CVE-2018-0196

A vulnerability in the web-based user interface (web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker to write arbitrary files to the operating system of an affected device. The vulnerability is due to insufficient input validation of HTTP requests that are sent to the web UI of the affected software. An attacker could exploit this vulnerability by sending a malicious HTTP request to the web UI of the affected software. A successful exploit could allow the attacker to write arbitrary files to the operating system of an affected device. Cisco Bug IDs: CSCvb22645.

CVSS v3 4.9 MEDIUM
CVSS v2.0 4.0 MEDIUM

4.9^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.2 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

4.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:S/C:N/I:P/A:N

Exploitability : 8.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://www.securityfocus.com/bid/103570	Third Party Advisory VDB Entry
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-wfw	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:cisco:ios_xe:16.1.2:::::::*
	cpe:2.3:o:cisco:ios_xe:16.2.0:::::::*
	cpe:2.3:o:cisco:ios_xe:16.3\(1\):::::::*

History

No history.

Information

Published : 2018-03-28 22:29

Updated : 2024-02-28 16:25

NVD link : CVE-2018-0196

Mitre link : CVE-2018-0196

CVE.ORG link : CVE-2018-0196

JSON object : View

Products Affected

cisco

ios_xe

CWE

NVD-CWE-Other CWE-20

Improper Input Validation

{"id": "CVE-2018-0196", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.2}]}, "published": "2018-03-28T22:29:02.217", "references": [{"url": "http://www.securityfocus.com/bid/103570", "tags": ["Third Party Advisory", "VDB Entry"], "source": "ykramarz@cisco.com"}, {"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-wfw", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}, {"type": "Secondary", "source": "ykramarz@cisco.com", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the web-based user interface (web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker to write arbitrary files to the operating system of an affected device. The vulnerability is due to insufficient input validation of HTTP requests that are sent to the web UI of the affected software. An attacker could exploit this vulnerability by sending a malicious HTTP request to the web UI of the affected software. A successful exploit could allow the attacker to write arbitrary files to the operating system of an affected device. Cisco Bug IDs: CSCvb22645."}, {"lang": "es", "value": "Una vulnerabilidad en la interfaz de usuario web de Cisco IOS XE Software podr\u00eda permitir que un atacante remoto autenticado escriba archivos arbitrarios en el sistema operativo de un dispositivo afectado. La vulnerabilidad se debe a una validaci\u00f3n de entradas insuficiente de las peticiones HTTP que se env\u00edan a la interfaz web del software afectado. Un atacante podr\u00eda explotar esta vulnerabilidad enviando una petici\u00f3n HTTP manipulada a la interfaz de usuario web del software afectado. Si se explota esta vulnerabilidad con \u00e9xito, el atacante podr\u00eda escribir archivos arbitrarios en el sistema operativo de un dispositivo afectado. Cisco Bug IDs: CSCvb22645."}], "lastModified": "2020-10-22T16:22:55.173", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:ios_xe:16.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1A685A9A-235D-4D74-9D6C-AC49E75709CA"}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DC820348-1E2E-4791-BF56-419749F02162"}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.3\\(1\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D08E919C-BC85-49A4-B8FD-21B4C4A10B5D"}], "operator": "OR"}]}], "sourceIdentifier": "ykramarz@cisco.com"}