Published on July 6th, 2019 📆 | 6083 Views ⚑
0Cisco Enterprise NFV Infrastructure Software Configuration File privilege escalation
CVSS Meta Temp Score | Current Exploit Price (β) |
---|---|
7.5 | $0-$5k |
A vulnerability classified as critical has been found in Cisco Enterprise NFV Infrastructure Software (the affected version unknown). This affects an unknown code of the component Configuration File Handler. The manipulation with an unknown input leads to a privilege escalation vulnerability. CWE is classifying the issue as CWE-269. This is going to have an impact on confidentiality, integrity, and availability.
The weakness was released 07/06/2019 as cisco-sa-20190703-nfvis-comman as confirmed advisory (Website). The advisory is shared at tools.cisco.com. This vulnerability is uniquely identified as CVE-2019-1893 since 12/06/2018. An attack has to be approached locally. The successful exploitation needs a single authentication. Neither technical details nor an exploit are publicly available. The price for an exploit might be around USD $0-$5k at the moment (estimation calculated on 07/06/2019).
Upgrading eliminates this vulnerability.
Entry connected to this vulnerability is available at 137422.
Vendor
Name
VulDB Meta Base Score: 7.8
VulDB Meta Temp Score: 7.5
VulDB Base Score: 7.8
VulDB Temp Score: 7.5
VulDB Vector: π
VulDB Reliability: π
AV | AC | Au | C | I | A |
---|---|---|---|---|---|
π | π | π | π | π | π |
π | π | π | π | π | π |
π | π | π | π | π | π |
Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
---|---|---|---|---|---|
unlock | unlock | unlock | unlock | unlock | unlock |
unlock | unlock | unlock | unlock | unlock | unlock |
unlock | unlock | unlock | unlock | unlock | unlock |
VulDB Base Score: π
VulDB Temp Score: π
VulDB Reliability: π
Class: Privilege escalation (CWE-269)
Local: Yes
Remote: No
Availability: π
Status: Not defined
Price Prediction: π
Current Price Estimation: π
0-Day | unlock | unlock | unlock | unlock |
---|---|---|---|---|
Today | unlock | unlock | unlock | unlock |
Threat Intelligence
Threat: π
Adversaries: π
Geopolitics: π
Economy: π
Predictions: π
Remediation: πRecommended: Upgrade
Status: π
0-Day Time: π
12/06/2018 CVE assigned
07/06/2019 Advisory disclosed
07/06/2019 VulDB entry created
07/06/2019 VulDB last updateVendor: cisco.com
Advisory: cisco-sa-20190703-nfvis-comman
Status: Confirmed
CVE: CVE-2019-1893 (π)
See also: π
Created: 07/06/2019 10:11 AM
Complete: π
Comments
Use the official API to access entries easily!
https://vuldb.com/?id.137421
No comments yet. Please log in to comment.