cnvd - cnvd-2019-36452

cnvd-2019-36452

Vulnerability from cnvd

Title: Cisco SPA100 Series Analog Telephone Adapters缓冲区溢出漏洞（CNVD-2019-36452）

Description:

Cisco SPA100 Series Analog Telephone Adapters（ATAs）是美国思科（Cisco）公司的一款SPA100系列模拟电话适配器。

Cisco SPA100 Series ATAs中存在缓冲区溢出漏洞，该漏洞源于程序未能正确验证用户提交的输入，攻击者可通过对该管理界面进行身份验证并发送特制的请求利用该漏洞以提升的权限执行任意代码。

Severity: 中

Patch Name: Cisco SPA100 Series Analog Telephone Adapters缓冲区溢出漏洞（CNVD-2019-36452）的补丁

Patch Description:

Cisco SPA100 Series Analog Telephone Adapters（ATAs）是美国思科（Cisco）公司的一款SPA100系列模拟电话适配器。

Cisco SPA100 Series ATAs中存在缓冲区溢出漏洞，该漏洞源于程序未能正确验证用户提交的输入，攻击者可通过对该管理界面进行身份验证并发送特制的请求利用该漏洞以提升的权限执行任意代码。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

厂商已发布了漏洞修复程序，请及时关注更新： https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-spa-rce

Reference: https://nvd.nist.gov/vuln/detail/CVE-2019-15247 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-spa-rce

Impacted products

Name
Cisco SPA100 Series ATAs

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2019-15247"
    }
  },
  "description": "Cisco SPA100 Series Analog Telephone Adapters\uff08ATAs\uff09\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4e00\u6b3eSPA100\u7cfb\u5217\u6a21\u62df\u7535\u8bdd\u9002\u914d\u5668\u3002\n\nCisco SPA100 Series ATAs\u4e2d\u5b58\u5728\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u672a\u80fd\u6b63\u786e\u9a8c\u8bc1\u7528\u6237\u63d0\u4ea4\u7684\u8f93\u5165\uff0c\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u5bf9\u8be5\u7ba1\u7406\u754c\u9762\u8fdb\u884c\u8eab\u4efd\u9a8c\u8bc1\u5e76\u53d1\u9001\u7279\u5236\u7684\u8bf7\u6c42\u5229\u7528\u8be5\u6f0f\u6d1e\u4ee5\u63d0\u5347\u7684\u6743\u9650\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-spa-rce",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2019-36452",
  "openTime": "2019-10-22",
  "patchDescription": "Cisco SPA100 Series Analog Telephone Adapters\uff08ATAs\uff09\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4e00\u6b3eSPA100\u7cfb\u5217\u6a21\u62df\u7535\u8bdd\u9002\u914d\u5668\u3002\r\n\r\nCisco SPA100 Series ATAs\u4e2d\u5b58\u5728\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u672a\u80fd\u6b63\u786e\u9a8c\u8bc1\u7528\u6237\u63d0\u4ea4\u7684\u8f93\u5165\uff0c\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u5bf9\u8be5\u7ba1\u7406\u754c\u9762\u8fdb\u884c\u8eab\u4efd\u9a8c\u8bc1\u5e76\u53d1\u9001\u7279\u5236\u7684\u8bf7\u6c42\u5229\u7528\u8be5\u6f0f\u6d1e\u4ee5\u63d0\u5347\u7684\u6743\u9650\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cisco SPA100 Series Analog Telephone Adapters\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff08CNVD-2019-36452\uff09\u7684\u8865\u4e01",
  "products": {
    "product": "Cisco SPA100 Series ATAs"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2019-15247\r\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-spa-rce",
  "serverity": "\u4e2d",
  "submitTime": "2019-10-18",
  "title": "Cisco SPA100 Series Analog Telephone Adapters\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff08CNVD-2019-36452\uff09"
}

CVE-2019-15247 (GCVE-0-2019-15247)

Vulnerability from cvelistv5

Published

2019-10-16 18:36

Modified

2024-11-20 17:05

Severity ?

8.0 (High) - CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-119

Summary

Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based management interface. An attacker could exploit these vulnerabilities by authenticating to the web-based management interface and sending crafted requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code with elevated privileges. Note: The web-based management interface is enabled by default.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-spa-rce	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco SPA112 2-Port Phone Adapter	Version: unspecified < n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T00:42:04.028Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20191016 Cisco SPA100 Series Analog Telephone Adapters Remote Code Execution Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-spa-rce"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-15247",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-20T16:50:56.636080Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-20T17:05:58.143Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco SPA112 2-Port Phone Adapter",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "n/a",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2019-10-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based management interface. An attacker could exploit these vulnerabilities by authenticating to the web-based management interface and sending crafted requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code with elevated privileges. Note: The web-based management interface is enabled by default."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-119",
              "description": "CWE-119",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-10-16T18:36:34",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20191016 Cisco SPA100 Series Analog Telephone Adapters Remote Code Execution Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-spa-rce"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20191016-spa-rce",
        "defect": [
          [
            "CSCvq50494"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco SPA100 Series Analog Telephone Adapters Remote Code Execution Vulnerabilities",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2019-10-16T16:00:00-0700",
          "ID": "CVE-2019-15247",
          "STATE": "PUBLIC",
          "TITLE": "Cisco SPA100 Series Analog Telephone Adapters Remote Code Execution Vulnerabilities"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco SPA112 2-Port Phone Adapter",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based management interface. An attacker could exploit these vulnerabilities by authenticating to the web-based management interface and sending crafted requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code with elevated privileges. Note: The web-based management interface is enabled by default."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.0",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20191016 Cisco SPA100 Series Analog Telephone Adapters Remote Code Execution Vulnerabilities",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-spa-rce"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20191016-spa-rce",
          "defect": [
            [
              "CSCvq50494"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2019-15247",
    "datePublished": "2019-10-16T18:36:34.526160Z",
    "dateReserved": "2019-08-20T00:00:00",
    "dateUpdated": "2024-11-20T17:05:58.143Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted