SB2019082204 - Multiple vulnerabilities in Cisco Integrated Management Controller

Description

This security bulletin contains information about 3 secuirty vulnerabilities.

1) OS Command Injection (CVE-ID: CVE-2019-1850)

The vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.

The vulnerability exists due to insufficient validation of user-supplied input in the web-based management interface. A remote authenticated administrator can send specially crafted commands to the administrative web management interface and execute arbitrary system-level commands with root privileges on the target device.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

This vulnerability affects the following Cisco products that are running Cisco IMC Software:

• UCS C-Series and S-Series Servers in standalone mode
• UCS E-Series Servers
  
• 5000 Series Enterprise Network Compute System (ENCS) Platforms
  

2) Buffer overflow (CVE-ID: CVE-2019-1871)

The vulnerability allows a remote attacker to cause a denial of service (DoS) condition and execute arbitrary code on the target system.

The vulnerability exists due to improper bounds checking by the import-config process in the Import Cisco IMC configuration utility. A remote authenticated attacker can send a specially crafted packets, trigger memory corruption and execute arbitrary code on the target device.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

This vulnerability affects the following Cisco products that are running Cisco IMC Software:

• UCS C-Series and S-Series Servers in standalone mode 
• UCS E-Series Servers
• 5000 Series Enterprise Network Compute System (ENCS) Platform

3) OS Command Injection (CVE-ID: CVE-2019-1883)

The vulnerability allows a local attacker to execute arbitrary shell commands on the target system.

The vulnerability exists due to insufficient validation of user-supplied input in the command-line interface. A local authenticated attacker with read-only privileges can submit crafted input to the affected CLI commands and execute arbitrary OS commands on the target device with root privileges.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

This vulnerability affects the following Cisco products that are running Cisco IMC Software:

• UCS C-Series and S-Series Servers in standalone mode
• UCS E-Series Servers that are running Cisco IMC Software
  
• 5000 Series Enterprise Network Compute System (ENCS) Platforms
  

Remediation

Install update from vendor's website.

References

• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imc-cmdinj-1850
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imc-bo
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-cimc-cli-inject