{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-25T05:13:49.393","vulnerabilities":[{"cve":{"id":"CVE-2019-1634","sourceIdentifier":"psirt@cisco.com","published":"2019-08-21T19:15:14.043","lastModified":"2024-11-21T04:36:58.597","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the Intelligent Platform Management Interface (IPMI) of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges on the underlying operating system (OS). The vulnerability is due to insufficient input validation of user-supplied commands. An attacker who has administrator privileges and access to the network where the IPMI resides could exploit this vulnerability by submitting crafted input to the affected commands. A successful exploit could allow the attacker to gain root privileges on the affected device."},{"lang":"es","value":"Una vulnerabilidad en la Interfaz de administración de plataforma inteligente (IPMI) de Cisco Integrated Management Controller (IMC) podría permitir que un atacante remoto autenticado inyecte comandos arbitrarios que se ejecutan con privilegios de raíz en el sistema operativo (SO) subyacente. La vulnerabilidad se debe a una validación de entrada insuficiente de los comandos proporcionados por el usuario. Un atacante que tenga privilegios de administrador y acceso a la red donde reside el IPMI podría aprovechar esta vulnerabilidad al enviar una entrada diseñada a los comandos afectados. Una explotación exitosa podría permitir al atacante obtener privilegios de root en el dispositivo afectado."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"cvssMetricV30":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:C/I:C/A:C","baseScore":9.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_computing_system:4.0\\(1c\\)hs3:*:*:*:*:*:*:*","matchCriteriaId":"39F8601E-730B-489B-AD2A-FD10FAF28595"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*","versionStartIncluding":"1.5.0.0","versionEndExcluding":"1.5\\(9g\\)","matchCriteriaId":"AD570463-F539-47E7-B455-9376BD3EE99D"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*","versionStartIncluding":"2.0.0.0","versionEndExcluding":"2.0\\(13o\\)","matchCriteriaId":"416F7C96-3EF0-4B6D-B414-3FC0D0848144"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0.0.0","versionEndExcluding":"3.0\\(4k\\)","matchCriteriaId":"0056011A-04F0-4185-8EE7-B1B30CAAA863"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*","versionStartIncluding":"4.0.0.0","versionEndExcluding":"4.0\\(4b\\)","matchCriteriaId":"59EE9E78-D09E-4069-BC84-ED42E3EE76F1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:encs_5100:-:*:*:*:*:*:*:*","matchCriteriaId":"678F3A32-372A-441E-8115-95181FBAF628"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:encs_5400:-:*:*:*:*:*:*:*","matchCriteriaId":"01AE8153-6C23-46AB-BEAA-A6F27FDFEED7"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:ucs-e1120d-m3:-:*:*:*:*:*:*:*","matchCriteriaId":"DF77273F-73C0-40EB-BB4E-75269D46F074"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:ucs-e140s-m2:-:*:*:*:*:*:*:*","matchCriteriaId":"757958F5-F58C-4128-B128-D989A56ACA34"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:ucs-e160d-m2:-:*:*:*:*:*:*:*","matchCriteriaId":"F62D6B73-1AB7-4B93-A92E-275E78DF114C"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:ucs-e160s-m3:-:*:*:*:*:*:*:*","matchCriteriaId":"A0E6AAD9-824C-4126-8347-2FF1895E6D33"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:ucs-e168d-m2:-:*:*:*:*:*:*:*","matchCriteriaId":"3BD31E5A-518C-482F-A926-383ADCC7015E"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:ucs-e180d-m3:-:*:*:*:*:*:*:*","matchCriteriaId":"155D990F-C7DA-48DD-92CC-18542DBBE572"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:ucs_c125_m5:-:*:*:*:*:*:*:*","matchCriteriaId":"ADD4A429-F168-460B-A964-8F1BD94C6387"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:ucs_c4200:-:*:*:*:*:*:*:*","matchCriteriaId":"BD25964B-08B7-477E-A507-5FE5EE7CD286"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:ucs_s3260:-:*:*:*:*:*:*:*","matchCriteriaId":"2FDC8A69-0914-44C1-8AEA-262E0A285C81"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*","versionStartIncluding":"4.0.0.0","versionEndExcluding":"4.0\\(2f\\)","matchCriteriaId":"F5549F4C-CF65-4F22-9675-EFAA99964CA0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:encs_5100:-:*:*:*:*:*:*:*","matchCriteriaId":"678F3A32-372A-441E-8115-95181FBAF628"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:encs_5400:-:*:*:*:*:*:*:*","matchCriteriaId":"01AE8153-6C23-46AB-BEAA-A6F27FDFEED7"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:ucs-e1120d-m3:-:*:*:*:*:*:*:*","matchCriteriaId":"DF77273F-73C0-40EB-BB4E-75269D46F074"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:ucs-e140s-m2:-:*:*:*:*:*:*:*","matchCriteriaId":"757958F5-F58C-4128-B128-D989A56ACA34"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:ucs-e160d-m2:-:*:*:*:*:*:*:*","matchCriteriaId":"F62D6B73-1AB7-4B93-A92E-275E78DF114C"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:ucs-e160s-m3:-:*:*:*:*:*:*:*","matchCriteriaId":"A0E6AAD9-824C-4126-8347-2FF1895E6D33"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:ucs-e168d-m2:-:*:*:*:*:*:*:*","matchCriteriaId":"3BD31E5A-518C-482F-A926-383ADCC7015E"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:ucs-e180d-m3:-:*:*:*:*:*:*:*","matchCriteriaId":"155D990F-C7DA-48DD-92CC-18542DBBE572"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:ucs_c125_m5:-:*:*:*:*:*:*:*","matchCriteriaId":"ADD4A429-F168-460B-A964-8F1BD94C6387"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:ucs_c4200:-:*:*:*:*:*:*:*","matchCriteriaId":"BD25964B-08B7-477E-A507-5FE5EE7CD286"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:ucs_s3260:-:*:*:*:*:*:*:*","matchCriteriaId":"2FDC8A69-0914-44C1-8AEA-262E0A285C81"}]}]}],"references":[{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imc-cmdinject-1634","source":"psirt@cisco.com","tags":["Vendor Advisory"]},{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imc-cmdinject-1634","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}