cnvd - cnvd-2019-22206

cnvd-2019-22206

Vulnerability from cnvd

Title: Cisco Unified Communications Domain Manager安全绕过漏洞

Description:

Cisco Unified Communications Domain Manager（CUCDM）是美国思科（Cisco）公司的一款专用于统一通信解决方案中的呼叫处理组件。该组件具备可扩展、可分布、高度可用的企业IP语音呼叫处理功能。

Cisco Unified CDM 11.5(3) PB3及之前版本中的CLI存在安全漏洞，该漏洞源于程序未能充分地验证shell命令。本地攻击者可利用该漏洞绕过被限制的shell，访问命令。

Severity: 中

Patch Name: Cisco Unified Communications Domain Manager安全绕过漏洞的补丁

Patch Description:

Cisco Unified CDM 11.5(3) PB3及之前版本中的CLI存在安全漏洞，该漏洞源于程序未能充分地验证shell命令。本地攻击者可利用该漏洞绕过被限制的shell，访问命令。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvj07167

Reference: http://www.securityfocus.com/bid/109051

Impacted products

Name
Cisco Cisco Unified Communications Domain Manager（CUCDM） <=11.5(3) PB3

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "109051"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2019-1911",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2019-1911"
    }
  },
  "description": "Cisco Unified Communications Domain Manager\uff08CUCDM\uff09\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u4e13\u7528\u4e8e\u7edf\u4e00\u901a\u4fe1\u89e3\u51b3\u65b9\u6848\u4e2d\u7684\u547c\u53eb\u5904\u7406\u7ec4\u4ef6\u3002\u8be5\u7ec4\u4ef6\u5177\u5907\u53ef\u6269\u5c55\u3001\u53ef\u5206\u5e03\u3001\u9ad8\u5ea6\u53ef\u7528\u7684\u4f01\u4e1aIP\u8bed\u97f3\u547c\u53eb\u5904\u7406\u529f\u80fd\u3002\n\nCisco Unified CDM 11.5(3) PB3\u53ca\u4e4b\u524d\u7248\u672c\u4e2d\u7684CLI\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u672a\u80fd\u5145\u5206\u5730\u9a8c\u8bc1shell\u547d\u4ee4\u3002\u672c\u5730\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u7ed5\u8fc7\u88ab\u9650\u5236\u7684shell\uff0c\u8bbf\u95ee\u547d\u4ee4\u3002",
  "discovererName": "Cisco",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://bst.cloudapps.cisco.com/bugsearch/bug/CSCvj07167",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2019-22206",
  "openTime": "2019-07-12",
  "patchDescription": "Cisco Unified Communications Domain Manager\uff08CUCDM\uff09\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u4e13\u7528\u4e8e\u7edf\u4e00\u901a\u4fe1\u89e3\u51b3\u65b9\u6848\u4e2d\u7684\u547c\u53eb\u5904\u7406\u7ec4\u4ef6\u3002\u8be5\u7ec4\u4ef6\u5177\u5907\u53ef\u6269\u5c55\u3001\u53ef\u5206\u5e03\u3001\u9ad8\u5ea6\u53ef\u7528\u7684\u4f01\u4e1aIP\u8bed\u97f3\u547c\u53eb\u5904\u7406\u529f\u80fd\u3002\r\n\r\nCisco Unified CDM 11.5(3) PB3\u53ca\u4e4b\u524d\u7248\u672c\u4e2d\u7684CLI\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u672a\u80fd\u5145\u5206\u5730\u9a8c\u8bc1shell\u547d\u4ee4\u3002\u672c\u5730\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u7ed5\u8fc7\u88ab\u9650\u5236\u7684shell\uff0c\u8bbf\u95ee\u547d\u4ee4\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cisco Unified Communications Domain Manager\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Cisco Cisco Unified Communications Domain Manager\uff08CUCDM\uff09 \u003c=11.5(3) PB3"
  },
  "referenceLink": "http://www.securityfocus.com/bid/109051",
  "serverity": "\u4e2d",
  "submitTime": "2019-07-11",
  "title": "Cisco Unified Communications Domain Manager\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e"
}

CVE-2019-1911 (GCVE-0-2019-1911)

Vulnerability from cvelistv5

Published

2019-07-06 01:20

Modified

2024-11-21 19:19

Severity ?

5.3 (Medium) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CWE

CWE-216

Summary

A vulnerability in the CLI of Cisco Unified Communications Domain Manager (Cisco Unified CDM) Software could allow an authenticated, local attacker to escape the restricted shell. The vulnerability is due to insufficient input validation of shell commands. An attacker could exploit this vulnerability by executing crafted commands in the shell. A successful exploit could allow the attacker to escape the restricted shell and access commands in the context of the restricted shell user, which does not have root privileges.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-cucdm-rsh	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Unified Communications Domain Manager	Version: unspecified < 11.5(3)PB4

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T18:35:50.818Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20190703 Cisco Unified Communications Domain Manager Restricted Shell Escape Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-cucdm-rsh"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-1911",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-21T18:57:55.924230Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-21T19:19:56.233Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Unified Communications Domain Manager",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "11.5(3)PB4",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2019-07-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the CLI of Cisco Unified Communications Domain Manager (Cisco Unified CDM) Software could allow an authenticated, local attacker to escape the restricted shell. The vulnerability is due to insufficient input validation of shell commands. An attacker could exploit this vulnerability by executing crafted commands in the shell. A successful exploit could allow the attacker to escape the restricted shell and access commands in the context of the restricted shell user, which does not have root privileges."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-216",
              "description": "CWE-216",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-07-06T01:20:10",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20190703 Cisco Unified Communications Domain Manager Restricted Shell Escape Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-cucdm-rsh"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20190703-cucdm-rsh",
        "defect": [
          [
            "CSCvj07167"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Unified Communications Domain Manager Restricted Shell Escape Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2019-07-03T16:00:00-0700",
          "ID": "CVE-2019-1911",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Unified Communications Domain Manager Restricted Shell Escape Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Unified Communications Domain Manager",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "11.5(3)PB4"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the CLI of Cisco Unified Communications Domain Manager (Cisco Unified CDM) Software could allow an authenticated, local attacker to escape the restricted shell. The vulnerability is due to insufficient input validation of shell commands. An attacker could exploit this vulnerability by executing crafted commands in the shell. A successful exploit could allow the attacker to escape the restricted shell and access commands in the context of the restricted shell user, which does not have root privileges."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "5.3",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-216"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20190703 Cisco Unified Communications Domain Manager Restricted Shell Escape Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-cucdm-rsh"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20190703-cucdm-rsh",
          "defect": [
            [
              "CSCvj07167"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2019-1911",
    "datePublished": "2019-07-06T01:20:10.457679Z",
    "dateReserved": "2018-12-06T00:00:00",
    "dateUpdated": "2024-11-21T19:19:56.233Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted