CVE-2018-0099

{"id": "CVE-2018-0099", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "authentication": "SINGLE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2018-01-18T06:29:01.003", "references": [{"url": "http://www.securityfocus.com/bid/102731", "tags": ["Third Party Advisory", "VDB Entry"], "source": "ykramarz@cisco.com"}, {"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180117-ntr", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-78"}]}, {"type": "Secondary", "source": "ykramarz@cisco.com", "description": [{"lang": "en", "value": "CWE-78"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the web management GUI of the Cisco D9800 Network Transport Receiver could allow an authenticated, remote attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of GUI command arguments. An attacker could exploit this vulnerability by injecting crafted arguments into a vulnerable GUI command. An exploit could allow the attacker to execute commands on the underlying BusyBox operating system. These commands are run at the privilege level of the authenticated user. The attacker needs valid device credentials for this attack. Cisco Bug IDs: CSCvg74691."}, {"lang": "es", "value": "Una vulnerabilidad en la interfaz gr\u00e1fica de usuario de administraci\u00f3n web de Cisco D9800 Network Transport Receiver podr\u00eda permitir que un atacante remoto autenticado realice un ataque de inyecci\u00f3n de comandos. La vulnerabilidad se debe a una validaci\u00f3n de entrada insuficiente de algunos argumentos de comandos de la interfaz de usuario gr\u00e1fica. Un atacante podr\u00eda explotar esta vulnerabilidad inyectando argumentos manipulados en un comando de interfaz de usuario gr\u00e1fica vulnerable. Una explotaci\u00f3n exitosa podr\u00eda permitir que un atacante ejecute comandos en el sistema operativo BusyBox subyacente. Estos comandos se ejecutan al nivel de privilegios del usuario autenticado. El atacante necesita credenciales del dispositivo v\u00e1lidas para este ataque. Cisco Bug IDs: CSCvg74691."}], "lastModified": "2019-10-09T23:31:13.753", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:d9800_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "49C5BD82-05E9-400B-99BE-0430F4206A72"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:d9800:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D744F5B3-E319-4AF7-9472-475CEE03BDA9"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "ykramarz@cisco.com"}