Details of VAR-201906-0289

ID

VAR-201906-0289

CVE

CVE-2019-1880

TITLE

Cisco Unified Computing System C-Series Rack Server Vulnerabilities related to insufficient validation of data reliability

Trust: 0.8

sources: JVNDB: JVNDB-2019-005281

DESCRIPTION

A vulnerability in the BIOS upgrade utility of Cisco Unified Computing System (UCS) C-Series Rack Servers could allow an authenticated, local attacker to install compromised BIOS firmware on an affected device. The vulnerability is due to insufficient validation of the firmware image file. An attacker could exploit this vulnerability by executing the BIOS upgrade utility with a specific set of options. A successful exploit could allow the attacker to bypass the firmware signature-verification process and install compromised BIOS firmware on an affected device. Cisco Unified Computing System (UCS) C-Series Rack Server Contains vulnerabilities related to insufficient validation of data reliability.Information may be tampered with. Cisco Unified Computing System Central Software is prone to a security-bypass Vulnerability. Attackers can exploit this issue to bypass certain security restrictions to perform unauthorized actions. This issue being tracked by Cisco Bug IDs CSCvp12824, CSCvp12840

Trust: 1.89

sources: NVD: CVE-2019-1880 // JVNDB: JVNDB-2019-005281 // BID: 108680

AFFECTED PRODUCTS

vendor:	cisco	model:	unified computing system server	scope:	lt	version:	4.0\(4c\)	Trust: 1.0
vendor:	cisco	model:	unified computing system server	scope:	lt	version:	4.0\(2g\)	Trust: 1.0
vendor:	cisco	model:	unified computing system server	scope:	gte	version:	4.0	Trust: 1.0
vendor:	cisco	model:	unified computing system server	scope:	lt	version:	3.0\(4l\)	Trust: 1.0
vendor:	cisco	model:	industrial network director	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	unified computing system 4.0 s7	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	unified computing system 3.0 h	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ucs c-series rack servers 4.0 hs3	scope:	-	version:	-	Trust: 0.3

sources: BID: 108680 // JVNDB: JVNDB-2019-005281 // NVD: CVE-2019-1880

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-1880
value:	MEDIUM
Trust: 1.0
ykramarz@cisco.com:	CVE-2019-1880
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2019-1880
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201906-153
value:	MEDIUM
Trust: 0.6

nvd@nist.gov:	CVE-2019-1880
severity:	LOW
baseScore:	2.1
vectorString:	AV:L/AC:L/AU:N/C:N/I:P/A:N
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8

nvd@nist.gov:	CVE-2019-1880
baseSeverity:	MEDIUM
baseScore:	4.4
vectorString:	CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	HIGH
availabilityImpact:	NONE
exploitabilityScore:	0.8
impactScore:	3.6
version:	3.0
Trust: 2.8

sources: JVNDB: JVNDB-2019-005281 // CNNVD: CNNVD-201906-153 // NVD: CVE-2019-1880 // NVD: CVE-2019-1880

PROBLEMTYPE DATA

problemtype:

CWE-345

Trust: 1.8

sources: JVNDB: JVNDB-2019-005281 // NVD: CVE-2019-1880

THREAT TYPE

local

Trust: 0.9

sources: BID: 108680 // CNNVD: CNNVD-201906-153

TYPE

data forgery

Trust: 0.6

sources: CNNVD: CNNVD-201906-153

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-005281

PATCH

title:	cisco-sa-20190605-ucs-biossig-bypass	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190605-ucs-biossig-bypass	Trust: 0.8
title:	Cisco Unified Computing System C-Series Rack Servers Repair measures for data forgery problem vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=93245	Trust: 0.6

sources: JVNDB: JVNDB-2019-005281 // CNNVD: CNNVD-201906-153

EXTERNAL IDS

db:	NVD	id:	CVE-2019-1880	Trust: 2.7
db:	BID	id:	108680	Trust: 1.9
db:	JVNDB	id:	JVNDB-2019-005281	Trust: 0.8
db:	AUSCERT	id:	ESB-2020.0766	Trust: 0.6
db:	AUSCERT	id:	ESB-2019.2028	Trust: 0.6
db:	CNNVD	id:	CNNVD-201906-153	Trust: 0.6

sources: BID: 108680 // JVNDB: JVNDB-2019-005281 // CNNVD: CNNVD-201906-153 // NVD: CVE-2019-1880

REFERENCES

url:	http://www.securityfocus.com/bid/108680	Trust: 2.2
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190605-ucs-biossig-bypass	Trust: 1.9
url:	https://nvd.nist.gov/vuln/detail/cve-2019-1880	Trust: 1.4
url:	http://www.cisco.com/c/en/us/support/servers-unified-computing/ucs-central-software/tsd-products-support-series-home.html	Trust: 0.9
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1880	Trust: 0.8
url:	https://www.auscert.org.au/bulletins/esb-2020.0766/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2019.2028/	Trust: 0.6
url:	https://vigilance.fr/vulnerability/cisco-unified-computing-system-privilege-escalation-via-bios-upgrade-29477	Trust: 0.6
url:	http://www.cisco.com/	Trust: 0.3

sources: BID: 108680 // JVNDB: JVNDB-2019-005281 // CNNVD: CNNVD-201906-153 // NVD: CVE-2019-1880

CREDITS

Cisco

Trust: 0.9

sources: BID: 108680 // CNNVD: CNNVD-201906-153

SOURCES

db:	BID	id:	108680
db:	JVNDB	id:	JVNDB-2019-005281
db:	CNNVD	id:	CNNVD-201906-153
db:	NVD	id:	CVE-2019-1880

LAST UPDATE DATE

2024-08-14T12:35:06.329000+00:00

SOURCES UPDATE DATE

db:	BID	id:	108680	date:	2019-06-05T00:00:00
db:	JVNDB	id:	JVNDB-2019-005281	date:	2019-06-18T00:00:00
db:	CNNVD	id:	CNNVD-201906-153	date:	2020-03-04T00:00:00
db:	NVD	id:	CVE-2019-1880	date:	2019-10-09T23:48:25.190

SOURCES RELEASE DATE

db:	BID	id:	108680	date:	2019-06-05T00:00:00
db:	JVNDB	id:	JVNDB-2019-005281	date:	2019-06-18T00:00:00
db:	CNNVD	id:	CNNVD-201906-153	date:	2019-06-05T00:00:00
db:	NVD	id:	CVE-2019-1880	date:	2019-06-05T17:29:00.647