ID

VAR-201901-0366


CVE

CVE-2019-1646


TITLE

Cisco SD-WAN Solution Vulnerabilities related to authorization, permissions, and access control

Trust: 0.8

sources: JVNDB: JVNDB-2019-001429

DESCRIPTION

A vulnerability in the local CLI of the Cisco SD-WAN Solution could allow an authenticated, local attacker to escalate privileges and modify device configuration files. The vulnerability exists because user input is not properly sanitized for certain commands at the CLI. An attacker could exploit this vulnerability by sending crafted commands to the CLI of an affected device. A successful exploit could allow the attacker to establish an interactive session with elevated privileges. The attacker could then use the elevated privileges to further compromise the device or obtain additional configuration data from the device. Cisco SD-WAN Solution Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Cisco SD-WAN is prone to multiple privilege-escalation vulnerabilities. Cisco vBond Orchestrator Software and others are products of Cisco (Cisco). Cisco vBond Orchestrator Software is a suite of secure network extension management software. vEdge 100 Series Routers is a 100 series router product. SD-WAN Solution is a set of network expansion solutions running in it. The following products are affected: Cisco vBond Orchestrator Software; vEdge 100 Series Routers; vEdge 1000 Series Routers; vEdge 2000 Series Routers; vEdge 5000 Series Routers; vEdge Cloud Router Platform; vManage Network Management Software; vSmart Controller Software

Trust: 1.98

sources: NVD: CVE-2019-1646 // JVNDB: JVNDB-2019-001429 // BID: 106723 // VULHUB: VHN-148608

AFFECTED PRODUCTS

vendor:ciscomodel:vmanage network managementscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sd-wanscope:ltversion:18.4.0

Trust: 1.0

vendor:ciscomodel:vedge 5000scope:eqversion:*

Trust: 1.0

vendor:ciscomodel:vsmart controllerscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:vedge 100scope:eqversion:*

Trust: 1.0

vendor:ciscomodel:vedge 1000scope:eqversion:*

Trust: 1.0

vendor:ciscomodel:vbond orchestratorscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:vedge 2000scope:eqversion:*

Trust: 1.0

vendor:ciscomodel:sd-wanscope: - version: -

Trust: 0.8

vendor:ciscomodel:vbond orchestratorscope: - version: -

Trust: 0.8

vendor:ciscomodel:vedge 100scope: - version: -

Trust: 0.8

vendor:ciscomodel:vedge 1000scope: - version: -

Trust: 0.8

vendor:ciscomodel:vedge 2000scope: - version: -

Trust: 0.8

vendor:ciscomodel:vedge 5000scope: - version: -

Trust: 0.8

vendor:ciscomodel:vmanage network managementscope: - version: -

Trust: 0.8

vendor:ciscomodel:vsmart controllerscope: - version: -

Trust: 0.8

vendor:ciscomodel:vsmart controllerscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:vmanage network managementscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:vedge cloud routerscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:vedgescope:eqversion:50000

Trust: 0.3

vendor:ciscomodel:vedgescope:eqversion:20000

Trust: 0.3

vendor:ciscomodel:vedgescope:eqversion:10000

Trust: 0.3

vendor:ciscomodel:vedgescope:eqversion:1000

Trust: 0.3

vendor:ciscomodel:vbond orchestratorscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:sd-wanscope:eqversion:18.3.1

Trust: 0.3

vendor:ciscomodel:sd-wanscope:eqversion:18.3

Trust: 0.3

vendor:ciscomodel:sd-wanscope:eqversion:17.2.8

Trust: 0.3

vendor:ciscomodel:sd-wanscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:sd-wanscope:neversion:18.4

Trust: 0.3

sources: BID: 106723 // JVNDB: JVNDB-2019-001429 // NVD: CVE-2019-1646

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-1646
value: HIGH

Trust: 1.0

ykramarz@cisco.com: CVE-2019-1646
value: HIGH

Trust: 1.0

NVD: CVE-2019-1646
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201901-870
value: HIGH

Trust: 0.6

VULHUB: VHN-148608
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2019-1646
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-148608
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

ykramarz@cisco.com: CVE-2019-1646
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.0

Trust: 1.8

nvd@nist.gov: CVE-2019-1646
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

sources: VULHUB: VHN-148608 // JVNDB: JVNDB-2019-001429 // CNNVD: CNNVD-201901-870 // NVD: CVE-2019-1646 // NVD: CVE-2019-1646

PROBLEMTYPE DATA

problemtype:CWE-264

Trust: 1.9

problemtype:CWE-77

Trust: 1.1

sources: VULHUB: VHN-148608 // JVNDB: JVNDB-2019-001429 // NVD: CVE-2019-1646

THREAT TYPE

local

Trust: 0.9

sources: BID: 106723 // CNNVD: CNNVD-201901-870

TYPE

command injection

Trust: 0.6

sources: CNNVD: CNNVD-201901-870

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-001429

PATCH

title:cisco-sa-20190123-sdwan-escalurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-escal

Trust: 0.8

title:Cisco SD-WAN Solution Fixes for permission permissions and access control vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=88956

Trust: 0.6

sources: JVNDB: JVNDB-2019-001429 // CNNVD: CNNVD-201901-870

EXTERNAL IDS

db:NVDid:CVE-2019-1646

Trust: 2.8

db:BIDid:106723

Trust: 2.0

db:JVNDBid:JVNDB-2019-001429

Trust: 0.8

db:CNNVDid:CNNVD-201901-870

Trust: 0.7

db:NSFOCUSid:43900

Trust: 0.6

db:VULHUBid:VHN-148608

Trust: 0.1

sources: VULHUB: VHN-148608 // BID: 106723 // JVNDB: JVNDB-2019-001429 // CNNVD: CNNVD-201901-870 // NVD: CVE-2019-1646

REFERENCES

url:http://www.securityfocus.com/bid/106723

Trust: 2.3

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190123-sdwan-escal

Trust: 2.0

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1646

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2019-1646

Trust: 0.8

url:http://www.nsfocus.net/vulndb/43900

Trust: 0.6

url:http://www.cisco.com/

Trust: 0.3

sources: VULHUB: VHN-148608 // BID: 106723 // JVNDB: JVNDB-2019-001429 // CNNVD: CNNVD-201901-870 // NVD: CVE-2019-1646

CREDITS

These vulnerabilities were found during internal security testing.,Cisco

Trust: 0.6

sources: CNNVD: CNNVD-201901-870

SOURCES

db:VULHUBid:VHN-148608
db:BIDid:106723
db:JVNDBid:JVNDB-2019-001429
db:CNNVDid:CNNVD-201901-870
db:NVDid:CVE-2019-1646

LAST UPDATE DATE

2024-08-14T13:27:07.519000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-148608date:2020-10-05T00:00:00
db:BIDid:106723date:2019-01-23T00:00:00
db:JVNDBid:JVNDB-2019-001429date:2019-03-05T00:00:00
db:CNNVDid:CNNVD-201901-870date:2020-10-09T00:00:00
db:NVDid:CVE-2019-1646date:2020-10-05T19:10:56.130

SOURCES RELEASE DATE

db:VULHUBid:VHN-148608date:2019-01-24T00:00:00
db:BIDid:106723date:2019-01-23T00:00:00
db:JVNDBid:JVNDB-2019-001429date:2019-03-05T00:00:00
db:CNNVDid:CNNVD-201901-870date:2019-01-24T00:00:00
db:NVDid:CVE-2019-1646date:2019-01-24T15:29:00.643