A vulnerability in the command-line interface of Cisco Integrated Management Controller (IMC) could allow an authenticated, local attacker with read-only credentials to inject arbitrary commands that could allow them to obtain root privileges. The vulnerability is due to insufficient validation of user-supplied input on the command-line interface. An attacker could exploit this vulnerability by authenticating with read-only privileges via the CLI of an affected device and submitting crafted input to the affected commands. A successful exploit could allow an attacker to execute arbitrary commands on the device with root privileges.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: cisco
Published: 2019-08-21T18:20:38.194916Z
Updated: 2024-09-16T20:37:49.710Z
Reserved: 2018-12-06T00:00:00
Link: CVE-2019-1883
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2019-08-21T19:15:14.637
Modified: 2023-03-31T15:57:12.207
Link: CVE-2019-1883
Redhat
No data.