Details of VAR-201906-0563

ID

VAR-201906-0563

CVE

CVE-2019-1625

TITLE

Cisco SD-WAN Solution Vulnerabilities related to authorization, permissions, and access control

Trust: 0.8

sources: JVNDB: JVNDB-2019-005705

DESCRIPTION

A vulnerability in the CLI of Cisco SD-WAN Solution could allow an authenticated, local attacker to elevate lower-level privileges to the root user on an affected device. The vulnerability is due to insufficient authorization enforcement. An attacker could exploit this vulnerability by authenticating to the targeted device and executing commands that could lead to elevated privileges. A successful exploit could allow the attacker to make configuration changes to the system as the root user. Cisco SD-WAN Solution Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Cisco SD-WAN Solution is prone to local privilege-escalation vulnerability. This issue is being tracked by Cisco Bug ID CSCvi69756. Versions prior to Cisco SD-WAN Solution 18.3.6, 18.4.1, and 19.1.0 are vulnerable. CLI is one of those command line interfaces. The following products and versions are affected: Cisco vBond Orchestrator Software; vEdge 100 Series Routers; vEdge 1000 Series Routers; vEdge 2000 Series Routers; vEdge 5000 Series Routers; vEdge Cloud Router Platform; vManage Network Management Software; vSmart Controller Software

Trust: 1.98

sources: NVD: CVE-2019-1625 // JVNDB: JVNDB-2019-005705 // BID: 108844 // VULHUB: VHN-148377

AFFECTED PRODUCTS

vendor:	cisco	model:	sd-wan	scope:	eq	version:	18.4.0	Trust: 1.0
vendor:	cisco	model:	sd-wan	scope:	lt	version:	18.3.6	Trust: 1.0
vendor:	cisco	model:	sd-wan	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	vsmart controller software	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	vmanage network management software	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	vedge cloud router platform	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	vedge series routers	scope:	eq	version:	50000	Trust: 0.3
vendor:	cisco	model:	vedge series routers	scope:	eq	version:	20000	Trust: 0.3
vendor:	cisco	model:	vedge series routers	scope:	eq	version:	10000	Trust: 0.3
vendor:	cisco	model:	vedge series routers	scope:	eq	version:	1000	Trust: 0.3
vendor:	cisco	model:	vbond orchestrator software	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	sd-wan	scope:	eq	version:	18.4	Trust: 0.3
vendor:	cisco	model:	sd-wan	scope:	eq	version:	18.3.5	Trust: 0.3
vendor:	cisco	model:	sd-wan	scope:	eq	version:	18.3.4	Trust: 0.3
vendor:	cisco	model:	sd-wan	scope:	eq	version:	18.3.3	Trust: 0.3
vendor:	cisco	model:	sd-wan	scope:	eq	version:	18.3.1	Trust: 0.3
vendor:	cisco	model:	sd-wan	scope:	eq	version:	18.3	Trust: 0.3
vendor:	cisco	model:	sd-wan	scope:	eq	version:	18.3.3.1	Trust: 0.3
vendor:	cisco	model:	sd-wan	scope:	ne	version:	19.1	Trust: 0.3
vendor:	cisco	model:	sd-wan	scope:	ne	version:	18.4.1	Trust: 0.3
vendor:	cisco	model:	sd-wan	scope:	ne	version:	18.3.6	Trust: 0.3

sources: BID: 108844 // JVNDB: JVNDB-2019-005705 // NVD: CVE-2019-1625

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-1625
value:	HIGH
Trust: 1.0
ykramarz@cisco.com:	CVE-2019-1625
value:	HIGH
Trust: 1.0
NVD:	CVE-2019-1625
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201906-795
value:	HIGH
Trust: 0.6
VULHUB:	VHN-148377
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2019-1625
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-148377
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

ykramarz@cisco.com:	CVE-2019-1625
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.0
Trust: 1.8
nvd@nist.gov:	CVE-2019-1625
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 1.0

sources: VULHUB: VHN-148377 // JVNDB: JVNDB-2019-005705 // CNNVD: CNNVD-201906-795 // NVD: CVE-2019-1625 // NVD: CVE-2019-1625

PROBLEMTYPE DATA

problemtype:	CWE-264	Trust: 1.9
problemtype:	NVD-CWE-Other	Trust: 1.0

sources: VULHUB: VHN-148377 // JVNDB: JVNDB-2019-005705 // NVD: CVE-2019-1625

THREAT TYPE

local

Trust: 0.9

sources: BID: 108844 // CNNVD: CNNVD-201906-795

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-201906-795

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-005705

PATCH

title:	cisco-sa-20190619-sdwan-privesca	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190619-sdwan-privesca	Trust: 0.8
title:	Cisco SD-WAN Solution Fixes for permissions and access control issues vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=93945	Trust: 0.6

sources: JVNDB: JVNDB-2019-005705 // CNNVD: CNNVD-201906-795

EXTERNAL IDS

db:	NVD	id:	CVE-2019-1625	Trust: 2.8
db:	BID	id:	108844	Trust: 2.0
db:	JVNDB	id:	JVNDB-2019-005705	Trust: 0.8
db:	CNNVD	id:	CNNVD-201906-795	Trust: 0.7
db:	AUSCERT	id:	ESB-2019.2191	Trust: 0.6
db:	VULHUB	id:	VHN-148377	Trust: 0.1

sources: VULHUB: VHN-148377 // BID: 108844 // JVNDB: JVNDB-2019-005705 // CNNVD: CNNVD-201906-795 // NVD: CVE-2019-1625

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190619-sdwan-privesca	Trust: 2.0
url:	http://www.securityfocus.com/bid/108844	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2019-1625	Trust: 1.4
url:	http://www.cisco.com/	Trust: 0.9
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1625	Trust: 0.8
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190619-sdwan-privilescal	Trust: 0.6
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190619-sdwan-cmdinj	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2019.2191/	Trust: 0.6
url:	https://vigilance.fr/vulnerability/cisco-sd-wan-solution-privilege-escalation-via-cli-29573	Trust: 0.6

sources: VULHUB: VHN-148377 // BID: 108844 // JVNDB: JVNDB-2019-005705 // CNNVD: CNNVD-201906-795 // NVD: CVE-2019-1625

CREDITS

The vendor reported this issue.

Trust: 0.3

sources: BID: 108844

SOURCES

db:	VULHUB	id:	VHN-148377
db:	BID	id:	108844
db:	JVNDB	id:	JVNDB-2019-005705
db:	CNNVD	id:	CNNVD-201906-795
db:	NVD	id:	CVE-2019-1625

LAST UPDATE DATE

2024-08-14T13:44:57.460000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-148377	date:	2020-10-06T00:00:00
db:	BID	id:	108844	date:	2019-06-19T00:00:00
db:	JVNDB	id:	JVNDB-2019-005705	date:	2019-06-26T00:00:00
db:	CNNVD	id:	CNNVD-201906-795	date:	2020-10-09T00:00:00
db:	NVD	id:	CVE-2019-1625	date:	2021-08-12T21:34:38.783

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-148377	date:	2019-06-20T00:00:00
db:	BID	id:	108844	date:	2019-06-19T00:00:00
db:	JVNDB	id:	JVNDB-2019-005705	date:	2019-06-26T00:00:00
db:	CNNVD	id:	CNNVD-201906-795	date:	2019-06-20T00:00:00
db:	NVD	id:	CVE-2019-1625	date:	2019-06-20T03:15:11.370