CVE-2018-0324 - OpenCVE

A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, high-privileged, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command parameters in the CLI parser. An attacker could exploit this vulnerability by invoking a vulnerable CLI command with crafted malicious parameters. An exploit could allow the attacker to execute arbitrary commands with a non-root user account on the underlying Linux operating system of the affected device. Cisco Bug IDs: CSCvi09723.

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:L/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Cisco	Network Functions Virtualization Infrastructure

Configuration 1 [-]

OR	cpe:2.3:a:cisco:network_functions_virtualization_infrastructure:3.6.1:::::::*
	cpe:2.3:a:cisco:network_functions_virtualization_infrastructure:3.6.2:::::::*
	cpe:2.3:a:cisco:network_functions_virtualization_infrastructure:3.7.1:::::::*

References

Link	Resource
http://www.securityfocus.com/bid/104208	Third Party Advisory VDB Entry
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180516-nfvis-cli-command-injection	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: cisco

Published: 2018-05-17T03:00:00

Updated: 2018-05-19T09:57:01

Reserved: 2017-11-27T00:00:00

Link: CVE-2018-0324

JSON object: View

NVD Information

Status : Analyzed

Published: 2018-05-17T03:29:00.763

Modified: 2020-09-04T18:34:58.313

Link: CVE-2018-0324

JSON object: View

Redhat Information

No data.

CWE

{"containers": {"cna": {"affected": [{"product": "Cisco Enterprise NFV Infrastructure Software", "vendor": "n/a", "versions": [{"status": "affected", "version": "Cisco Enterprise NFV Infrastructure Software"}]}], "datePublic": "2018-05-16T00:00:00", "descriptions": [{"lang": "en", "value": "A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, high-privileged, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command parameters in the CLI parser. An attacker could exploit this vulnerability by invoking a vulnerable CLI command with crafted malicious parameters. An exploit could allow the attacker to execute arbitrary commands with a non-root user account on the underlying Linux operating system of the affected device. Cisco Bug IDs: CSCvi09723."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-77", "description": "CWE-77", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2018-05-19T09:57:01", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180516-nfvis-cli-command-injection"}, {"name": "104208", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/104208"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2018-0324", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Cisco Enterprise NFV Infrastructure Software", "version": {"version_data": [{"version_value": "Cisco Enterprise NFV Infrastructure Software"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, high-privileged, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command parameters in the CLI parser. An attacker could exploit this vulnerability by invoking a vulnerable CLI command with crafted malicious parameters. An exploit could allow the attacker to execute arbitrary commands with a non-root user account on the underlying Linux operating system of the affected device. Cisco Bug IDs: CSCvi09723."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-77"}]}]}, "references": {"reference_data": [{"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180516-nfvis-cli-command-injection", "refsource": "CONFIRM", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180516-nfvis-cli-command-injection"}, {"name": "104208", "refsource": "BID", "url": "http://www.securityfocus.com/bid/104208"}]}}}}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2018-0324", "datePublished": "2018-05-17T03:00:00", "dateReserved": "2017-11-27T00:00:00", "dateUpdated": "2018-05-19T09:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:network_functions_virtualization_infrastructure:3.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "0973CD91-EAA5-4D6B-B93F-3FDB3ACD1FA7", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:network_functions_virtualization_infrastructure:3.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "CC22342E-9624-49B4-B982-557858C34680", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:network_functions_virtualization_infrastructure:3.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "C4BBC296-B394-4B88-B0D3-080FD00FA180", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, high-privileged, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command parameters in the CLI parser. An attacker could exploit this vulnerability by invoking a vulnerable CLI command with crafted malicious parameters. An exploit could allow the attacker to execute arbitrary commands with a non-root user account on the underlying Linux operating system of the affected device. Cisco Bug IDs: CSCvi09723."}, {"lang": "es", "value": "Una vulnerabilidad en la interfaz de l\u00ednea de comandos de Cisco Enterprise NFV Infrastructure Software podr\u00eda permitir que un atacante local autenticado con altos privilegios realice un ataque de inyecci\u00f3n de comandos. La vulnerabilidad se debe a una validaci\u00f3n de entrada insuficiente de algunos par\u00e1metros de comandos en el analizador sint\u00e1ctico de la interfaz de l\u00ednea de comandos. Un atacante podr\u00eda explotar esta vulnerabilidad invocando un comando espec\u00edfico de la interfaz de l\u00ednea de comandos con par\u00e1metros maliciosos manipulados. Su explotaci\u00f3n con \u00e9xito podr\u00eda permitir que el atacante ejecute comandos arbitrarios con una cuenta de usuario no root al sistema operativo Linux subyacente en el dispositivo afectado. Cisco Bug IDs: CSCvi09723."}], "id": "CVE-2018-0324", "lastModified": "2020-09-04T18:34:58.313", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-05-17T03:29:00.763", "references": [{"source": "ykramarz@cisco.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/104208"}, {"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180516-nfvis-cli-command-injection"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-77"}], "source": "ykramarz@cisco.com", "type": "Secondary"}]}