CVE-2019-1646

{"id": "CVE-2019-1646", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Secondary", "source": "ykramarz@cisco.com", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2019-01-24T15:29:00.643", "references": [{"url": "http://www.securityfocus.com/bid/106723", "tags": ["Third Party Advisory", "VDB Entry"], "source": "ykramarz@cisco.com"}, {"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-escal", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-77"}]}, {"type": "Secondary", "source": "ykramarz@cisco.com", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the local CLI of the Cisco SD-WAN Solution could allow an authenticated, local attacker to escalate privileges and modify device configuration files. The vulnerability exists because user input is not properly sanitized for certain commands at the CLI. An attacker could exploit this vulnerability by sending crafted commands to the CLI of an affected device. A successful exploit could allow the attacker to establish an interactive session with elevated privileges. The attacker could then use the elevated privileges to further compromise the device or obtain additional configuration data from the device."}, {"lang": "es", "value": "Una vulnerabilidad en la interfaz de l\u00ednea de comandos (CLI) local de la soluci\u00f3n Cisco SD-WAN podr\u00eda permitir a un atacante local autenticado escalar privilegios y modificar los archivos de configuraci\u00f3n de dispositivo. La vulnerabilidad existe porque las entradas del usuario no se sanean de manera correcta para determinados comandos en la CLI. Un atacante podr\u00eda explotar esta vulnerabilidad enviando comandos manipulados a la CLI de un dispositivo afectado. Un exploit con \u00e9xito podr\u00eda permitir que el atacante establezca una sesi\u00f3n interactiva con privilegios escalados. Posteriormente, el atacante podr\u00eda utilizar dichos privilegios elevados para comprometer el dispositivo u obtener datos de configuraci\u00f3n adicionales."}], "lastModified": "2020-10-05T19:10:56.130", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:vedge_100_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8569BEE0-3BDA-4349-9FAC-6ACE0A4E3C28"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "00AAB4DD-1C45-412F-84AA-C056A0BBFB9A"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:vedge_1000_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "93A1525E-AB99-4217-8C31-1F040710B155"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F019975D-3A45-4522-9CB9-F4258C371DF6"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:vedge_2000_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "50272035-AE86-4BD5-88FA-929157267BC8"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "140AF13E-4463-478B-AA94-97406A80CB86"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:vedge_5000_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ACE381F7-295F-4F05-84B0-3F07E099AD59"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1356861D-E6CA-4973-9597-629507E8C07E"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:sd-wan:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "698D777B-1AB1-4A54-98EC-8948BF287DA9", "versionEndExcluding": "18.4.0"}, {"criteria": "cpe:2.3:a:cisco:vbond_orchestrator:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BA648664-0734-4D02-8944-CA4DF4D756D6"}, {"criteria": "cpe:2.3:a:cisco:vmanage_network_management:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DDF9528B-1D1E-4CF2-ABA8-D01CC6F4A8BD"}, {"criteria": "cpe:2.3:a:cisco:vsmart_controller:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2F16884C-A2EE-4867-8806-6418E000078C"}], "operator": "OR"}]}], "sourceIdentifier": "ykramarz@cisco.com"}