Sign-up

ID

VAR-202002-0701


CVE

CVE-2020-3173


TITLE

Cisco UCS Manager Software Operating System Command Injection Vulnerability

Trust: 1.2

sources: CNVD: CNVD-2020-14762 // CNNVD: CNNVD-202002-1242

DESCRIPTION

A vulnerability in the local management (local-mgmt) CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS) on an affected device. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by including crafted arguments to specific commands on the local management CLI. A successful exploit could allow the attacker to execute arbitrary commands on the underlying OS with the privileges of the currently logged-in user for all affected platforms excluding Cisco UCS 6400 Series Fabric Interconnects. On Cisco UCS 6400 Series Fabric Interconnects, the injected commands are executed with root privileges. Cisco UCS Manager The software contains vulnerabilities to inadequate validation of data reliability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state

Trust: 2.16

sources: NVD: CVE-2020-3173 // JVNDB: JVNDB-2020-002445 // CNVD: CNVD-2020-14762

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2020-14762

AFFECTED PRODUCTS

vendor:ciscomodel:ucs managerscope:gteversion:4.0

Trust: 1.0

vendor:ciscomodel:ucs managerscope:ltversion:4.0\(4c\)

Trust: 1.0

vendor:ciscomodel:ucs managerscope:ltversion:3.2\(3n\)

Trust: 1.0

vendor:ciscomodel:ucs managerscope: - version: -

Trust: 0.8

vendor:ciscomodel:ucs series fabric interconnectsscope:eqversion:6200

Trust: 0.6

vendor:ciscomodel:ucs series fabric interconnectsscope:eqversion:6300

Trust: 0.6

vendor:ciscomodel:ucs series fabric interconnectsscope:eqversion:6400

Trust: 0.6

vendor:ciscomodel:ucs 6248upscope:eqversion: -

Trust: 0.6

vendor:ciscomodel:ucs 6332-16upscope:eqversion: -

Trust: 0.6

vendor:ciscomodel:ucs 6332scope:eqversion: -

Trust: 0.6

vendor:ciscomodel:ucs managerscope:eqversion:4.0

Trust: 0.6

vendor:ciscomodel:ucs managerscope:eqversion:3.2

Trust: 0.6

vendor:ciscomodel:ucs 64108scope:eqversion: -

Trust: 0.6

vendor:ciscomodel:ucs 6324scope:eqversion: -

Trust: 0.6

vendor:ciscomodel:ucs managerscope:eqversion:3.23m

Trust: 0.6

vendor:ciscomodel:ucs 6454scope:eqversion: -

Trust: 0.6

vendor:ciscomodel:ucs 6296upscope:eqversion: -

Trust: 0.6

sources: CNVD: CNVD-2020-14762 // JVNDB: JVNDB-2020-002445 // CNNVD: CNNVD-202002-1242 // NVD: CVE-2020-3173

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-3173
value: HIGH

Trust: 1.0

ykramarz@cisco.com: CVE-2020-3173
value: HIGH

Trust: 1.0

NVD: JVNDB-2020-002445
value: HIGH

Trust: 0.8

CNVD: CNVD-2020-14762
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202002-1242
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2020-3173
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

NVD: JVNDB-2020-002445
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

CNVD: CNVD-2020-14762
severity: MEDIUM
baseScore: 6.8
vectorString: AV:L/AC:L/AU:S/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.1
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2020-3173
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

ykramarz@cisco.com: CVE-2020-3173
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.0

Trust: 1.0

NVD: JVNDB-2020-002445
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2020-14762 // JVNDB: JVNDB-2020-002445 // CNNVD: CNNVD-202002-1242 // NVD: CVE-2020-3173 // NVD: CVE-2020-3173

PROBLEMTYPE DATA

problemtype:CWE-78

Trust: 1.8

sources: JVNDB: JVNDB-2020-002445 // NVD: CVE-2020-3173

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202002-1242

TYPE

operating system commend injection

Trust: 0.6

sources: CNNVD: CNNVD-202002-1242

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2020-002445

PATCH
title:cisco-sa-20200226-ucs-cli-cmdinjurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-ucs-cli-cmdinj\
Trust: 0.8
title:Patch for Cisco UCS Manager Software Operating System Command Injection Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/206177
Trust: 0.6
title:Cisco UCS Manager Software Fixes for operating system command injection vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=110819
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2020-14762 // 
            
            
            
            JVNDB: JVNDB-2020-002445 // 
            
            
            
            CNNVD: CNNVD-202002-1242

EXTERNAL IDS
db:NVDid:CVE-2020-3173
Trust: 3.0
db:JVNDBid:JVNDB-2020-002445
Trust: 0.8
db:CNVDid:CNVD-2020-14762
Trust: 0.6
db:AUSCERTid:ESB-2020.0711
Trust: 0.6
db:NSFOCUSid:46032
Trust: 0.6
db:CNNVDid:CNNVD-202002-1242
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2020-14762 // 
            
            
            
            JVNDB: JVNDB-2020-002445 // 
            
            
            
            CNNVD: CNNVD-202002-1242 // 
            
            
            
            NVD: CVE-2020-3173

REFERENCES
url:https://nvd.nist.gov/vuln/detail/cve-2020-3173
Trust: 2.0
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20200226-ucs-cli-cmdinj
Trust: 1.6
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3173
Trust: 0.8
url:https://www.auscert.org.au/bulletins/esb-2020.0711/
Trust: 0.6
url:http://www.nsfocus.net/vulndb/46032
Trust: 0.6
url:https://vigilance.fr/vulnerability/cisco-ucs-manager-software-privilege-escalation-via-cli-command-injection-31689
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2020-14762 // 
            
            
            
            JVNDB: JVNDB-2020-002445 // 
            
            
            
            CNNVD: CNNVD-202002-1242 // 
            
            
            
            NVD: CVE-2020-3173

CREDITS
Shreyans Mehta of Cequence Security and the CQ Prime Research Team for reporting this attack method.
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-202002-1242

SOURCES
db:CNVDid:CNVD-2020-14762
db:JVNDBid:JVNDB-2020-002445
db:CNNVDid:CNNVD-202002-1242
db:NVDid:CVE-2020-3173

LAST UPDATE DATE
2024-08-14T14:32:21.933000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2020-14762date:2020-03-01T00:00:00
db:JVNDBid:JVNDB-2020-002445date:2020-03-16T00:00:00
db:CNNVDid:CNNVD-202002-1242date:2020-03-09T00:00:00
db:NVDid:CVE-2020-3173date:2020-03-03T20:57:48.173

SOURCES RELEASE DATE
db:CNVDid:CNVD-2020-14762date:2020-03-01T00:00:00
db:JVNDBid:JVNDB-2020-002445date:2020-03-16T00:00:00
db:CNNVDid:CNNVD-202002-1242date:2020-02-26T00:00:00
db:NVDid:CVE-2020-3173date:2020-02-26T17:15:13.483