Sign-up

ID

VAR-201904-0249


CVE

CVE-2019-1725


TITLE

Cisco UCS B series Blade Server Input validation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-003534

DESCRIPTION

A vulnerability in the local management CLI implementation for specific commands on the Cisco UCS B-Series Blade Servers could allow an authenticated, local attacker to overwrite an arbitrary file on disk. It is also possible the attacker could inject CLI command parameters that should not be allowed for a specific subset of local management CLI commands. The vulnerability is due to lack of proper input validation of user input for local management CLI commands. An attacker could exploit this vulnerability by authenticating to the device and issuing a crafted form of a limited subset of local management CLI commands. An exploit could allow the attacker to overwrite an arbitrary files on disk or inject CLI command parameters that should have been disabled. This vulnerability is fixed in software version 4.0(2a) and later. Cisco UCS B series Blade Server Contains an input validation vulnerability.Information may be tampered with. Cisco UCS B-Series Blade Servers are prone to an arbitrary file-creation vulnerability. This may aid in further attacks. This issue is being tracked by Cisco bug IDs CSCvm86205 and CSCvn00552. The vulnerability stems from the fact that the network system or product does not correctly filter special characters, commands, etc. in the process of constructing executable commands of the operating system from external input data. Attackers can exploit this vulnerability to execute illegal operating system commands

Trust: 1.98

sources: NVD: CVE-2019-1725 // JVNDB: JVNDB-2019-003534 // BID: 108082 // VULHUB: VHN-149477

AFFECTED PRODUCTS

vendor:ciscomodel:unified computing systemscope:ltversion:4.0\(2a\)

Trust: 1.0

vendor:ciscomodel:unified computing system softwarescope: - version: -

Trust: 0.8

vendor:ciscomodel:unified computing system 4.0 ascope: - version: -

Trust: 0.3

vendor:ciscomodel:ucs b-series blade serversscope:eqversion:0

Trust: 0.3

sources: BID: 108082 // JVNDB: JVNDB-2019-003534 // NVD: CVE-2019-1725

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-1725
value: MEDIUM

Trust: 1.0

ykramarz@cisco.com: CVE-2019-1725
value: MEDIUM

Trust: 1.0

NVD: CVE-2019-1725
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201904-845
value: MEDIUM

Trust: 0.6

VULHUB: VHN-149477
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2019-1725
severity: LOW
baseScore: 3.6
vectorString: AV:L/AC:L/AU:N/C:N/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-149477
severity: LOW
baseScore: 3.6
vectorString: AV:L/AC:L/AU:N/C:N/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

ykramarz@cisco.com: CVE-2019-1725
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 1.8
impactScore: 3.6
version: 3.0

Trust: 1.8

nvd@nist.gov: CVE-2019-1725
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 1.8
impactScore: 3.6
version: 3.1

Trust: 1.0

sources: VULHUB: VHN-149477 // JVNDB: JVNDB-2019-003534 // CNNVD: CNNVD-201904-845 // NVD: CVE-2019-1725 // NVD: CVE-2019-1725

PROBLEMTYPE DATA

problemtype:CWE-78

Trust: 1.1

problemtype:CWE-20

Trust: 0.9

sources: VULHUB: VHN-149477 // JVNDB: JVNDB-2019-003534 // NVD: CVE-2019-1725

THREAT TYPE

local

Trust: 0.9

sources: BID: 108082 // CNNVD: CNNVD-201904-845

TYPE

operating system commend injection

Trust: 0.6

sources: CNNVD: CNNVD-201904-845

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2019-003534

PATCH
title:cisco-sa-20190417-ucs-cli-injurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-ucs-cli-inj
Trust: 0.8
title:Cisco UCS B-Series Blade Servers Fixes for operating system command injection vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=91679
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2019-003534 // 
            
            
            
            CNNVD: CNNVD-201904-845

EXTERNAL IDS
db:NVDid:CVE-2019-1725
Trust: 2.8
db:BIDid:108082
Trust: 2.0
db:JVNDBid:JVNDB-2019-003534
Trust: 0.8
db:CNNVDid:CNNVD-201904-845
Trust: 0.7
db:AUSCERTid:ESB-2019.1341
Trust: 0.6
db:VULHUBid:VHN-149477
Trust: 0.1
sources:
            
            
            VULHUB: VHN-149477 // 
            
            
            
            BID: 108082 // 
            
            
            
            JVNDB: JVNDB-2019-003534 // 
            
            
            
            CNNVD: CNNVD-201904-845 // 
            
            
            
            NVD: CVE-2019-1725

REFERENCES
url:http://www.securityfocus.com/bid/108082
Trust: 2.3
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190417-ucs-cli-inj
Trust: 2.0
url:https://nvd.nist.gov/vuln/detail/cve-2019-1725
Trust: 1.4
url:http://www.cisco.com/
Trust: 0.9
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1725
Trust: 0.8
url:https://vigilance.fr/vulnerability/cisco-ucs-b-series-blade-servers-privilege-escalation-via-cli-29087
Trust: 0.6
url:https://www.auscert.org.au/bulletins/79338
Trust: 0.6
sources:
            
            
            VULHUB: VHN-149477 // 
            
            
            
            BID: 108082 // 
            
            
            
            JVNDB: JVNDB-2019-003534 // 
            
            
            
            CNNVD: CNNVD-201904-845 // 
            
            
            
            NVD: CVE-2019-1725

CREDITS
Cisco
Trust: 0.9
sources:
            
            
            BID: 108082 // 
            
            
            
            CNNVD: CNNVD-201904-845

SOURCES
db:VULHUBid:VHN-149477
db:BIDid:108082
db:JVNDBid:JVNDB-2019-003534
db:CNNVDid:CNNVD-201904-845
db:NVDid:CVE-2019-1725

LAST UPDATE DATE
2024-11-23T22:12:07.008000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-149477date:2020-10-08T00:00:00
db:BIDid:108082date:2019-04-17T00:00:00
db:JVNDBid:JVNDB-2019-003534date:2019-05-20T00:00:00
db:CNNVDid:CNNVD-201904-845date:2020-10-28T00:00:00
db:NVDid:CVE-2019-1725date:2024-11-21T04:37:11.130

SOURCES RELEASE DATE
db:VULHUBid:VHN-149477date:2019-04-18T00:00:00
db:BIDid:108082date:2019-04-17T00:00:00
db:JVNDBid:JVNDB-2019-003534date:2019-05-20T00:00:00
db:CNNVDid:CNNVD-201904-845date:2019-04-17T00:00:00
db:NVDid:CVE-2019-1725date:2019-04-18T01:29:02.173