CVE-2018-0221

{"id": "CVE-2018-0221", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 6.7, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 0.8}]}, "published": "2018-03-08T07:29:01.160", "references": [{"url": "http://www.securityfocus.com/bid/103347", "tags": ["Third Party Advisory", "VDB Entry"], "source": "ykramarz@cisco.com"}, {"url": "http://www.securitytracker.com/id/1040471", "tags": ["Third Party Advisory", "VDB Entry"], "source": "ykramarz@cisco.com"}, {"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180307-ise6", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}, {"url": "http://www.securityfocus.com/bid/103347", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id/1040471", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180307-ise6", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "ykramarz@cisco.com", "description": [{"lang": "en", "value": "CWE-78"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-78"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in specific CLI commands for the Cisco Identity Services Engine (ISE) could allow an authenticated, local attacker to perform command injection to the underlying operating system or cause a hang or disconnect of the user session. The attacker needs valid administrator credentials for the device. The vulnerability is due to incomplete input validation of user input for certain CLI ISE configuration commands. An attacker could exploit this vulnerability by authenticating as an administrative user, issuing a specific CLI command, and entering crafted, malicious user input for the command parameters. An exploit could allow the attacker to perform command injection to the lower-level Linux operating system. It is also possible the attacker could cause the ISE user interface for this management session to hang or disconnect. Cisco Bug IDs: CSCvg95479."}, {"lang": "es", "value": "Una vulnerabilidad en determinados comandos de la interfaz de l\u00ednea de comandos (CLI) para Cisco Identity Services Engine (ISE) podr\u00eda permitir que un atacante local autenticado inyecte comandos en el sistema operativo subyacente o hacer que la sesi\u00f3n del usuario se cuelgue o se desconecte. El atacante necesitar\u00eda tener credenciales de administrador v\u00e1lidos para el dispositivo. La vulnerabilidad se debe a la validaci\u00f3n insuficiente de la entrada de datos por parte del usuario para determinados comandos de configuraci\u00f3n de CLI de ISE. Un atacante podr\u00eda explotar esta vulnerabilidad autentic\u00e1ndose como un usuario administrativo, enviando un comando CLI espec\u00edfico e introduciendo valores de entrada del usuario maliciosos y manipulados para los par\u00e1metros de los comandos. Si se explota esta vulnerabilidad, el atacante podr\u00eda realizar una inyecci\u00f3n de comandos en el sistema operativo Linux de nivel inferior. El atacante tambi\u00e9n podr\u00eda hacer que se desconecte o cuelgue la interfaz de usuario de ISE para esta sesi\u00f3n de administraci\u00f3n. Cisco Bug IDs: CSCvg95479."}], "lastModified": "2024-11-21T03:37:45.760", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:identity_services_engine:2.0\\(0.249\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3943D6BB-A91D-4869-A139-470290CD094D"}, {"criteria": "cpe:2.3:a:cisco:identity_services_engine:2.1\\(0.474\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F8E53B93-2A49-4B3F-8487-E45D8F70F64C"}, {"criteria": "cpe:2.3:a:cisco:identity_services_engine:2.2\\(0.470\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DF54E8D0-76EE-40DE-A971-000C0B66A373"}, {"criteria": "cpe:2.3:a:cisco:identity_services_engine:2.2\\(0.903\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "017A3477-5FA5-4D8D-8C33-14E1209CABA7"}, {"criteria": "cpe:2.3:a:cisco:identity_services_engine:2.3\\(0.298\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "422288B0-9F85-4420-8E5E-83378E099853"}, {"criteria": "cpe:2.3:a:cisco:identity_services_engine:2.4\\(0.192\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A2D7369E-33E1-495C-A8A2-0C706FA371E9"}], "operator": "OR"}]}], "sourceIdentifier": "ykramarz@cisco.com"}