Details of VAR-201910-0968

ID

VAR-201910-0968

CVE

CVE-2019-15249

TITLE

Cisco SPA100 Series Analog Telephone Adapters Buffer error vulnerability

Trust: 1.4

sources: JVNDB: JVNDB-2019-010962 // CNNVD: CNNVD-201910-1130

DESCRIPTION

Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based management interface. An attacker could exploit these vulnerabilities by authenticating to the web-based management interface and sending crafted requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code with elevated privileges. Note: The web-based management interface is enabled by default. Cisco SPA100 Series Analog Telephone Adapters (ATAs) is a SPA100 series analog telephone adapter from Cisco (USA). A buffer overflow vulnerability exists in Cisco SPA100 Series ATAs. The vulnerability stems from the program's failure to properly validate input submitted by users. Code

Trust: 2.25

sources: NVD: CVE-2019-15249 // JVNDB: JVNDB-2019-010962 // CNVD: CNVD-2019-36459 // VULMON: CVE-2019-15249

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2019-36459

AFFECTED PRODUCTS

vendor:	cisco	model:	spa112	scope:	eq	version:	1.4.1	Trust: 1.6
vendor:	cisco	model:	spa122	scope:	eq	version:	1.4.1	Trust: 1.6
vendor:	cisco	model:	spa112	scope:	lt	version:	1.4.1	Trust: 1.0
vendor:	cisco	model:	spa122	scope:	lt	version:	1.4.1	Trust: 1.0
vendor:	cisco	model:	spa 112	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	spa 122	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	spa100 series atas	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	spa112	scope:	eq	version:	-	Trust: 0.6
vendor:	cisco	model:	spa122	scope:	eq	version:	-	Trust: 0.6

sources: CNVD: CNVD-2019-36459 // JVNDB: JVNDB-2019-010962 // CNNVD: CNNVD-201910-1130 // NVD: CVE-2019-15249

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-15249
value:	HIGH
Trust: 1.0
ykramarz@cisco.com:	CVE-2019-15249
value:	HIGH
Trust: 1.0
NVD:	CVE-2019-15249
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2019-36459
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201910-1130
value:	HIGH
Trust: 0.6
VULMON:	CVE-2019-15249
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2019-15249
severity:	MEDIUM
baseScore:	5.2
vectorString:	AV:A/AC:L/AU:S/C:P/I:P/A:P
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	5.1
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
CNVD:	CNVD-2019-36459
severity:	MEDIUM
baseScore:	5.2
vectorString:	AV:A/AC:L/AU:S/C:P/I:P/A:P
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	5.1
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

ykramarz@cisco.com:	CVE-2019-15249
baseSeverity:	HIGH
baseScore:	8.0
vectorString:	CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.1
impactScore:	5.9
version:	3.0
Trust: 1.8
nvd@nist.gov:	CVE-2019-15249
baseSeverity:	HIGH
baseScore:	8.0
vectorString:	CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.1
impactScore:	5.9
version:	3.1
Trust: 1.0

sources: CNVD: CNVD-2019-36459 // VULMON: CVE-2019-15249 // JVNDB: JVNDB-2019-010962 // CNNVD: CNNVD-201910-1130 // NVD: CVE-2019-15249 // NVD: CVE-2019-15249

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.8

sources: JVNDB: JVNDB-2019-010962 // NVD: CVE-2019-15249

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-201910-1130

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201910-1130

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-010962

PATCH

title:	cisco-sa-20191016-spa-rce	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-spa-rce	Trust: 0.8
title:	Patch for Cisco SPA100 Series Analog Telephone Adapters Buffer Overflow Vulnerability (CNVD-2019-36459)	url:	https://www.cnvd.org.cn/patchInfo/show/186151	Trust: 0.6
title:	Cisco: Cisco SPA100 Series Analog Telephone Adapters Remote Code Execution Vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20191016-spa-rce	Trust: 0.1

sources: CNVD: CNVD-2019-36459 // VULMON: CVE-2019-15249 // JVNDB: JVNDB-2019-010962

EXTERNAL IDS

db:	NVD	id:	CVE-2019-15249	Trust: 3.1
db:	JVNDB	id:	JVNDB-2019-010962	Trust: 0.8
db:	CNVD	id:	CNVD-2019-36459	Trust: 0.6
db:	AUSCERT	id:	ESB-2019.3878	Trust: 0.6
db:	CNNVD	id:	CNNVD-201910-1130	Trust: 0.6
db:	VULMON	id:	CVE-2019-15249	Trust: 0.1

sources: CNVD: CNVD-2019-36459 // VULMON: CVE-2019-15249 // JVNDB: JVNDB-2019-010962 // CNNVD: CNNVD-201910-1130 // NVD: CVE-2019-15249

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20191016-spa-rce	Trust: 2.3
url:	https://nvd.nist.gov/vuln/detail/cve-2019-15249	Trust: 2.0
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-15249	Trust: 0.8
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20191016-spa-ui-disclosure	Trust: 0.6
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20191016-spa-webui-dos	Trust: 0.6
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20191016-spa-running-config	Trust: 0.6
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20191016-spa-reflected-xss	Trust: 0.6
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20191016-spa-credentials	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2019.3878/	Trust: 0.6
url:	https://vigilance.fr/vulnerability/cisco-spa100-series-ata-code-execution-30652	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/119.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/169341	Trust: 0.1

sources: CNVD: CNVD-2019-36459 // VULMON: CVE-2019-15249 // JVNDB: JVNDB-2019-010962 // CNNVD: CNNVD-201910-1130 // NVD: CVE-2019-15249

CREDITS

Andrew Orr and Alex Weber of Tenable Inc. .

Trust: 0.6

sources: CNNVD: CNNVD-201910-1130

SOURCES

db:	CNVD	id:	CNVD-2019-36459
db:	VULMON	id:	CVE-2019-15249
db:	JVNDB	id:	JVNDB-2019-010962
db:	CNNVD	id:	CNNVD-201910-1130
db:	NVD	id:	CVE-2019-15249

LAST UPDATE DATE

2024-11-23T21:51:52.754000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2019-36459	date:	2019-10-22T00:00:00
db:	VULMON	id:	CVE-2019-15249	date:	2019-10-18T00:00:00
db:	JVNDB	id:	JVNDB-2019-010962	date:	2019-10-25T00:00:00
db:	CNNVD	id:	CNNVD-201910-1130	date:	2019-10-21T00:00:00
db:	NVD	id:	CVE-2019-15249	date:	2024-11-21T04:28:17.537

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2019-36459	date:	2019-10-22T00:00:00
db:	VULMON	id:	CVE-2019-15249	date:	2019-10-16T00:00:00
db:	JVNDB	id:	JVNDB-2019-010962	date:	2019-10-25T00:00:00
db:	CNNVD	id:	CNNVD-201910-1130	date:	2019-10-16T00:00:00
db:	NVD	id:	CVE-2019-15249	date:	2019-10-16T19:15:13.113