CVE-2019-12643 – Cisco REST API Container for IOS XE Software Authentication Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2019-12643
A vulnerability in the Cisco REST API virtual service container for Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass authentication on the managed Cisco IOS XE device. The vulnerability is due to an improper check performed by the area of code that manages the REST API authentication service. An attacker could exploit this vulnerability by submitting malicious HTTP requests to the targeted device. A successful exploit could allow the attacker to obtain the token-id of an authenticated user. This token-id could be used to bypass authentication and execute privileged actions through the interface of the REST API virtual service container on the affected Cisco IOS XE device. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-iosxe-rest-auth-bypass • CWE-287: Improper Authentication •
CVE-2019-1862 – Cisco IOS XE Software Web UI Command Injection Vulnerability
https://notcve.org/view.php?id=CVE-2019-1862
A vulnerability in the web-based user interface (Web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability occurs because the affected software improperly sanitizes user-supplied input. An attacker who has valid administrator access to an affected device could exploit this vulnerability by supplying a crafted input parameter on a form in the Web UI and then submitting that form. A successful exploit could allow the attacker to run arbitrary commands on the device with root privileges, which may lead to complete system compromise. Una vulnerabilidad en la interfaz de usuario basada en web (Web UI) de Cisco IOS XE Software podría permitir a un atacante remoto autenticado ejecutar comandos en el shell Linux subyacente de un dispositivo afectado con privilegios de root. • http://www.securityfocus.com/bid/108331 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190513-webui https://www.kb.cert.org/vuls/id/400865 • CWE-20: Improper Input Validation •
CVE-2019-1649 – Cisco Secure Boot Hardware Tampering Vulnerability
https://notcve.org/view.php?id=CVE-2019-1649
A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. This vulnerability affects multiple Cisco products that support hardware-based Secure Boot functionality. The vulnerability is due to an improper check on the area of code that manages on-premise updates to a Field Programmable Gate Array (FPGA) part of the Secure Boot hardware implementation. An attacker with elevated privileges and access to the underlying operating system that is running on the affected device could exploit this vulnerability by writing a modified firmware image to the FPGA. A successful exploit could either cause the device to become unusable (and require a hardware replacement) or allow tampering with the Secure Boot verification process, which under some circumstances may allow the attacker to install and boot a malicious software image. • http://www.securityfocus.com/bid/108350 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190513-secureboot https://www.kb.cert.org/vuls/id/400865 https://www.us-cert.gov/ics/advisories/icsa-20-072-03 • CWE-284: Improper Access Control CWE-667: Improper Locking •
CVE-2019-1759 – Cisco IOS XE Software Gigabit Ethernet Management Interface Access Control List Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2019-1759
A vulnerability in access control list (ACL) functionality of the Gigabit Ethernet Management interface of Cisco IOS XE Software could allow an unauthenticated, remote attacker to reach the configured IP addresses on the Gigabit Ethernet Management interface. The vulnerability is due to a logic error that was introduced in the Cisco IOS XE Software 16.1.1 Release, which prevents the ACL from working when applied against the management interface. An attacker could exploit this issue by attempting to access the device via the management interface. Una vulnerabilidad en la funcionalidad de listas de control de acceso (ACL) de la interfaz Gigabit Ethernet Management del software Cisco IOS XE podría permitir que un atacante remoto no autenticado alcance las direcciones IP configuradas de la interfaz Gigabit Ethernet Management. La vulnerabilidad se debe a un error de lógica que se introdujo en la versión 16.1.1 del software Cisco IOS XE, que evita que la ACL trabaje cuando se aplica contra la interfaz de gestión. • https://github.com/r3m0t3nu11/CVE-2019-1759-csrf-js-rce http://www.securityfocus.com/bid/107660 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-mgmtacl • CWE-284: Improper Access Control CWE-287: Improper Authentication •
CVE-2019-1760 – Cisco IOS XE Software Performance Routing Version 3 Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2019-1760
A vulnerability in Performance Routing Version 3 (PfRv3) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the affected device to reload. The vulnerability is due to the processing of malformed smart probe packets. An attacker could exploit this vulnerability by sending specially crafted smart probe packets at the affected device. A successful exploit could allow the attacker to reload the device, resulting in a denial of service (DoS) attack on an affected system. Una vulnerabilidad en Performance Routing Version 3 (PfRv3) del software Cisco IOS XE podría permitir que un atacante remoto no autenticado provoque que el dispositivo afectado se recargue. • http://www.securityfocus.com/bid/107611 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-pfrv3 • CWE-20: Improper Input Validation •