ID

VAR-201906-0687


CVE

CVE-2019-1904


TITLE

Cisco IOS XE Software cross-site request forgery vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-005714

DESCRIPTION

A vulnerability in the web-based UI (web UI) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. The vulnerability is due to insufficient CSRF protections for the web UI on an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to follow a malicious link. A successful exploit could allow the attacker to perform arbitrary actions with the privilege level of the affected user. If the user has administrative privileges, the attacker could alter the configuration, execute commands, or reload an affected device. This vulnerability affects Cisco devices that are running a vulnerable release of Cisco IOS XE Software with the HTTP Server feature enabled. The default state of the HTTP Server feature is version dependent. This issue is being tracked by Cisco bug ID CSCuy98103. The vulnerability stems from the WEB application not adequately verifying that the request is from a trusted user

Trust: 1.98

sources: NVD: CVE-2019-1904 // JVNDB: JVNDB-2019-005714 // BID: 108737 // VULHUB: VHN-151446

AFFECTED PRODUCTS

vendor:ciscomodel:ios xescope:eqversion:16.3.1

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.1.3

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.2.1

Trust: 1.0

vendor:ciscomodel:ios xescope: - version: -

Trust: 0.8

vendor:ciscomodel:iosscope:eqversion:16.3.1

Trust: 0.3

vendor:ciscomodel:iosscope:eqversion:16.2.1

Trust: 0.3

vendor:ciscomodel:iosscope:eqversion:16.1.3

Trust: 0.3

vendor:ciscomodel:iosscope:neversion:16.4.1

Trust: 0.3

vendor:ciscomodel:ios everest-16.4.1scope:neversion: -

Trust: 0.3

sources: BID: 108737 // JVNDB: JVNDB-2019-005714 // NVD: CVE-2019-1904

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-1904
value: HIGH

Trust: 1.0

ykramarz@cisco.com: CVE-2019-1904
value: HIGH

Trust: 1.0

NVD: CVE-2019-1904
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201906-546
value: HIGH

Trust: 0.6

VULHUB: VHN-151446
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2019-1904
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-151446
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

ykramarz@cisco.com: CVE-2019-1904
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.0

Trust: 1.8

nvd@nist.gov: CVE-2019-1904
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 1.0

sources: VULHUB: VHN-151446 // JVNDB: JVNDB-2019-005714 // CNNVD: CNNVD-201906-546 // NVD: CVE-2019-1904 // NVD: CVE-2019-1904

PROBLEMTYPE DATA

problemtype:CWE-352

Trust: 1.9

sources: VULHUB: VHN-151446 // JVNDB: JVNDB-2019-005714 // NVD: CVE-2019-1904

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201906-546

TYPE

cross-site request forgery

Trust: 0.6

sources: CNNVD: CNNVD-201906-546

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-005714

PATCH

title:cisco-sa-20190612-iosxe-csrfurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190612-iosxe-csrf

Trust: 0.8

title:Cisco IOS XE Fixes for cross-site request forgery vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=93779

Trust: 0.6

sources: JVNDB: JVNDB-2019-005714 // CNNVD: CNNVD-201906-546

EXTERNAL IDS

db:NVDid:CVE-2019-1904

Trust: 2.8

db:BIDid:108737

Trust: 1.0

db:JVNDBid:JVNDB-2019-005714

Trust: 0.8

db:CNNVDid:CNNVD-201906-546

Trust: 0.7

db:AUSCERTid:ESB-2019.2102

Trust: 0.6

db:VULHUBid:VHN-151446

Trust: 0.1

sources: VULHUB: VHN-151446 // BID: 108737 // JVNDB: JVNDB-2019-005714 // CNNVD: CNNVD-201906-546 // NVD: CVE-2019-1904

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190612-iosxe-csrf

Trust: 2.0

url:http://www.cisco.com/

Trust: 0.9

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1904

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2019-1904

Trust: 0.8

url:https://vigilance.fr/vulnerability/cisco-ios-xe-cross-site-request-forgery-via-web-ui-29526

Trust: 0.6

url:https://www.securityfocus.com/bid/108737

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2019.2102/

Trust: 0.6

sources: VULHUB: VHN-151446 // BID: 108737 // JVNDB: JVNDB-2019-005714 // CNNVD: CNNVD-201906-546 // NVD: CVE-2019-1904

CREDITS

This vulnerability was also independently discovered by Mr. James Chambers (Research Scientist) of Red Balloon Security. Red Balloon Security to Cisco and working toward a coordinated disclosure.,Mr. James Chambers (Research Scientist) of Red Balloon Security. Red Balloon Security to Cisco and working toward a coordinated disclosure.,Cisco

Trust: 0.6

sources: CNNVD: CNNVD-201906-546

SOURCES

db:VULHUBid:VHN-151446
db:BIDid:108737
db:JVNDBid:JVNDB-2019-005714
db:CNNVDid:CNNVD-201906-546
db:NVDid:CVE-2019-1904

LAST UPDATE DATE

2024-08-14T15:07:40.120000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-151446date:2019-10-09T00:00:00
db:BIDid:108737date:2019-06-12T00:00:00
db:JVNDBid:JVNDB-2019-005714date:2019-06-27T00:00:00
db:CNNVDid:CNNVD-201906-546date:2019-07-17T00:00:00
db:NVDid:CVE-2019-1904date:2021-10-18T12:04:49.910

SOURCES RELEASE DATE

db:VULHUBid:VHN-151446date:2019-06-21T00:00:00
db:BIDid:108737date:2019-06-12T00:00:00
db:JVNDBid:JVNDB-2019-005714date:2019-06-27T00:00:00
db:CNNVDid:CNNVD-201906-546date:2019-06-12T00:00:00
db:NVDid:CVE-2019-1904date:2019-06-21T03:15:09.513