125698 // VULMON: CVE-2018-15439

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2019-00343

AFFECTED PRODUCTS

vendor:	cisco	model:	sg250-50hp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg550x-48mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf500-48	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg350xg-2f10	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf500-24	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg350x-24p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg300-52p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf550x-24p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf550x-48mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg500x-24p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg350x-24mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf200-48p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg500-52p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg550x-48	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg300-10sfp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf350-48mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg350-10	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg300-52mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg250x-48p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg550x-24mpp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg500x-48p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf300-48	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg200-18	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg200-10fp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg500-28mpp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg300-52	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg200-26	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg550x-24mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg350xg-24t	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg200-08p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg300-20	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg300-10	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg250-18	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg500xg-8f8t	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf250-48hp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg300-28mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg355-10p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg550x-24	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sx550x-52	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf300-24mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf350-48p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg250-10p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf550x-48	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg200-26p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg350-10p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg350x-48p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf500-24p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf500-48p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg250-26	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf302-08mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf200-24p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sx550x-24	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf250-24p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf302-08mpp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sx550x-24ft	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg200-50p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg300-10mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg550x-48p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg350-28mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg350x-24	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg300-10pp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf250-48	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg250x-24p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg350xg-48t	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg250-08hp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg500x-24	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf300-24	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf300-24pp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg500-28	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg500-28p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf550x-24	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf300-48pp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf200-24	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf300-24p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg300-28pp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg300-28	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg200-50	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg250-08	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg350x-48	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sx550x-12f	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg500x-48	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg250x-24	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf302-08pp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg350-10mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg250-50	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sx550x-16ft	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf200-48	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf550x-24mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg550x-24p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg350x-48mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg200-08	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg500-52	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg350xg-24f	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf300-48p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf250-24	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg200-50fp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf300-08	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg200-26fp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg300-10mpp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg300-10p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf302-08p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg500-52mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg250-26hp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sx550x-24f	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg250x-48	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf350-48	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg350-28p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf550x-48p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf302-08	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg300-28p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg250-50p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg350-28	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf200-24fp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg250-26p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	series managed switches	scope:	eq	version:	3500	Trust: 0.9
vendor:	cisco	model:	small business switches	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	series stackable managed switches	scope:	eq	version:	550x	Trust: 0.6
vendor:	cisco	model:	small business series managed switches	scope:	eq	version:	300	Trust: 0.6
vendor:	cisco	model:	series stackable managed switches	scope:	eq	version:	350x	Trust: 0.6
vendor:	cisco	model:	series smart switches	scope:	eq	version:	250	Trust: 0.6
vendor:	cisco	model:	small business series stackable managed switches	scope:	eq	version:	500	Trust: 0.6
vendor:	cisco	model:	small business series smart switches	scope:	eq	version:	200	Trust: 0.6
vendor:	cisco	model:	small business switches	scope:	eq	version:	-	Trust: 0.6
vendor:	cisco	model:	small business series stackable managed switch	scope:	eq	version:	5000	Trust: 0.3
vendor:	cisco	model:	small business series managed switches	scope:	eq	version:	3000	Trust: 0.3
vendor:	cisco	model:	small business series smart switches	scope:	eq	version:	2000	Trust: 0.3
vendor:	cisco	model:	series stackable managed switches	scope:	eq	version:	550x0	Trust: 0.3
vendor:	cisco	model:	series stackable managed switches	scope:	eq	version:	350x0	Trust: 0.3
vendor:	cisco	model:	series smart switches	scope:	eq	version:	2500	Trust: 0.3

sources: CNVD: CNVD-2019-00343 // BID: 105873 // JVNDB: JVNDB-2018-011646 // CNNVD: CNNVD-201811-180 // NVD: CVE-2018-15439

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-15439
value:	CRITICAL
Trust: 1.0
ykramarz@cisco.com:	CVE-2018-15439
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2018-15439
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2019-00343
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201811-180
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-125698
value:	HIGH
Trust: 0.1
VULMON:	CVE-2018-15439
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2018-15439
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
CNVD:	CNVD-2019-00343
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-125698
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-15439
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.1
Trust: 1.0
ykramarz@cisco.com:	CVE-2018-15439
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.0
Trust: 1.0
NVD:	CVE-2018-15439
baseSeverity:	HIGH
baseScore:	8.1
vectorString:	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2019-00343 // VULHUB: VHN-125698 // VULMON: CVE-2018-15439 // JVNDB: JVNDB-2018-011646 // CNNVD: CNNVD-201811-180 // NVD: CVE-2018-15439 // NVD: CVE-2018-15439

PROBLEMTYPE DATA

problemtype:

CWE-798

Trust: 1.9

sources: VULHUB: VHN-125698 // JVNDB: JVNDB-2018-011646 // NVD: CVE-2018-15439

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201811-180

TYPE

trust management problem

Trust: 0.6

sources: CNNVD: CNNVD-201811-180

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-011646

PATCH

title:	cisco-sa-20181107-sbsw-privacc	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-sbsw-privacc	Trust: 0.8
title:	CiscoSmallBusinessSwitches authentication bypass vulnerability patch	url:	https://www.cnvd.org.cn/patchInfo/show/149219	Trust: 0.6
title:	Cisco Small Business Switches Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=86652	Trust: 0.6
title:	Cisco: Cisco Small Business Switches Privileged Access Vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20181107-sbsw-privacc	Trust: 0.1
title:	Threatpost	url:	https://threatpost.com/critical-unpatched-cisco-flaw/141010/	Trust: 0.1
title:	Threatpost	url:	https://threatpost.com/cisco-accidentally-released-dirty-cow-exploit-code-in-software/138888/	Trust: 0.1

sources: CNVD: CNVD-2019-00343 // VULMON: CVE-2018-15439 // JVNDB: JVNDB-2018-011646 // CNNVD: CNNVD-201811-180

EXTERNAL IDS

db:	NVD	id:	CVE-2018-15439	Trust: 3.5
db:	BID	id:	105873	Trust: 2.7
db:	JVNDB	id:	JVNDB-2018-011646	Trust: 0.8
db:	CNNVD	id:	CNNVD-201811-180	Trust: 0.7
db:	CNVD	id:	CNVD-2019-00343	Trust: 0.6
db:	VULHUB	id:	VHN-125698	Trust: 0.1
db:	VULMON	id:	CVE-2018-15439	Trust: 0.1

sources: CNVD: CNVD-2019-00343 // VULHUB: VHN-125698 // VULMON: CVE-2018-15439 // BID: 105873 // JVNDB: JVNDB-2018-011646 // CNNVD: CNNVD-201811-180 // NVD: CVE-2018-15439

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20181107-sbsw-privacc	Trust: 3.4
url:	http://www.securityfocus.com/bid/105873	Trust: 1.9
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-15439	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-15439	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/798.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://threatpost.com/critical-unpatched-cisco-flaw/141010/	Trust: 0.1

sources: CNVD: CNVD-2019-00343 // VULHUB: VHN-125698 // VULMON: CVE-2018-15439 // BID: 105873 // JVNDB: JVNDB-2018-011646 // CNNVD: CNNVD-201811-180 // NVD: CVE-2018-15439

CREDITS

The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.

Trust: 0.6

sources: CNNVD: CNNVD-201811-180

SOURCES

db:	CNVD	id:	CNVD-2019-00343
db:	VULHUB	id:	VHN-125698
db:	VULMON	id:	CVE-2018-15439
db:	BID	id:	105873
db:	JVNDB	id:	JVNDB-2018-011646
db:	CNNVD	id:	CNNVD-201811-180
db:	NVD	id:	CVE-2018-15439

LAST UPDATE DATE

2024-11-23T22:48:32.513000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2019-00343	date:	2019-01-04T00:00:00
db:	VULHUB	id:	VHN-125698	date:	2020-08-28T00:00:00
db:	VULMON	id:	CVE-2018-15439	date:	2020-08-28T00:00:00
db:	BID	id:	105873	date:	2018-11-07T00:00:00
db:	JVNDB	id:	JVNDB-2018-011646	date:	2019-01-18T00:00:00
db:	CNNVD	id:	CNNVD-201811-180	date:	2020-10-22T00:00:00
db:	NVD	id:	CVE-2018-15439	date:	2024-11-21T03:50:48.200

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2019-00343	date:	2019-01-04T00:00:00
db:	VULHUB	id:	VHN-125698	date:	2018-11-08T00:00:00
db:	VULMON	id:	CVE-2018-15439	date:	2018-11-08T00:00:00
db:	BID	id:	105873	date:	2018-11-07T00:00:00
db:	JVNDB	id:	JVNDB-2018-011646	date:	2019-01-18T00:00:00
db:	CNNVD	id:	CNNVD-201811-180	date:	2018-11-08T00:00:00
db:	NVD	id:	CVE-2018-15439	date:	2018-11-08T17:29:00.607