Sign-up

ID

VAR-201908-0391


CVE

CVE-2019-1885


TITLE

Cisco Integrated Management Controller In OS Command injection vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-008615

DESCRIPTION

A vulnerability in the Redfish protocol of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to inject and execute arbitrary commands with root privileges on an affected device. The vulnerability is due to insufficient validation of user-supplied input by the affected software. An attacker could exploit this vulnerability by sending crafted authenticated commands to the web-based management interface of the affected software. A successful exploit could allow the attacker to inject and execute arbitrary commands on an affected device with root privileges. Both Cisco UCS C-Series and Cisco UCS S-Series are products of Cisco (Cisco). The Cisco UCS C-Series is a C-Series rack server. Cisco UCS S-Series is an S-Series rack server. Integrated Management Controller (IMC) Software is a set of software for managing UCS (Unified Computing System). The software supports HTTP, SSH access, etc., and can perform operations such as starting, shutting down and restarting the server. An operating system command injection vulnerability exists in IMC Software versions prior to 3.0 and Redfish protocol versions prior to 4.0 in Cisco UCS C-Series and S-Series Servers (in single mode) due to insufficient validation of user-submitted input

Trust: 1.8

sources: NVD: CVE-2019-1885 // JVNDB: JVNDB-2019-008615 // VULHUB: VHN-151237 // VULMON: CVE-2019-1885

AFFECTED PRODUCTS

vendor:ciscomodel:integrated management controller supervisorscope:ltversion:3.0\(4k\)

Trust: 1.0

vendor:ciscomodel:integrated management controller supervisorscope:gteversion:4.0.0.0

Trust: 1.0

vendor:ciscomodel:integrated management controller supervisorscope:ltversion:4.0\(2f\)

Trust: 1.0

vendor:ciscomodel:unified computing systemscope:eqversion:4.0\(1c\)hs3

Trust: 1.0

vendor:ciscomodel:integrated management controller supervisorscope:ltversion:4.0\(4b\)

Trust: 1.0

vendor:ciscomodel:integrated management controller supervisorscope:gteversion:3.0.0.0

Trust: 1.0

vendor:ciscomodel:integrated management controller supervisorscope: - version: -

Trust: 0.8

vendor:ciscomodel:unified computing system softwarescope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2019-008615 // NVD: CVE-2019-1885

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-1885
value: HIGH

Trust: 1.0

ykramarz@cisco.com: CVE-2019-1885
value: HIGH

Trust: 1.0

NVD: CVE-2019-1885
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201908-1714
value: HIGH

Trust: 0.6

VULHUB: VHN-151237
value: HIGH

Trust: 0.1

VULMON: CVE-2019-1885
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2019-1885
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-151237
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

ykramarz@cisco.com: CVE-2019-1885
baseSeverity: HIGH
baseScore: 7.2
vectorString: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.2
impactScore: 5.9
version: 3.0

Trust: 1.8

nvd@nist.gov: CVE-2019-1885
baseSeverity: HIGH
baseScore: 7.2
vectorString: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.2
impactScore: 5.9
version: 3.1

Trust: 1.0

sources: VULHUB: VHN-151237 // VULMON: CVE-2019-1885 // JVNDB: JVNDB-2019-008615 // CNNVD: CNNVD-201908-1714 // NVD: CVE-2019-1885 // NVD: CVE-2019-1885

PROBLEMTYPE DATA

problemtype:CWE-78

Trust: 1.9

sources: VULHUB: VHN-151237 // JVNDB: JVNDB-2019-008615 // NVD: CVE-2019-1885

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201908-1714

TYPE

operating system commend injection

Trust: 0.6

sources: CNNVD: CNNVD-201908-1714

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2019-008615

PATCH
title:cisco-sa-20190821-ucs-cimcurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-ucs-cimc
Trust: 0.8
title:Cisco Integrated Management Controller Fixes for operating system command injection vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=97308
Trust: 0.6
title:Cisco: Cisco Integrated Management Controller Command Injection Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20190821-ucs-cimc
Trust: 0.1
title: - url:https://github.com/chnzzh/Redfish-CVE-lib 
Trust: 0.1
sources:
            
            
            VULMON: CVE-2019-1885 // 
            
            
            
            JVNDB: JVNDB-2019-008615 // 
            
            
            
            CNNVD: CNNVD-201908-1714

EXTERNAL IDS
db:NVDid:CVE-2019-1885
Trust: 2.6
db:JVNDBid:JVNDB-2019-008615
Trust: 0.8
db:CNNVDid:CNNVD-201908-1714
Trust: 0.7
db:AUSCERTid:ESB-2019.3212
Trust: 0.6
db:VULHUBid:VHN-151237
Trust: 0.1
db:VULMONid:CVE-2019-1885
Trust: 0.1
sources:
            
            
            VULHUB: VHN-151237 // 
            
            
            
            VULMON: CVE-2019-1885 // 
            
            
            
            JVNDB: JVNDB-2019-008615 // 
            
            
            
            CNNVD: CNNVD-201908-1714 // 
            
            
            
            NVD: CVE-2019-1885

REFERENCES
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190821-ucs-cimc
Trust: 1.9
url:https://nvd.nist.gov/vuln/detail/cve-2019-1885
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1885
Trust: 0.8
url:https://www.auscert.org.au/bulletins/esb-2019.3212/
Trust: 0.6
url:https://cwe.mitre.org/data/definitions/78.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://github.com/chnzzh/redfish-cve-lib
Trust: 0.1
sources:
            
            
            VULHUB: VHN-151237 // 
            
            
            
            VULMON: CVE-2019-1885 // 
            
            
            
            JVNDB: JVNDB-2019-008615 // 
            
            
            
            CNNVD: CNNVD-201908-1714 // 
            
            
            
            NVD: CVE-2019-1885

SOURCES
db:VULHUBid:VHN-151237
db:VULMONid:CVE-2019-1885
db:JVNDBid:JVNDB-2019-008615
db:CNNVDid:CNNVD-201908-1714
db:NVDid:CVE-2019-1885

LAST UPDATE DATE
2024-11-23T21:59:48.461000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-151237date:2019-10-09T00:00:00
db:VULMONid:CVE-2019-1885date:2019-10-09T00:00:00
db:JVNDBid:JVNDB-2019-008615date:2019-09-04T00:00:00
db:CNNVDid:CNNVD-201908-1714date:2019-09-04T00:00:00
db:NVDid:CVE-2019-1885date:2024-11-21T04:37:36.810

SOURCES RELEASE DATE
db:VULHUBid:VHN-151237date:2019-08-21T00:00:00
db:VULMONid:CVE-2019-1885date:2019-08-21T00:00:00
db:JVNDBid:JVNDB-2019-008615date:2019-09-04T00:00:00
db:CNNVDid:CNNVD-201908-1714date:2019-08-21T00:00:00
db:NVDid:CVE-2019-1885date:2019-08-21T19:15:14.840