cnvd - cnvd-2018-16066

cnvd-2018-16066

Vulnerability from cnvd

Title: Cisco IP Phone 6800、7800、8800系列命令注入漏洞

Description:

Cisco IP Phone 6800、7800和8800 Series都是美国思科（Cisco）公司的不同系列的IP电话产品。Multiplatform Firmware是运行在其中的一套支持多平台的防火墙软件。

Cisco IP Phone 6800、7800和8800使用Multiplatform Firmware 11.2(1)之前版本的系列中存在基于Web的UI存在命令注入漏洞。该漏洞源于输入验证不足。远程认证攻击者可利用该漏洞执行命令注入并以Web服务器权限执行命令。

Severity: 高

Patch Name: Cisco IP Phone 6800、7800、8800系列命令注入漏洞的补丁

Patch Description:

Cisco IP Phone 6800、7800和8800 Series都是美国思科（Cisco）公司的不同系列的IP电话产品。Multiplatform Firmware是运行在其中的一套支持多平台的防火墙软件。

Cisco IP Phone 6800、7800和8800使用Multiplatform Firmware 11.2(1)之前版本的系列中存在基于Web的UI存在命令注入漏洞。该漏洞源于输入验证不足。远程认证攻击者可利用该漏洞执行命令注入并以Web服务器权限执行命令。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

厂商已发布漏洞修复程序，请及时关注更新： https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180711-phone-webui-inject

Reference: https://nvd.nist.gov/vuln/detail/CVE-2018-0341

Impacted products

Name
['Cisco IP Phone 6800 Series with Multiplatform Firmware 11.0(2)', 'Cisco IP Phone 8800 Series with Multiplatform Firmware 11.0(2)', 'Cisco IP Phone 7800 Series with Multiplatform Firmware 11.0(2)']

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "104731"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-0341"
    }
  },
  "description": "Cisco IP Phone 6800\u30017800\u548c8800 Series\u90fd\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4e0d\u540c\u7cfb\u5217\u7684IP\u7535\u8bdd\u4ea7\u54c1\u3002Multiplatform Firmware\u662f\u8fd0\u884c\u5728\u5176\u4e2d\u7684\u4e00\u5957\u652f\u6301\u591a\u5e73\u53f0\u7684\u9632\u706b\u5899\u8f6f\u4ef6\u3002\r\n\r\nCisco IP Phone 6800\u30017800\u548c8800\u4f7f\u7528Multiplatform Firmware 11.2(1)\u4e4b\u524d\u7248\u672c\u7684\u7cfb\u5217\u4e2d\u5b58\u5728\u57fa\u4e8eWeb\u7684UI\u5b58\u5728\u547d\u4ee4\u6ce8\u5165\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u8f93\u5165\u9a8c\u8bc1\u4e0d\u8db3\u3002\u8fdc\u7a0b\u8ba4\u8bc1\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u547d\u4ee4\u6ce8\u5165\u5e76\u4ee5Web\u670d\u52a1\u5668\u6743\u9650\u6267\u884c\u547d\u4ee4\u3002",
  "discovererName": "The vendor reported this issue",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180711-phone-webui-inject",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-16066",
  "openTime": "2018-08-23",
  "patchDescription": "Cisco IP Phone 6800\u30017800\u548c8800 Series\u90fd\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4e0d\u540c\u7cfb\u5217\u7684IP\u7535\u8bdd\u4ea7\u54c1\u3002Multiplatform Firmware\u662f\u8fd0\u884c\u5728\u5176\u4e2d\u7684\u4e00\u5957\u652f\u6301\u591a\u5e73\u53f0\u7684\u9632\u706b\u5899\u8f6f\u4ef6\u3002\r\n\r\nCisco IP Phone 6800\u30017800\u548c8800\u4f7f\u7528Multiplatform Firmware 11.2(1)\u4e4b\u524d\u7248\u672c\u7684\u7cfb\u5217\u4e2d\u5b58\u5728\u57fa\u4e8eWeb\u7684UI\u5b58\u5728\u547d\u4ee4\u6ce8\u5165\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u8f93\u5165\u9a8c\u8bc1\u4e0d\u8db3\u3002\u8fdc\u7a0b\u8ba4\u8bc1\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u547d\u4ee4\u6ce8\u5165\u5e76\u4ee5Web\u670d\u52a1\u5668\u6743\u9650\u6267\u884c\u547d\u4ee4\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cisco IP Phone 6800\u30017800\u30018800\u7cfb\u5217\u547d\u4ee4\u6ce8\u5165\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Cisco IP Phone 6800 Series with Multiplatform Firmware 11.0(2)",
      "Cisco IP Phone 8800 Series with Multiplatform Firmware  11.0(2)",
      "Cisco IP Phone 7800 Series with Multiplatform Firmware 11.0(2)"
    ]
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2018-0341",
  "serverity": "\u9ad8",
  "submitTime": "2018-07-12",
  "title": "Cisco IP Phone 6800\u30017800\u30018800\u7cfb\u5217\u547d\u4ee4\u6ce8\u5165\u6f0f\u6d1e"
}

CVE-2018-0341 (GCVE-0-2018-0341)

Vulnerability from cvelistv5

Published

2018-07-16 17:00

Modified

2024-11-29 14:55

Severity ?

CWE

CWE-77

Summary

A vulnerability in the web-based UI of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware before 11.2(1) could allow an authenticated, remote attacker to perform a command injection and execute commands with the privileges of the web server. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including arbitrary shell commands in a specific user input field. Cisco Bug IDs: CSCvi51426.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180711-phone-webui-inject	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/104731	vdb-entry, x_refsource_BID
	http://www.securitytracker.com/id/1041285	vdb-entry, x_refsource_SECTRACK

Impacted products

	Vendor	Product	Version
	n/a	Cisco IP Phone 6800, 7800, and 8800 unknown	Version: Cisco IP Phone 6800, 7800, and 8800 unknown

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T03:21:15.498Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180711-phone-webui-inject"
          },
          {
            "name": "104731",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/104731"
          },
          {
            "name": "1041285",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1041285"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2018-0341",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-29T14:41:49.674632Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-29T14:55:26.418Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IP Phone 6800, 7800, and 8800 unknown",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Cisco IP Phone 6800, 7800, and 8800 unknown"
            }
          ]
        }
      ],
      "datePublic": "2018-07-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the web-based UI of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware before 11.2(1) could allow an authenticated, remote attacker to perform a command injection and execute commands with the privileges of the web server. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including arbitrary shell commands in a specific user input field. Cisco Bug IDs: CSCvi51426."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-77",
              "description": "CWE-77",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-07-17T09:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180711-phone-webui-inject"
        },
        {
          "name": "104731",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/104731"
        },
        {
          "name": "1041285",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1041285"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2018-0341",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco IP Phone 6800, 7800, and 8800 unknown",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Cisco IP Phone 6800, 7800, and 8800 unknown"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the web-based UI of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware before 11.2(1) could allow an authenticated, remote attacker to perform a command injection and execute commands with the privileges of the web server. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including arbitrary shell commands in a specific user input field. Cisco Bug IDs: CSCvi51426."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-77"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180711-phone-webui-inject",
              "refsource": "CONFIRM",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180711-phone-webui-inject"
            },
            {
              "name": "104731",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/104731"
            },
            {
              "name": "1041285",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1041285"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2018-0341",
    "datePublished": "2018-07-16T17:00:00",
    "dateReserved": "2017-11-27T00:00:00",
    "dateUpdated": "2024-11-29T14:55:26.418Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted