Details of VAR-201909-0179

ID

VAR-201909-0179

CVE

CVE-2019-12666

TITLE

Cisco IOS XE Software path traversal vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-010294

DESCRIPTION

A vulnerability in the Guest Shell of Cisco IOS XE Software could allow an authenticated, local attacker to perform directory traversal on the base Linux operating system of Cisco IOS XE Software. The vulnerability is due to incomplete validation of certain commands. An attacker could exploit this vulnerability by first accessing the Guest Shell and then entering specific commands. A successful exploit could allow the attacker to execute arbitrary code on the base Linux operating system

Trust: 1.71

sources: NVD: CVE-2019-12666 // JVNDB: JVNDB-2019-010294 // VULHUB: VHN-144435

AFFECTED PRODUCTS

vendor:	cisco	model:	ios xe	scope:	eq	version:	16.11.1	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	gte	version:	16.4	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	gte	version:	16.7	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	lt	version:	16.9.3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	lt	version:	16.6.5	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.5.1b	Trust: 0.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.5.1	Trust: 0.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.4.2	Trust: 0.6

sources: JVNDB: JVNDB-2019-010294 // CNNVD: CNNVD-201909-1117 // NVD: CVE-2019-12666

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-12666
value:	MEDIUM
Trust: 1.0
ykramarz@cisco.com:	CVE-2019-12666
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2019-12666
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201909-1117
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-144435
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2019-12666
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-144435
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

ykramarz@cisco.com:	CVE-2019-12666
baseSeverity:	MEDIUM
baseScore:	6.7
vectorString:	CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	0.8
impactScore:	5.9
version:	3.0
Trust: 1.8
nvd@nist.gov:	CVE-2019-12666
baseSeverity:	MEDIUM
baseScore:	6.7
vectorString:	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	0.8
impactScore:	5.9
version:	3.1
Trust: 1.0

sources: VULHUB: VHN-144435 // JVNDB: JVNDB-2019-010294 // CNNVD: CNNVD-201909-1117 // NVD: CVE-2019-12666 // NVD: CVE-2019-12666

PROBLEMTYPE DATA

problemtype:

CWE-22

Trust: 1.9

sources: VULHUB: VHN-144435 // JVNDB: JVNDB-2019-010294 // NVD: CVE-2019-12666

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201909-1117

TYPE

path traversal

Trust: 0.6

sources: CNNVD: CNNVD-201909-1117

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-010294

PATCH

title:	cisco-sa-20190925-dt	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-dt	Trust: 0.8
title:	Cisco IOS XE Repair measures for path traversal vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=98536	Trust: 0.6

sources: JVNDB: JVNDB-2019-010294 // CNNVD: CNNVD-201909-1117

EXTERNAL IDS

db:	NVD	id:	CVE-2019-12666	Trust: 2.5
db:	JVNDB	id:	JVNDB-2019-010294	Trust: 0.8
db:	CNNVD	id:	CNNVD-201909-1117	Trust: 0.7
db:	AUSCERT	id:	ESB-2019.3615.2	Trust: 0.6
db:	AUSCERT	id:	ESB-2019.3615	Trust: 0.6
db:	VULHUB	id:	VHN-144435	Trust: 0.1

sources: VULHUB: VHN-144435 // JVNDB: JVNDB-2019-010294 // CNNVD: CNNVD-201909-1117 // NVD: CVE-2019-12666

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-dt	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2019-12666	Trust: 1.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-12666	Trust: 0.8
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-webui-cmd-injection	Trust: 0.6
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-vman-cmd-injection	Trust: 0.6
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-utd	Trust: 0.6
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-ctspac-dos	Trust: 0.6
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-xss	Trust: 0.6
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-rawtcp-dos	Trust: 0.6
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-sip-alg	Trust: 0.6
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-isdn-data-leak	Trust: 0.6
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-iox-gs	Trust: 0.6
url:	httpserv-dos	Trust: 0.6
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-iosxe-fsdos	Trust: 0.6
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-ftp	Trust: 0.6
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-iosxe-digsig-bypass	Trust: 0.6
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-iosxe-ctbypass	Trust: 0.6
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-iosxe-codeexec	Trust: 0.6
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190925-awr	Trust: 0.6
url:	https://vigilance.fr/vulnerability/cisco-ios-xe-directory-traversal-30421	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2019.3615.2/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2019.3615/	Trust: 0.6

sources: VULHUB: VHN-144435 // JVNDB: JVNDB-2019-010294 // CNNVD: CNNVD-201909-1117 // NVD: CVE-2019-12666

SOURCES

db:	VULHUB	id:	VHN-144435
db:	JVNDB	id:	JVNDB-2019-010294
db:	CNNVD	id:	CNNVD-201909-1117
db:	NVD	id:	CVE-2019-12666

LAST UPDATE DATE

2024-11-23T21:36:54.347000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-144435	date:	2019-10-09T00:00:00
db:	JVNDB	id:	JVNDB-2019-010294	date:	2019-10-10T00:00:00
db:	CNNVD	id:	CNNVD-201909-1117	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2019-12666	date:	2024-11-21T04:23:18.757

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-144435	date:	2019-09-25T00:00:00
db:	JVNDB	id:	JVNDB-2019-010294	date:	2019-10-10T00:00:00
db:	CNNVD	id:	CNNVD-201909-1117	date:	2019-09-25T00:00:00
db:	NVD	id:	CVE-2019-12666	date:	2019-09-25T21:15:11.453