Sign-up

ID

VAR-201901-0368


CVE

CVE-2019-1648


TITLE

Cisco SD-WAN Solution Vulnerabilities related to authorization, permissions, and access control

Trust: 0.8

sources: JVNDB: JVNDB-2019-001424

DESCRIPTION

A vulnerability in the user group configuration of the Cisco SD-WAN Solution could allow an authenticated, local attacker to gain elevated privileges on an affected device. The vulnerability is due to a failure to properly validate certain parameters included within the group configuration. An attacker could exploit this vulnerability by writing a crafted file to the directory where the user group configuration is located in the underlying operating system. A successful exploit could allow the attacker to gain root-level privileges and take full control of the device. Cisco SD-WAN Solution Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Cisco SD-WAN Solution is prone to local privilege-escalation vulnerability. This issue is being tracked by Cisco Bug ID CSCvi69985. Versions prior to Cisco SD-WAN Solution 18.4.0 are vulnerable. Cisco vBond Orchestrator Software and others are products of Cisco (Cisco). Cisco vBond Orchestrator Software is a suite of secure network extension management software. vEdge 100 Series Routers is a 100 series router product. SD-WAN Solution is a set of network expansion solutions running in it. The following products are affected: Cisco vBond Orchestrator Software; vEdge 100 Series Routers; vEdge 1000 Series Routers; vEdge 2000 Series Routers; vEdge 5000 Series Routers; vEdge Cloud Router Platform; vManage Network Management Software; vSmart Controller Software

Trust: 1.98

sources: NVD: CVE-2019-1648 // JVNDB: JVNDB-2019-001424 // BID: 106719 // VULHUB: VHN-148630

AFFECTED PRODUCTS

vendor:ciscomodel:vmanage network managementscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sd-wanscope:ltversion:18.4.0

Trust: 1.0

vendor:ciscomodel:vedge 5000scope:eqversion:*

Trust: 1.0

vendor:ciscomodel:vsmart controllerscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:vedge 100scope:eqversion:*

Trust: 1.0

vendor:ciscomodel:vedge 1000scope:eqversion:*

Trust: 1.0

vendor:ciscomodel:vbond orchestratorscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:vedge 2000scope:eqversion:*

Trust: 1.0

vendor:ciscomodel:sd-wanscope: - version: -

Trust: 0.8

vendor:ciscomodel:vbond orchestratorscope: - version: -

Trust: 0.8

vendor:ciscomodel:vedge 100scope: - version: -

Trust: 0.8

vendor:ciscomodel:vedge 1000scope: - version: -

Trust: 0.8

vendor:ciscomodel:vedge 2000scope: - version: -

Trust: 0.8

vendor:ciscomodel:vedge 5000scope: - version: -

Trust: 0.8

vendor:ciscomodel:vmanage network managementscope: - version: -

Trust: 0.8

vendor:ciscomodel:vsmart controllerscope: - version: -

Trust: 0.8

vendor:ciscomodel:vsmart controller softwarescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:vmanage network management softwarescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:vedge cloud router platformscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:vedge series routersscope:eqversion:50000

Trust: 0.3

vendor:ciscomodel:vedge series routersscope:eqversion:20000

Trust: 0.3

vendor:ciscomodel:vedge series routersscope:eqversion:10000

Trust: 0.3

vendor:ciscomodel:vedge series routersscope:eqversion:1000

Trust: 0.3

vendor:ciscomodel:vbond orchestrator softwarescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:sd-wanscope:eqversion:18.3.1

Trust: 0.3

vendor:ciscomodel:sd-wanscope:eqversion:18.3

Trust: 0.3

vendor:ciscomodel:sd-wanscope:eqversion:17.2.8

Trust: 0.3

vendor:ciscomodel:sd-wanscope:neversion:18.4

Trust: 0.3

sources: BID: 106719 // JVNDB: JVNDB-2019-001424 // NVD: CVE-2019-1648

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-1648
value: HIGH

Trust: 1.0

ykramarz@cisco.com: CVE-2019-1648
value: HIGH

Trust: 1.0

NVD: CVE-2019-1648
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201901-868
value: HIGH

Trust: 0.6

VULHUB: VHN-148630
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2019-1648
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-148630
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

ykramarz@cisco.com: CVE-2019-1648
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.0

Trust: 1.8

nvd@nist.gov: CVE-2019-1648
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

sources: VULHUB: VHN-148630 // JVNDB: JVNDB-2019-001424 // CNNVD: CNNVD-201901-868 // NVD: CVE-2019-1648 // NVD: CVE-2019-1648

PROBLEMTYPE DATA

problemtype:CWE-264

Trust: 1.9

problemtype:CWE-20

Trust: 1.1

sources: VULHUB: VHN-148630 // JVNDB: JVNDB-2019-001424 // NVD: CVE-2019-1648

THREAT TYPE

local

Trust: 0.9

sources: BID: 106719 // CNNVD: CNNVD-201901-868

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201901-868

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2019-001424

PATCH
title:cisco-sa-20190123-sdwan-sol-escalurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-sol-escal
Trust: 0.8
title:Cisco SD-WAN Solution Fixes for permission permissions and access control vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=88954
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2019-001424 // 
            
            
            
            CNNVD: CNNVD-201901-868

EXTERNAL IDS
db:NVDid:CVE-2019-1648
Trust: 2.8
db:BIDid:106719
Trust: 2.0
db:JVNDBid:JVNDB-2019-001424
Trust: 0.8
db:CNNVDid:CNNVD-201901-868
Trust: 0.7
db:VULHUBid:VHN-148630
Trust: 0.1
sources:
            
            
            VULHUB: VHN-148630 // 
            
            
            
            BID: 106719 // 
            
            
            
            JVNDB: JVNDB-2019-001424 // 
            
            
            
            CNNVD: CNNVD-201901-868 // 
            
            
            
            NVD: CVE-2019-1648

REFERENCES
url:http://www.securityfocus.com/bid/106719
Trust: 2.3
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190123-sdwan-sol-escal
Trust: 2.0
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1648
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2019-1648
Trust: 0.8
url:http://www.cisco.com/
Trust: 0.3
sources:
            
            
            VULHUB: VHN-148630 // 
            
            
            
            BID: 106719 // 
            
            
            
            JVNDB: JVNDB-2019-001424 // 
            
            
            
            CNNVD: CNNVD-201901-868 // 
            
            
            
            NVD: CVE-2019-1648

CREDITS
This vulnerability was found during internal security testing.,The vendor reported this issue.
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201901-868

SOURCES
db:VULHUBid:VHN-148630
db:BIDid:106719
db:JVNDBid:JVNDB-2019-001424
db:CNNVDid:CNNVD-201901-868
db:NVDid:CVE-2019-1648

LAST UPDATE DATE
2024-08-14T15:43:52.423000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-148630date:2020-10-05T00:00:00
db:BIDid:106719date:2019-01-23T00:00:00
db:JVNDBid:JVNDB-2019-001424date:2019-03-05T00:00:00
db:CNNVDid:CNNVD-201901-868date:2020-10-09T00:00:00
db:NVDid:CVE-2019-1648date:2020-10-05T19:17:40.730

SOURCES RELEASE DATE
db:VULHUBid:VHN-148630date:2019-01-24T00:00:00
db:BIDid:106719date:2019-01-23T00:00:00
db:JVNDBid:JVNDB-2019-001424date:2019-03-05T00:00:00
db:CNNVDid:CNNVD-201901-868date:2019-01-24T00:00:00
db:NVDid:CVE-2019-1648date:2019-01-24T15:29:00.767