CVE-2019-12650 - Vulnerability Details

Multiple vulnerabilities in the web-based user interface (Web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker to execute commands with elevated privileges on the affected device. For more information about these vulnerabilities, see the Details section of this advisory.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

The EPSS score is 0.13421.

Exploitation none

Automatable no

Technical Impact partial

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Cisco

Cisco IOS XE Software 3.2.11aSG

affected

Version	Status	Constraints
`unspecified`	affected	< n/a

Configuration 1 [-]

cpe:2.3:o:cisco:ios:16.11.1:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:cisco:ios_xe:16.6.5:*:*:*:*:*:*:*

OR	cpe:2.3:h:cisco:1100-4p_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1100-8p_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1101-4p_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1109-2p_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1109-4p_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1111x-8p_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:asr_1001-x:-:::::::*
	cpe:2.3:h:cisco:asr_1002-hx:-:::::::*
	cpe:2.3:h:cisco:asr_1006-x:-:::::::*
	cpe:2.3:h:cisco:asr_1009-x:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-12x48uq:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-12x48ur:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-12x48uz:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-24pd:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-24pdm:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-48fq:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-48fqm:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-8x24uq:-:::::::*
	cpe:2.3:h:cisco:catalyst_3850-12x48u:-:::::::*
	cpe:2.3:h:cisco:catalyst_3850-24u:-:::::::*
	cpe:2.3:h:cisco:catalyst_3850-24xs:-:::::::*
	cpe:2.3:h:cisco:catalyst_3850-24xu:-:::::::*
	cpe:2.3:h:cisco:catalyst_3850-48u:-:::::::*
	cpe:2.3:h:cisco:catalyst_3850-48xs:-:::::::*
	cpe:2.3:h:cisco:catalyst_3850-nm-2-40g:-:::::::*
	cpe:2.3:h:cisco:catalyst_3850-nm-8-10g:-:::::::*
	cpe:2.3:h:cisco:catalyst_9800-40:-:::::::*
	cpe:2.3:h:cisco:catalyst_9800-80:-:::::::*
	cpe:2.3:h:cisco:catalyst_9800-cl:-:::::::*
	cpe:2.3:h:cisco:catalyst_9800-l:-:::::::*
	cpe:2.3:h:cisco:catalyst_9800-l-c:-:::::::*
	cpe:2.3:h:cisco:catalyst_9800-l-f:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9200-24p:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9200-24t:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9200-48p:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9200-48t:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9200l-24p-4g:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9200l-24p-4x:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9200l-24pxg-2y:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9200l-24pxg-4x:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9200l-24t-4g:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9200l-24t-4x:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9200l-48p-4g:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9200l-48p-4x:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9200l-48pxg-2y:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9200l-48pxg-4x:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9200l-48t-4g:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9200l-48t-4x:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9300-24p:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9300-24s:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9300-24t:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9300-24u:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9300-24ux:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9300-48p:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9300-48s:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9300-48t:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9300-48u:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9300-48un:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9300-48uxm:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9300l-24p-4g:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9300l-24p-4x:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9300l-24t-4g:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9300l-24t-4x:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9300l-48p-4g:-:::::::*
cpe:2.3:h:cisco:catalyst_c9300l-48p-4x:-:::::::*
cpe:2.3:h:cisco:catalyst_c9300l-48t-4g:-:::::::*
cpe:2.3:h:cisco:catalyst_c9300l-48t-4x:-:::::::*
cpe:2.3:h:cisco:catalyst_c9500-12q:-:::::::*
cpe:2.3:h:cisco:catalyst_c9500-16x:-:::::::*
cpe:2.3:h:cisco:catalyst_c9500-24q:-:::::::*
cpe:2.3:h:cisco:catalyst_c9500-24y4c:-:::::::*
cpe:2.3:h:cisco:catalyst_c9500-32c:-:::::::*
cpe:2.3:h:cisco:catalyst_c9500-32qc:-:::::::*
cpe:2.3:h:cisco:catalyst_c9500-40x:-:::::::*
cpe:2.3:h:cisco:catalyst_c9500-48y4c:-:::::::*
cpe:2.3:h:cisco:integrated_services_virtual_router:-:::::::*

Configuration 3 [-]

AND

cpe:2.3:o:cisco:ios_xe:17.1.1:*:*:*:*:*:*:*

OR	cpe:2.3:h:cisco:catalyst_3650-12x48uq:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-12x48ur:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-12x48uz:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-24pd:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-24pdm:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-48fq:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-48fqm:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-8x24uq:-:::::::*
	cpe:2.3:h:cisco:catalyst_3850-12x48u:-:::::::*
	cpe:2.3:h:cisco:catalyst_3850-24u:-:::::::*
	cpe:2.3:h:cisco:catalyst_3850-24xs:-:::::::*
	cpe:2.3:h:cisco:catalyst_3850-24xu:-:::::::*
	cpe:2.3:h:cisco:catalyst_3850-48u:-:::::::*
	cpe:2.3:h:cisco:catalyst_3850-48xs:-:::::::*
	cpe:2.3:h:cisco:catalyst_3850-nm-2-40g:-:::::::*
	cpe:2.3:h:cisco:catalyst_3850-nm-8-10g:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9200-24p:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9200-24t:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9200-48p:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9200-48t:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9200l-24p-4g:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9200l-24p-4x:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9200l-24pxg-2y:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9200l-24pxg-4x:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9200l-24t-4g:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9200l-24t-4x:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9200l-48p-4g:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9200l-48p-4x:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9200l-48pxg-2y:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9200l-48pxg-4x:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9200l-48t-4g:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9200l-48t-4x:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9300-24p:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9300-24s:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9300-24t:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9300-24u:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9300-24ux:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9300-48p:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9300-48s:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9300-48t:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9300-48u:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9300-48un:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9300-48uxm:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9300l-24p-4g:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9300l-24p-4x:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9300l-24t-4g:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9300l-24t-4x:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9300l-48p-4g:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9300l-48p-4x:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9300l-48t-4g:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9300l-48t-4x:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9500-12q:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9500-16x:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9500-24q:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9500-24y4c:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9500-32c:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9500-32qc:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9500-40x:-:::::::*
	cpe:2.3:h:cisco:catalyst_c9500-48y4c:-:::::::*
	cpe:2.3:h:cisco:cloud_services_router_1000v:-:::::::*

No data.

Project Subscriptions

Vendors	Products
Cisco Subscribe	1100-4p Integrated Services Router Subscribe 1100-8p Integrated Services Router Subscribe 1101-4p Integrated Services Router Subscribe 1109-2p Integrated Services Router Subscribe 1109-4p Integrated Services Router Subscribe 1111x-8p Integrated Services Router Subscribe Asr 1001-x Subscribe Asr 1002-hx Subscribe Asr 1006-x Subscribe Asr 1009-x Subscribe Catalyst 3650-12x48uq Subscribe Catalyst 3650-12x48ur Subscribe Catalyst 3650-12x48uz Subscribe Catalyst 3650-24pd Subscribe Catalyst 3650-24pdm Subscribe Catalyst 3650-48fq Subscribe Catalyst 3650-48fqm Subscribe Catalyst 3650-8x24uq Subscribe Catalyst 3850-12x48u Subscribe Catalyst 3850-24u Subscribe Catalyst 3850-24xs Subscribe Catalyst 3850-24xu Subscribe Catalyst 3850-48u Subscribe Catalyst 3850-48xs Subscribe Catalyst 3850-nm-2-40g Subscribe Catalyst 3850-nm-8-10g Subscribe Catalyst 9800-40 Subscribe Catalyst 9800-80 Subscribe Catalyst 9800-cl Subscribe Catalyst 9800-l Subscribe Catalyst 9800-l-c Subscribe Catalyst 9800-l-f Subscribe Catalyst C9200-24p Subscribe Catalyst C9200-24t Subscribe Catalyst C9200-48p Subscribe Catalyst C9200-48t Subscribe Catalyst C9200l-24p-4g Subscribe Catalyst C9200l-24p-4x Subscribe Catalyst C9200l-24pxg-2y Subscribe Catalyst C9200l-24pxg-4x Subscribe Catalyst C9200l-24t-4g Subscribe Catalyst C9200l-24t-4x Subscribe Catalyst C9200l-48p-4g Subscribe Catalyst C9200l-48p-4x Subscribe Catalyst C9200l-48pxg-2y Subscribe Catalyst C9200l-48pxg-4x Subscribe Catalyst C9200l-48t-4g Subscribe Catalyst C9200l-48t-4x Subscribe Catalyst C9300-24p Subscribe Catalyst C9300-24s Subscribe Catalyst C9300-24t Subscribe Catalyst C9300-24u Subscribe Catalyst C9300-24ux Subscribe Catalyst C9300-48p Subscribe Catalyst C9300-48s Subscribe Catalyst C9300-48t Subscribe Catalyst C9300-48u Subscribe Catalyst C9300-48un Subscribe Catalyst C9300-48uxm Subscribe Catalyst C9300l-24p-4g Subscribe Catalyst C9300l-24p-4x Subscribe Catalyst C9300l-24t-4g Subscribe Catalyst C9300l-24t-4x Subscribe Catalyst C9300l-48p-4g Subscribe Catalyst C9300l-48p-4x Subscribe Catalyst C9300l-48t-4g Subscribe Catalyst C9300l-48t-4x Subscribe Catalyst C9500-12q Subscribe Catalyst C9500-16x Subscribe Catalyst C9500-24q Subscribe Catalyst C9500-24y4c Subscribe Catalyst C9500-32c Subscribe Catalyst C9500-32qc Subscribe Catalyst C9500-40x Subscribe Catalyst C9500-48y4c Subscribe Cloud Services Router 1000v Subscribe Integrated Services Virtual Router Subscribe Ios Subscribe Ios Xe Subscribe

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-webui-cmd-injection

History

Thu, 21 Nov 2024 20:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2019-09-25T20:05:12.419865Z

Updated: 2024-11-21T19:14:26.806Z

Reserved: 2019-06-04T00:00:00

Link: CVE-2019-12650

Vulnrichment

Updated: 2024-08-04T23:24:39.291Z

NVD

Status : Modified

Published: 2019-09-25T20:15:10.650

Modified: 2024-11-21T04:23:15.763

Link: CVE-2019-12650

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Exploitation none

Automatable no

Technical Impact partial

Project Subscriptions

Projects

JSON object

JSON object

JSON object

JSON object

JSON object