Details of VAR-201903-0576

ID

VAR-201903-0576

CVE

CVE-2019-1764

TITLE

plural Cisco IP Phone 8800 Cross-site request forgery vulnerability in series products

Trust: 0.8

sources: JVNDB: JVNDB-2019-003059

DESCRIPTION

A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack. The vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading an authenticated user of the interface to follow a crafted link. A successful exploit could allow the attacker to perform arbitrary actions on a targeted device via a web browser and with the privileges of the user. This vulnerability affects Cisco IP Phone 8800 Series products running a SIP Software release prior to 11.0(5) for Wireless IP Phone 8821 and 8821-EX; and 12.5(1)SR1 for the IP Conference Phone 8832 and the rest of the IP Phone 8800 Series. Cisco IP Conference Phone 8831 is not affected. Other attacks are also possible. This issue is being tracked by Cisco Bug IDs CSCvn56221 and CSCvo57629

Trust: 1.89

sources: NVD: CVE-2019-1764 // JVNDB: JVNDB-2019-003059 // BID: 107502

AFFECTED PRODUCTS

vendor:	cisco	model:	ip phone 8821	scope:	lt	version:	11.0\(5\)	Trust: 1.0
vendor:	cisco	model:	ip conference phone 8832	scope:	lt	version:	12.5\(1\)sr1	Trust: 1.0
vendor:	cisco	model:	ip phone 8821-ex	scope:	lt	version:	11.0\(5\)	Trust: 1.0
vendor:	cisco	model:	ip phone 8800	scope:	lt	version:	12.5\(1\)sr1	Trust: 1.0
vendor:	cisco	model:	ip conference phone 8832	scope:	lt	version:	12.5(1)sr1	Trust: 0.8
vendor:	cisco	model:	ip phone 8800 series	scope:	lt	version:	12.5(1)sr1	Trust: 0.8
vendor:	cisco	model:	ip phone 8821	scope:	lt	version:	11.0(5)	Trust: 0.8
vendor:	cisco	model:	ip phone 8821-ex	scope:	lt	version:	11.0(5)	Trust: 0.8
vendor:	cisco	model:	wireless ip phone 8821-ex 11.0 sr3	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	wireless ip phone 8821-ex 11.0 sr2	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	wireless ip phone 8821-ex 11.0 sr1	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ip phone series	scope:	eq	version:	880012.5(1)	Trust: 0.3
vendor:	cisco	model:	ip phone series	scope:	eq	version:	880012.1(1)	Trust: 0.3
vendor:	cisco	model:	ip phone series 11.0 sr2	scope:	eq	version:	8800	Trust: 0.3
vendor:	cisco	model:	ip conference phone	scope:	eq	version:	883212.1	Trust: 0.3
vendor:	cisco	model:	wireless ip phone 8821-ex	scope:	ne	version:	11.0(5)	Trust: 0.3
vendor:	cisco	model:	ip phone series 12.6 mn155	scope:	ne	version:	8800	Trust: 0.3
vendor:	cisco	model:	ip phone series 12.5 sr2	scope:	ne	version:	8800	Trust: 0.3
vendor:	cisco	model:	ip phone series 12.5 sr1.3	scope:	ne	version:	8800	Trust: 0.3
vendor:	cisco	model:	ip phone series 12.5 es3	scope:	ne	version:	8800	Trust: 0.3
vendor:	cisco	model:	ip phone series	scope:	ne	version:	880011.0(5.12)	Trust: 0.3
vendor:	cisco	model:	ip phone series	scope:	ne	version:	880011.0(5)	Trust: 0.3
vendor:	cisco	model:	ip phone series 11.0 mn64	scope:	ne	version:	8800	Trust: 0.3
vendor:	cisco	model:	ip conference phone 12.5 sr1	scope:	ne	version:	8832	Trust: 0.3

sources: BID: 107502 // JVNDB: JVNDB-2019-003059 // NVD: CVE-2019-1764

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-1764
value:	HIGH
Trust: 1.0
ykramarz@cisco.com:	CVE-2019-1764
value:	HIGH
Trust: 1.0
NVD:	CVE-2019-1764
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201903-688
value:	HIGH
Trust: 0.6

nvd@nist.gov:	CVE-2019-1764
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8

nvd@nist.gov:	CVE-2019-1764
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.0
Trust: 1.8
ykramarz@cisco.com:	CVE-2019-1764
baseSeverity:	HIGH
baseScore:	8.1
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.2
version:	3.0
Trust: 1.0

sources: JVNDB: JVNDB-2019-003059 // CNNVD: CNNVD-201903-688 // NVD: CVE-2019-1764 // NVD: CVE-2019-1764

PROBLEMTYPE DATA

problemtype:

CWE-352

Trust: 1.8

sources: JVNDB: JVNDB-2019-003059 // NVD: CVE-2019-1764

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201903-688

TYPE

cross-site request forgery

Trust: 0.6

sources: CNNVD: CNNVD-201903-688

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-003059

PATCH

title:	cisco-sa-20190320-ip-phone-csrf	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190320-ip-phone-csrf	Trust: 0.8
title:	Cisco IP Phone 8800 Series Session Initiation Protocol Repair measures for software cross-site request forgery vulnerability	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=90241	Trust: 0.6

sources: JVNDB: JVNDB-2019-003059 // CNNVD: CNNVD-201903-688

EXTERNAL IDS

db:	NVD	id:	CVE-2019-1764	Trust: 2.7
db:	BID	id:	107502	Trust: 0.9
db:	JVNDB	id:	JVNDB-2019-003059	Trust: 0.8
db:	AUSCERT	id:	ESB-2019.0915	Trust: 0.6
db:	NSFOCUS	id:	43019	Trust: 0.6
db:	CNNVD	id:	CNNVD-201903-688	Trust: 0.6

sources: BID: 107502 // JVNDB: JVNDB-2019-003059 // CNNVD: CNNVD-201903-688 // NVD: CVE-2019-1764

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190320-ip-phone-csrf	Trust: 2.5
url:	https://nvd.nist.gov/vuln/detail/cve-2019-1764	Trust: 1.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1764	Trust: 0.8
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190320-ip-phone-rce	Trust: 0.6
url:	http://www.securityfocus.com/bid/107502	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/77494	Trust: 0.6
url:	http://www.nsfocus.net/vulndb/43019	Trust: 0.6
url:	http://www.cisco.com	Trust: 0.3

sources: BID: 107502 // JVNDB: JVNDB-2019-003059 // CNNVD: CNNVD-201903-688 // NVD: CVE-2019-1764

CREDITS

David Gullasch ?? ??,David Gullasch of modzero AG .,David Gullasch of modzero AG

Trust: 0.6

sources: CNNVD: CNNVD-201903-688

SOURCES

db:	BID	id:	107502
db:	JVNDB	id:	JVNDB-2019-003059
db:	CNNVD	id:	CNNVD-201903-688
db:	NVD	id:	CVE-2019-1764

LAST UPDATE DATE

2024-11-23T22:41:32.403000+00:00

SOURCES UPDATE DATE

db:	BID	id:	107502	date:	2019-03-20T00:00:00
db:	JVNDB	id:	JVNDB-2019-003059	date:	2019-05-08T00:00:00
db:	CNNVD	id:	CNNVD-201903-688	date:	2019-10-10T00:00:00
db:	NVD	id:	CVE-2019-1764	date:	2024-11-21T04:37:19.503

SOURCES RELEASE DATE

db:	BID	id:	107502	date:	2019-03-20T00:00:00
db:	JVNDB	id:	JVNDB-2019-003059	date:	2019-05-08T00:00:00
db:	CNNVD	id:	CNNVD-201903-688	date:	2019-03-20T00:00:00
db:	NVD	id:	CVE-2019-1764	date:	2019-03-22T20:29:00.447