Details of VAR-201911-1769

ID

VAR-201911-1769

CVE

CVE-2019-15986

TITLE

Cisco Unity Express In OS Command injection vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-012700

DESCRIPTION

A vulnerability in the CLI of Cisco Unity Express could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. To exploit this vulnerability, an attacker would need valid administrator credentials. The vulnerability is due to improper input validation for certain CLI commands that are executed on a vulnerable system. An attacker could exploit this vulnerability by logging in to the system and sending crafted CLI commands. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system and elevate privileges to root. Cisco Unity Express (CUE) is a set of voice communication solutions of Cisco (Cisco). The product includes features such as voicemail and Interactive Voice Response (IVR). An operating system command injection vulnerability exists in Cisco CUE prior to 10.1

Trust: 1.71

sources: NVD: CVE-2019-15986 // JVNDB: JVNDB-2019-012700 // VULHUB: VHN-148087

AFFECTED PRODUCTS

vendor:	cisco	model:	unity express	scope:	lt	version:	10.1	Trust: 1.0
vendor:	cisco	model:	unity express	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2019-012700 // NVD: CVE-2019-15986

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-15986
value:	MEDIUM
Trust: 1.0
ykramarz@cisco.com:	CVE-2019-15986
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2019-15986
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201911-1198
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-148087
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2019-15986
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-148087
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

ykramarz@cisco.com:	CVE-2019-15986
baseSeverity:	MEDIUM
baseScore:	6.7
vectorString:	CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	0.8
impactScore:	5.9
version:	3.0
Trust: 1.8
nvd@nist.gov:	CVE-2019-15986
baseSeverity:	MEDIUM
baseScore:	6.7
vectorString:	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	0.8
impactScore:	5.9
version:	3.1
Trust: 1.0

sources: VULHUB: VHN-148087 // JVNDB: JVNDB-2019-012700 // CNNVD: CNNVD-201911-1198 // NVD: CVE-2019-15986 // NVD: CVE-2019-15986

PROBLEMTYPE DATA

problemtype:	CWE-78	Trust: 1.9
problemtype:	CWE-20	Trust: 1.0

sources: VULHUB: VHN-148087 // JVNDB: JVNDB-2019-012700 // NVD: CVE-2019-15986

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201911-1198

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201911-1198

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-012700

PATCH

title:	cisco-sa-20191120-unity-exp-comm-inject	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191120-unity-exp-comm-inject	Trust: 0.8
title:	Cisco Unity Express Fixes for operating system command injection vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=103141	Trust: 0.6

sources: JVNDB: JVNDB-2019-012700 // CNNVD: CNNVD-201911-1198

EXTERNAL IDS

db:	NVD	id:	CVE-2019-15986	Trust: 2.5
db:	JVNDB	id:	JVNDB-2019-012700	Trust: 0.8
db:	CNNVD	id:	CNNVD-201911-1198	Trust: 0.7
db:	AUSCERT	id:	ESB-2019.4396	Trust: 0.6
db:	VULHUB	id:	VHN-148087	Trust: 0.1

sources: VULHUB: VHN-148087 // JVNDB: JVNDB-2019-012700 // CNNVD: CNNVD-201911-1198 // NVD: CVE-2019-15986

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20191120-unity-exp-comm-inject	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2019-15986	Trust: 1.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-15986	Trust: 0.8
url:	https://www.auscert.org.au/bulletins/esb-2019.4396/	Trust: 0.6
url:	https://vigilance.fr/vulnerability/cisco-unity-express-privilege-escalation-via-cli-30929	Trust: 0.6

sources: VULHUB: VHN-148087 // JVNDB: JVNDB-2019-012700 // CNNVD: CNNVD-201911-1198 // NVD: CVE-2019-15986

SOURCES

db:	VULHUB	id:	VHN-148087
db:	JVNDB	id:	JVNDB-2019-012700
db:	CNNVD	id:	CNNVD-201911-1198
db:	NVD	id:	CVE-2019-15986

LAST UPDATE DATE

2024-11-23T22:44:46.936000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-148087	date:	2019-12-09T00:00:00
db:	JVNDB	id:	JVNDB-2019-012700	date:	2019-12-11T00:00:00
db:	CNNVD	id:	CNNVD-201911-1198	date:	2021-11-02T00:00:00
db:	NVD	id:	CVE-2019-15986	date:	2024-11-21T04:29:52.503

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-148087	date:	2019-11-26T00:00:00
db:	JVNDB	id:	JVNDB-2019-012700	date:	2019-12-11T00:00:00
db:	CNNVD	id:	CNNVD-201911-1198	date:	2019-11-20T00:00:00
db:	NVD	id:	CVE-2019-15986	date:	2019-11-26T04:15:11.827