Details of VAR-201905-0513

ID

VAR-201905-0513

CVE

CVE-2019-1816

TITLE

Cisco Web Security Appliance Input validation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-003883

DESCRIPTION

A vulnerability in the log subscription subsystem of the Cisco Web Security Appliance (WSA) could allow an authenticated, local attacker to perform command injection and elevate privileges to root. The vulnerability is due to insufficient validation of user-supplied input on the web and command-line interface. An attacker could exploit this vulnerability by authenticating to the affected device and injecting scripting commands in the scope of the log subscription subsystem. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system and elevate privileges to root. Cisco Web Security Appliance (WSA) Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Cisco Web Security Appliance is prone to local command-injection vulnerability. This issue is being tracked by Cisco Bug ID CSCvk68106. The appliance provides SaaS-based access control, real-time network reporting and tracking, and security policy formulation. The log subscription subsystem is one of the log subscription subsystems. An input validation error vulnerability exists in the log subscription subsystem in Cisco WSA. The vulnerability stems from the failure of the network system or product to properly validate the input data

Trust: 1.98

sources: NVD: CVE-2019-1816 // JVNDB: JVNDB-2019-003883 // BID: 108131 // VULHUB: VHN-150478

AFFECTED PRODUCTS

vendor:	cisco	model:	web security appliance	scope:	eq	version:	11.0.0-641	Trust: 1.3
vendor:	cisco	model:	web security appliance	scope:	eq	version:	10.5.2-072	Trust: 1.3
vendor:	cisco	model:	web security appliance	scope:	eq	version:	11.5.0-fcs-614	Trust: 1.0
vendor:	cisco	model:	web security appliance	scope:	eq	version:	wsa10.5.0-fcs-000	Trust: 1.0
vendor:	cisco	model:	web security the appliance software	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	web security appliance 11.5.0-fcs-614	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	asyncos	scope:	eq	version:	11.7	Trust: 0.3
vendor:	cisco	model:	asyncos	scope:	eq	version:	11.5	Trust: 0.3
vendor:	cisco	model:	asyncos	scope:	eq	version:	10.5	Trust: 0.3
vendor:	cisco	model:	asyncos	scope:	eq	version:	10.1	Trust: 0.3
vendor:	cisco	model:	asyncos	scope:	ne	version:	11.7.0-406	Trust: 0.3
vendor:	cisco	model:	asyncos	scope:	ne	version:	11.5.2-020	Trust: 0.3
vendor:	cisco	model:	asyncos	scope:	ne	version:	10.5.4-018	Trust: 0.3
vendor:	cisco	model:	asyncos	scope:	ne	version:	10.1.4-017	Trust: 0.3

sources: BID: 108131 // JVNDB: JVNDB-2019-003883 // NVD: CVE-2019-1816

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-1816
value:	HIGH
Trust: 1.0
ykramarz@cisco.com:	CVE-2019-1816
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2019-1816
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201905-021
value:	HIGH
Trust: 0.6
VULHUB:	VHN-150478
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2019-1816
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-150478
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2019-1816
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 1.0
ykramarz@cisco.com:	CVE-2019-1816
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	LOW
exploitabilityScore:	1.8
impactScore:	3.4
version:	3.0
Trust: 1.0
NVD:	CVE-2019-1816
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-150478 // JVNDB: JVNDB-2019-003883 // CNNVD: CNNVD-201905-021 // NVD: CVE-2019-1816 // NVD: CVE-2019-1816

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.9

sources: VULHUB: VHN-150478 // JVNDB: JVNDB-2019-003883 // NVD: CVE-2019-1816

THREAT TYPE

local

Trust: 0.9

sources: BID: 108131 // CNNVD: CNNVD-201905-021

TYPE

Input Validation Error

Trust: 0.9

sources: BID: 108131 // CNNVD: CNNVD-201905-021

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-003883

PATCH

title:	cisco-sa-20190501-wsa-privesc	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-wsa-privesc	Trust: 0.8
title:	Cisco Web Security Appliance Enter the fix for the verification error vulnerability	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92172	Trust: 0.6

sources: JVNDB: JVNDB-2019-003883 // CNNVD: CNNVD-201905-021

EXTERNAL IDS

db:	NVD	id:	CVE-2019-1816	Trust: 2.8
db:	BID	id:	108131	Trust: 1.0
db:	JVNDB	id:	JVNDB-2019-003883	Trust: 0.8
db:	CNNVD	id:	CNNVD-201905-021	Trust: 0.7
db:	AUSCERT	id:	ESB-2019.1520	Trust: 0.6
db:	VULHUB	id:	VHN-150478	Trust: 0.1

sources: VULHUB: VHN-150478 // BID: 108131 // JVNDB: JVNDB-2019-003883 // CNNVD: CNNVD-201905-021 // NVD: CVE-2019-1816

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190501-wsa-privesc	Trust: 2.0
url:	https://nvd.nist.gov/vuln/detail/cve-2019-1816	Trust: 1.4
url:	http://www.cisco.com/	Trust: 0.9
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1816	Trust: 0.8
url:	https://vigilance.fr/vulnerability/cisco-web-security-appliance-code-execution-via-log-subscription-subsystem-29190	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/80118	Trust: 0.6
url:	https://www.securityfocus.com/bid/108131	Trust: 0.6

sources: VULHUB: VHN-150478 // BID: 108131 // JVNDB: JVNDB-2019-003883 // CNNVD: CNNVD-201905-021 // NVD: CVE-2019-1816

CREDITS

Cisco.

Trust: 0.9

sources: BID: 108131 // CNNVD: CNNVD-201905-021

SOURCES

db:	VULHUB	id:	VHN-150478
db:	BID	id:	108131
db:	JVNDB	id:	JVNDB-2019-003883
db:	CNNVD	id:	CNNVD-201905-021
db:	NVD	id:	CVE-2019-1816

LAST UPDATE DATE

2024-11-23T22:21:41.323000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-150478	date:	2019-10-09T00:00:00
db:	BID	id:	108131	date:	2019-05-01T00:00:00
db:	JVNDB	id:	JVNDB-2019-003883	date:	2019-05-23T00:00:00
db:	CNNVD	id:	CNNVD-201905-021	date:	2019-05-14T00:00:00
db:	NVD	id:	CVE-2019-1816	date:	2024-11-21T04:37:26.523

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-150478	date:	2019-05-03T00:00:00
db:	BID	id:	108131	date:	2019-05-01T00:00:00
db:	JVNDB	id:	JVNDB-2019-003883	date:	2019-05-23T00:00:00
db:	CNNVD	id:	CNNVD-201905-021	date:	2019-05-01T00:00:00
db:	NVD	id:	CVE-2019-1816	date:	2019-05-03T17:29:00.937