cnvd - cnvd-2019-02811

cnvd-2019-02811

Vulnerability from cnvd

Title: Cisco Identity Services Engine访问控制错误漏洞

Description:

Cisco Identity Services Engine（ISE）是美国思科（Cisco）公司的一款基于身份的环境感知平台（ISE身份服务引擎）。该平台通过收集网络、用户和设备中的实时信息，制定并实施相应策略来监管网络。

Cisco ISE中的管理Web界面存在访问控制错误漏洞，远程攻击者可通过使用管理员账户向设备进行身份验证并发送特制的HTTP请求利用该漏洞获取其他额外的权限。

Severity: 高

Patch Name: Cisco Identity Services Engine访问控制错误漏洞的补丁

Patch Description:

Cisco ISE中的管理Web界面存在访问控制错误漏洞，远程攻击者可通过使用管理员账户向设备进行身份验证并发送特制的HTTP请求利用该漏洞获取其他额外的权限。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

厂商已发布了漏洞修复程序，请及时关注更新： https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-ise-privilege

Reference: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-ise-privilege

Impacted products

Name
Cisco Identity Services Engine 无

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-15459"
    }
  },
  "description": "Cisco Identity Services Engine\uff08ISE\uff09\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u57fa\u4e8e\u8eab\u4efd\u7684\u73af\u5883\u611f\u77e5\u5e73\u53f0\uff08ISE\u8eab\u4efd\u670d\u52a1\u5f15\u64ce\uff09\u3002\u8be5\u5e73\u53f0\u901a\u8fc7\u6536\u96c6\u7f51\u7edc\u3001\u7528\u6237\u548c\u8bbe\u5907\u4e2d\u7684\u5b9e\u65f6\u4fe1\u606f\uff0c\u5236\u5b9a\u5e76\u5b9e\u65bd\u76f8\u5e94\u7b56\u7565\u6765\u76d1\u7ba1\u7f51\u7edc\u3002\n\nCisco ISE\u4e2d\u7684\u7ba1\u7406Web\u754c\u9762\u5b58\u5728\u8bbf\u95ee\u63a7\u5236\u9519\u8bef\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u4f7f\u7528\u7ba1\u7406\u5458\u8d26\u6237\u5411\u8bbe\u5907\u8fdb\u884c\u8eab\u4efd\u9a8c\u8bc1\u5e76\u53d1\u9001\u7279\u5236\u7684HTTP\u8bf7\u6c42\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u5176\u4ed6\u989d\u5916\u7684\u6743\u9650\u3002",
  "discovererName": "Cisco",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-ise-privilege",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2019-02811",
  "openTime": "2019-01-25",
  "patchDescription": "Cisco Identity Services Engine\uff08ISE\uff09\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u57fa\u4e8e\u8eab\u4efd\u7684\u73af\u5883\u611f\u77e5\u5e73\u53f0\uff08ISE\u8eab\u4efd\u670d\u52a1\u5f15\u64ce\uff09\u3002\u8be5\u5e73\u53f0\u901a\u8fc7\u6536\u96c6\u7f51\u7edc\u3001\u7528\u6237\u548c\u8bbe\u5907\u4e2d\u7684\u5b9e\u65f6\u4fe1\u606f\uff0c\u5236\u5b9a\u5e76\u5b9e\u65bd\u76f8\u5e94\u7b56\u7565\u6765\u76d1\u7ba1\u7f51\u7edc\u3002\r\n\r\nCisco ISE\u4e2d\u7684\u7ba1\u7406Web\u754c\u9762\u5b58\u5728\u8bbf\u95ee\u63a7\u5236\u9519\u8bef\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u4f7f\u7528\u7ba1\u7406\u5458\u8d26\u6237\u5411\u8bbe\u5907\u8fdb\u884c\u8eab\u4efd\u9a8c\u8bc1\u5e76\u53d1\u9001\u7279\u5236\u7684HTTP\u8bf7\u6c42\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u5176\u4ed6\u989d\u5916\u7684\u6743\u9650\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cisco Identity Services Engine\u8bbf\u95ee\u63a7\u5236\u9519\u8bef\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Cisco Identity Services Engine \u65e0"
  },
  "referenceLink": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-ise-privilege",
  "serverity": "\u9ad8",
  "submitTime": "2019-01-24",
  "title": "Cisco Identity Services Engine\u8bbf\u95ee\u63a7\u5236\u9519\u8bef\u6f0f\u6d1e"
}

CVE-2018-15459 (GCVE-0-2018-15459)

Vulnerability from cvelistv5

Published

2019-01-23 22:00

Modified

2024-11-20 17:30

Severity ?

6.5 (Medium) - CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

CWE

CWE-284

Summary

A vulnerability in the administrative web interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to gain additional privileges on an affected device. The vulnerability is due to improper controls on certain pages in the web interface. An attacker could exploit this vulnerability by authenticating to the device with an administrator account and sending a crafted HTTP request. A successful exploit could allow the attacker to create additional Admin accounts with different user roles. An attacker could then use these accounts to perform actions within their scope. The attacker would need valid Admin credentials for the device. This vulnerability cannot be exploited to add a Super Admin account.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-ise-privilege	vendor-advisory, x_refsource_CISCO
	http://www.securityfocus.com/bid/106707	vdb-entry, x_refsource_BID

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Identity Services Engine Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T09:54:03.512Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20190123 Cisco Identity Services Engine Privilege Escalation Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-ise-privilege"
          },
          {
            "name": "106707",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/106707"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2018-15459",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-20T16:56:17.419074Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-20T17:30:09.990Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Identity Services Engine Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2019-01-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the administrative web interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to gain additional privileges on an affected device. The vulnerability is due to improper controls on certain pages in the web interface. An attacker could exploit this vulnerability by authenticating to the device with an administrator account and sending a crafted HTTP request. A successful exploit could allow the attacker to create additional Admin accounts with different user roles. An attacker could then use these accounts to perform actions within their scope. The attacker would need valid Admin credentials for the device. This vulnerability cannot be exploited to add a Super Admin account."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-284",
              "description": "CWE-284",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-01-25T10:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20190123 Cisco Identity Services Engine Privilege Escalation Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-ise-privilege"
        },
        {
          "name": "106707",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/106707"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20190123-ise-privilege",
        "defect": [
          [
            "CSCvi44041"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Identity Services Engine Privilege Escalation Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2019-01-23T16:00:00-0800",
          "ID": "CVE-2018-15459",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Identity Services Engine Privilege Escalation Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Identity Services Engine Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the administrative web interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to gain additional privileges on an affected device. The vulnerability is due to improper controls on certain pages in the web interface. An attacker could exploit this vulnerability by authenticating to the device with an administrator account and sending a crafted HTTP request. A successful exploit could allow the attacker to create additional Admin accounts with different user roles. An attacker could then use these accounts to perform actions within their scope. The attacker would need valid Admin credentials for the device. This vulnerability cannot be exploited to add a Super Admin account."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "6.5",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-284"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20190123 Cisco Identity Services Engine Privilege Escalation Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-ise-privilege"
            },
            {
              "name": "106707",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/106707"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20190123-ise-privilege",
          "defect": [
            [
              "CSCvi44041"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2018-15459",
    "datePublished": "2019-01-23T22:00:00Z",
    "dateReserved": "2018-08-17T00:00:00",
    "dateUpdated": "2024-11-20T17:30:09.990Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted