Details of VAR-201908-1016

ID

VAR-201908-1016

CVE

CVE-2019-1912

TITLE

Cisco Small Business 220 Series Smart Switche Authorization vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-007727

DESCRIPTION

A vulnerability in the web management interface of Cisco Small Business 220 Series Smart Switches could allow an unauthenticated, remote attacker to upload arbitrary files. The vulnerability is due to incomplete authorization checks in the web management interface. An attacker could exploit this vulnerability by sending a malicious request to certain parts of the web management interface. Depending on the configuration of the affected switch, the malicious request must be sent via HTTP or HTTPS. A successful exploit could allow the attacker to modify the configuration of an affected device or to inject a reverse shell. This vulnerability affects Cisco Small Business 220 Series Smart Switches running firmware versions prior to 1.1.4.4 with the web management interface enabled. The web management interface is enabled via both HTTP and HTTPS by default

Trust: 2.16

sources: NVD: CVE-2019-1912 // JVNDB: JVNDB-2019-007727 // CNVD: CNVD-2019-34794

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2019-34794

AFFECTED PRODUCTS

vendor:	cisco	model:	sg220-28mp	scope:	lt	version:	1.1.4.4	Trust: 1.0
vendor:	cisco	model:	sf220-24p	scope:	lt	version:	1.1.4.4	Trust: 1.0
vendor:	cisco	model:	sf-220-24	scope:	lt	version:	1.1.4.4	Trust: 1.0
vendor:	cisco	model:	sg220-26	scope:	lt	version:	1.1.4.4	Trust: 1.0
vendor:	cisco	model:	sg220-28	scope:	lt	version:	1.1.4.4	Trust: 1.0
vendor:	cisco	model:	sf220-48	scope:	lt	version:	1.1.4.4	Trust: 1.0
vendor:	cisco	model:	sg220-26p	scope:	lt	version:	1.1.4.4	Trust: 1.0
vendor:	cisco	model:	sf220-48p	scope:	lt	version:	1.1.4.4	Trust: 1.0
vendor:	cisco	model:	sg220-50p	scope:	lt	version:	1.1.4.4	Trust: 1.0
vendor:	cisco	model:	sg220-52	scope:	lt	version:	1.1.4.4	Trust: 1.0
vendor:	cisco	model:	sg220-50	scope:	lt	version:	1.1.4.4	Trust: 1.0
vendor:	cisco	model:	sf220-24	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	sf220-24p	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	sf220-48	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	sf220-48p	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	sg220-26	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	sg220-26p	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	sg220-28	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	sg220-28mp	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	sg220-50	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	sg220-50p	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	series smart switch	scope:	eq	version:	220<1.1.4.4	Trust: 0.6

sources: CNVD: CNVD-2019-34794 // JVNDB: JVNDB-2019-007727 // NVD: CVE-2019-1912

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD:	CVE-2019-1912
value:	CRITICAL
Trust: 1.8
ykramarz@cisco.com:	CVE-2019-1912
value:	CRITICAL
Trust: 1.0
CNVD:	CNVD-2019-34794
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201908-422
value:	CRITICAL
Trust: 0.6

NVD:
severity:	MEDIUM
baseScore:	6.4
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	4.9
acInsufInfo:	FALSE
obtainAllPrivilege:	FALSE
obtainUserPrivilege:	FALSE
obtainOtherPrivilege:	FALSE
userInteractionRequired:	FALSE
version:	2.0
Trust: 1.0
NVD:	CVE-2019-1912
severity:	MEDIUM
baseScore:	6.4
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
CNVD:	CNVD-2019-34794
severity:	MEDIUM
baseScore:	6.4
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

NVD:
baseSeverity:	CRITICAL
baseScore:	9.1
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.2
version:	3.1
Trust: 1.0
ykramarz@cisco.com:
baseSeverity:	CRITICAL
baseScore:	9.1
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.2
version:	3.0
Trust: 1.0
NVD:	CVE-2019-1912
baseSeverity:	CRITICAL
baseScore:	9.1
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2019-34794 // JVNDB: JVNDB-2019-007727 // NVD: CVE-2019-1912 // NVD: CVE-2019-1912 // CNNVD: CNNVD-201908-422

PROBLEMTYPE DATA

problemtype:	CWE-863	Trust: 1.0
problemtype:	CWE-285	Trust: 0.8

sources: JVNDB: JVNDB-2019-007727 // NVD: CVE-2019-1912

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201908-422

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-201908-422

CONFIGURATIONS

sources: NVD: CVE-2019-1912

PATCH

title:	cisco-sa-20190806-sb220-auth_bypass	url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190806-sb220-auth_bypass	Trust: 0.8
title:	Patch for Cisco Small Business 220 Series Smart Switches Licensing Issue Vulnerability	url:	https://www.cnvd.org.cn/patchinfo/show/184643	Trust: 0.6
title:	Cisco Small Business 220 Series Smart Switches Remediation measures for authorization problem vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=96167	Trust: 0.6

sources: CNVD: CNVD-2019-34794 // JVNDB: JVNDB-2019-007727 // CNNVD: CNNVD-201908-422

EXTERNAL IDS

db:	NVD	id:	CVE-2019-1912	Trust: 3.0
db:	PACKETSTORM	id:	154667	Trust: 1.6
db:	JVNDB	id:	JVNDB-2019-007727	Trust: 0.8
db:	CNVD	id:	CNVD-2019-34794	Trust: 0.6
db:	EXPLOIT-DB	id:	47442	Trust: 0.6
db:	AUSCERT	id:	ESB-2019.2960	Trust: 0.6
db:	CNNVD	id:	CNNVD-201908-422	Trust: 0.6

sources: CNVD: CNVD-2019-34794 // JVNDB: JVNDB-2019-007727 // NVD: CVE-2019-1912 // CNNVD: CNNVD-201908-422

REFERENCES

url:	https://nvd.nist.gov/vuln/detail/cve-2019-1912	Trust: 2.0
url:	http://packetstormsecurity.com/files/154667/realtek-managed-switch-controller-rtl83xx-stack-overflow.html	Trust: 1.6
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190806-sb220-auth_bypass	Trust: 1.6
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1912	Trust: 0.8
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190806-sb220-inject	Trust: 0.6
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190806-sb220-rce	Trust: 0.6
url:	https://www.exploit-db.com/exploits/47442	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2019.2960/	Trust: 0.6

sources: CNVD: CNVD-2019-34794 // JVNDB: JVNDB-2019-007727 // NVD: CVE-2019-1912 // CNNVD: CNNVD-201908-422

CREDITS

security researcher bashis through the VDOO Disclosure Program.

Trust: 0.6

sources: CNNVD: CNNVD-201908-422

SOURCES

db:	CNVD	id:	CNVD-2019-34794
db:	JVNDB	id:	JVNDB-2019-007727
db:	NVD	id:	CVE-2019-1912
db:	CNNVD	id:	CNNVD-201908-422

LAST UPDATE DATE

2023-12-18T13:38:13.368000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2019-34794	date:	2019-10-12T00:00:00
db:	JVNDB	id:	JVNDB-2019-007727	date:	2019-08-20T00:00:00
db:	NVD	id:	CVE-2019-1912	date:	2020-10-16T14:36:22.600
db:	CNNVD	id:	CNNVD-201908-422	date:	2020-10-19T00:00:00

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2019-34794	date:	2019-10-12T00:00:00
db:	JVNDB	id:	JVNDB-2019-007727	date:	2019-08-20T00:00:00
db:	NVD	id:	CVE-2019-1912	date:	2019-08-07T06:15:11.337
db:	CNNVD	id:	CNNVD-201908-422	date:	2019-08-06T00:00:00