ID

VAR-202002-0701


CVE

CVE-2020-3173


TITLE

Cisco UCS Manager Software Operating System Command Injection Vulnerability

Trust: 1.2

sources: CNVD: CNVD-2020-14762 // CNNVD: CNNVD-202002-1242

DESCRIPTION

A vulnerability in the local management (local-mgmt) CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS) on an affected device. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by including crafted arguments to specific commands on the local management CLI. A successful exploit could allow the attacker to execute arbitrary commands on the underlying OS with the privileges of the currently logged-in user for all affected platforms excluding Cisco UCS 6400 Series Fabric Interconnects. On Cisco UCS 6400 Series Fabric Interconnects, the injected commands are executed with root privileges. Cisco UCS Manager The software contains vulnerabilities to inadequate validation of data reliability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state

Trust: 2.16

sources: NVD: CVE-2020-3173 // JVNDB: JVNDB-2020-002445 // CNVD: CNVD-2020-14762

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2020-14762

AFFECTED PRODUCTS

vendor:ciscomodel:ucs managerscope:gteversion:4.0

Trust: 1.0

vendor:ciscomodel:ucs managerscope:ltversion:4.0\(4c\)

Trust: 1.0

vendor:ciscomodel:ucs managerscope:ltversion:3.2\(3n\)

Trust: 1.0

vendor:ciscomodel:ucs managerscope: - version: -

Trust: 0.8

vendor:ciscomodel:ucs series fabric interconnectsscope:eqversion:6200

Trust: 0.6

vendor:ciscomodel:ucs series fabric interconnectsscope:eqversion:6300

Trust: 0.6

vendor:ciscomodel:ucs series fabric interconnectsscope:eqversion:6400

Trust: 0.6

vendor:ciscomodel:ucs 6248upscope:eqversion: -

Trust: 0.6

vendor:ciscomodel:ucs 6332-16upscope:eqversion: -

Trust: 0.6

vendor:ciscomodel:ucs 6332scope:eqversion: -

Trust: 0.6

vendor:ciscomodel:ucs managerscope:eqversion:4.0

Trust: 0.6

vendor:ciscomodel:ucs managerscope:eqversion:3.2

Trust: 0.6

vendor:ciscomodel:ucs 64108scope:eqversion: -

Trust: 0.6

vendor:ciscomodel:ucs 6324scope:eqversion: -

Trust: 0.6

vendor:ciscomodel:ucs managerscope:eqversion:3.23m

Trust: 0.6

vendor:ciscomodel:ucs 6454scope:eqversion: -

Trust: 0.6

vendor:ciscomodel:ucs 6296upscope:eqversion: -

Trust: 0.6

sources: CNVD: CNVD-2020-14762 // JVNDB: JVNDB-2020-002445 // CNNVD: CNNVD-202002-1242 // NVD: CVE-2020-3173

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-3173
value: HIGH

Trust: 1.0

ykramarz@cisco.com: CVE-2020-3173
value: HIGH

Trust: 1.0

NVD: JVNDB-2020-002445
value: HIGH

Trust: 0.8

CNVD: CNVD-2020-14762
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202002-1242
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2020-3173
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

NVD: JVNDB-2020-002445
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

CNVD: CNVD-2020-14762
severity: MEDIUM
baseScore: 6.8
vectorString: AV:L/AC:L/AU:S/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.1
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2020-3173
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

ykramarz@cisco.com: CVE-2020-3173
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.0

Trust: 1.0

NVD: JVNDB-2020-002445
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2020-14762 // JVNDB: JVNDB-2020-002445 // CNNVD: CNNVD-202002-1242 // NVD: CVE-2020-3173 // NVD: CVE-2020-3173

PROBLEMTYPE DATA

problemtype:CWE-78

Trust: 1.8

sources: JVNDB: JVNDB-2020-002445 // NVD: CVE-2020-3173

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202002-1242

TYPE

operating system commend injection

Trust: 0.6

sources: CNNVD: CNNVD-202002-1242

CONFIGURATIONS

sources: JVNDB: JVNDB-2020-002445

PATCH

title:cisco-sa-20200226-ucs-cli-cmdinjurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-ucs-cli-cmdinj\

Trust: 0.8

title:Patch for Cisco UCS Manager Software Operating System Command Injection Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/206177

Trust: 0.6

title:Cisco UCS Manager Software Fixes for operating system command injection vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=110819

Trust: 0.6

sources: CNVD: CNVD-2020-14762 // JVNDB: JVNDB-2020-002445 // CNNVD: CNNVD-202002-1242

EXTERNAL IDS

db:NVDid:CVE-2020-3173

Trust: 3.0

db:JVNDBid:JVNDB-2020-002445

Trust: 0.8

db:CNVDid:CNVD-2020-14762

Trust: 0.6

db:AUSCERTid:ESB-2020.0711

Trust: 0.6

db:NSFOCUSid:46032

Trust: 0.6

db:CNNVDid:CNNVD-202002-1242

Trust: 0.6

sources: CNVD: CNVD-2020-14762 // JVNDB: JVNDB-2020-002445 // CNNVD: CNNVD-202002-1242 // NVD: CVE-2020-3173

REFERENCES

url:https://nvd.nist.gov/vuln/detail/cve-2020-3173

Trust: 2.0

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20200226-ucs-cli-cmdinj

Trust: 1.6

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3173

Trust: 0.8

url:https://www.auscert.org.au/bulletins/esb-2020.0711/

Trust: 0.6

url:http://www.nsfocus.net/vulndb/46032

Trust: 0.6

url:https://vigilance.fr/vulnerability/cisco-ucs-manager-software-privilege-escalation-via-cli-command-injection-31689

Trust: 0.6

sources: CNVD: CNVD-2020-14762 // JVNDB: JVNDB-2020-002445 // CNNVD: CNNVD-202002-1242 // NVD: CVE-2020-3173

CREDITS

Shreyans Mehta of Cequence Security and the CQ Prime Research Team for reporting this attack method.

Trust: 0.6

sources: CNNVD: CNNVD-202002-1242

SOURCES

db:CNVDid:CNVD-2020-14762
db:JVNDBid:JVNDB-2020-002445
db:CNNVDid:CNNVD-202002-1242
db:NVDid:CVE-2020-3173

LAST UPDATE DATE

2024-08-14T14:32:21.933000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2020-14762date:2020-03-01T00:00:00
db:JVNDBid:JVNDB-2020-002445date:2020-03-16T00:00:00
db:CNNVDid:CNNVD-202002-1242date:2020-03-09T00:00:00
db:NVDid:CVE-2020-3173date:2020-03-03T20:57:48.173

SOURCES RELEASE DATE

db:CNVDid:CNVD-2020-14762date:2020-03-01T00:00:00
db:JVNDBid:JVNDB-2020-002445date:2020-03-16T00:00:00
db:CNNVDid:CNNVD-202002-1242date:2020-02-26T00:00:00
db:NVDid:CVE-2020-3173date:2020-02-26T17:15:13.483