A vulnerability was found in Cisco UCS Fabric Interconnect Software (Virtualization Software) (the affected version unknown). It has been declared as critical. Affected by this vulnerability is an unknown part of the component CLI. The manipulation with an unknown input leads to a access control vulnerability. The CWE definition for the vulnerability is CWE-264. As an impact it is known to affect confidentiality, integrity, and availability. The summary by CVE is:

A vulnerability in a specific CLI command within the local management (local-mgmt) context for Cisco UCS Fabric Interconnect Software could allow an authenticated, local attacker to gain elevated privileges as the root user on an affected device. The vulnerability is due to extraneous subcommand options present for a specific CLI command within the local-mgmt context. An attacker could exploit this vulnerability by authenticating to an affected device, entering the local-mgmt context, and issuing a specific CLI command and submitting user input. A successful exploit could allow the attacker to execute arbitrary operating system commands as root on an affected device. The attacker would need to have valid user credentials for the device.

The weakness was shared 08/30/2019 as cisco-sa-20190828-ucs-privesca as confirmed advisory (Website). The advisory is shared at tools.cisco.com. This vulnerability is known as CVE-2019-1966 since 12/06/2018. An attack has to be approached locally. A single authentication is necessary for exploitation. Neither technical details nor an exploit are publicly available. MITRE ATT&CK project uses the attack technique T1068 for this issue.

Upgrading eliminates this vulnerability.

Productinfo

Type

• Virtualization Software

Vendor

• Cisco

Name

• UCS Fabric Interconnect Software

License

• commercial

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion