CVE-2018-15380

A vulnerability in the cluster service manager of Cisco HyperFlex Software could allow an unauthenticated, adjacent attacker to execute commands as the root user. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by connecting to the cluster service manager and injecting commands into the bound process. A successful exploit could allow the attacker to run commands on the affected host as the root user. This vulnerability affects Cisco HyperFlex Software releases prior to 3.5(2a).

CVSS v3 8.8 HIGH
CVSS v2.0 8.3 HIGH

8.8^/10

CVSS v3 : HIGH

V3 Legend

Vector : AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability : 2.8 / Impact : 5.9

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

8.3^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:A/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 6.5 / Impact : 10.0

Access Vector ADJACENT_NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://www.securityfocus.com/bid/107095	Third Party Advisory VDB Entry
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-hyperflex-injection	Vendor Advisory
http://www.securityfocus.com/bid/107095	Third Party Advisory VDB Entry
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-hyperflex-injection	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:cisco:hyperflex_hx_data_platform:3.0\(1a\):::::::*
	cpe:2.3:a:cisco:hyperflex_hx_data_platform:3.5\(1a\):::::::*

History

21 Nov 2024, 03:50

Type	Values Removed	Values Added
References	~~() http://www.securityfocus.com/bid/107095 - Third Party Advisory, VDB Entry~~	() http://www.securityfocus.com/bid/107095 - Third Party Advisory, VDB Entry
References	~~() https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-hyperflex-injection - Vendor Advisory~~	() https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-hyperflex-injection - Vendor Advisory

Information

Published : 2019-02-20 23:29

Updated : 2024-11-21 03:50

NVD link : CVE-2018-15380

Mitre link : CVE-2018-15380

CVE.ORG link : CVE-2018-15380

JSON object : View

Products Affected

cisco

hyperflex_hx_data_platform

CWE

CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

{"id": "CVE-2018-15380", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 8.3, "accessVector": "ADJACENT_NETWORK", "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 6.5, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Secondary", "source": "ykramarz@cisco.com", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 8.8, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 8.8, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2019-02-20T23:29:00.193", "references": [{"url": "http://www.securityfocus.com/bid/107095", "tags": ["Third Party Advisory", "VDB Entry"], "source": "ykramarz@cisco.com"}, {"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-hyperflex-injection", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}, {"url": "http://www.securityfocus.com/bid/107095", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-hyperflex-injection", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "ykramarz@cisco.com", "description": [{"lang": "en", "value": "CWE-78"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-78"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the cluster service manager of Cisco HyperFlex Software could allow an unauthenticated, adjacent attacker to execute commands as the root user. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by connecting to the cluster service manager and injecting commands into the bound process. A successful exploit could allow the attacker to run commands on the affected host as the root user. This vulnerability affects Cisco HyperFlex Software releases prior to 3.5(2a)."}, {"lang": "es", "value": "Una vulnerabilidad en el gestor del servicio de cl\u00fasters de Cisco HyperFlex Software podr\u00eda permitir que un atacante adyacente sin autenticar ejecute comandos como el usuario root. Esta vulnerabilidad se debe a una validaci\u00f3n de entradas insuficiente. Un atacante podr\u00eda explotar esta vulnerabilidad conect\u00e1ndose al gestor del servicio de cl\u00fasters e inyectando comandos en el proceso enlazado. Una explotaci\u00f3n exitosa podr\u00eda permitir que un atacante ejecute comandos en el host afectado como el usuario root. Esta vulnerabilidad afecta a Cisco HyperFlex Software en distribuciones anteriores a la 3.5(2a)."}], "lastModified": "2024-11-21T03:50:39.917", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:hyperflex_hx_data_platform:3.0\\(1a\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "94607F74-2E39-450A-8DC8-ACB6550FF4EB"}, {"criteria": "cpe:2.3:a:cisco:hyperflex_hx_data_platform:3.5\\(1a\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C41C76CE-3A77-49BE-B1A7-FC5982CA5504"}], "operator": "OR"}]}], "sourceIdentifier": "ykramarz@cisco.com"}

8.8 /10