{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T09:22:11.772","vulnerabilities":[{"cve":{"id":"CVE-2019-1865","sourceIdentifier":"psirt@cisco.com","published":"2019-08-21T19:15:14.420","lastModified":"2024-11-21T04:37:34.050","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges on an affected device. The vulnerability is due to insufficient validation of user-supplied input by the affected software. An attacker could exploit this vulnerability by invoking an interface monitoring mechanism with a crafted argument on the affected software. A successful exploit could allow the attacker to inject and execute arbitrary, system-level commands with root privileges on an affected device."},{"lang":"es","value":"Una vulnerabilidad en la interfaz de administración basada en la web del software Cisco Integrated Management Controller (IMC) podría permitir que un atacante remoto autenticado inyecte comandos arbitrarios que se ejecutan con privilegios de root en un dispositivo afectado. La vulnerabilidad se debe a una validación insuficiente de las entradas proporcionadas por el usuario por el software afectado. Un atacante podría aprovechar esta vulnerabilidad invocando un mecanismo de monitoreo de interfaz con un argumento diseñado sobre el software afectado. Una explotación exitosa podría permitir al atacante inyectar y ejecutar comandos arbitrarios a nivel de sistema con privilegios de root en un dispositivo afectado."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV30":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:C/I:C/A:C","baseScore":9.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_computing_system:4.0\\(1c\\)hs3:*:*:*:*:*:*:*","matchCriteriaId":"39F8601E-730B-489B-AD2A-FD10FAF28595"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*","versionStartIncluding":"1.5.0.0","versionEndExcluding":"1.5\\(9g\\)","matchCriteriaId":"AD570463-F539-47E7-B455-9376BD3EE99D"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*","versionStartIncluding":"2.0.0.0","versionEndExcluding":"2.0\\(13o\\)","matchCriteriaId":"416F7C96-3EF0-4B6D-B414-3FC0D0848144"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0.0.0","versionEndExcluding":"3.0\\(4k\\)","matchCriteriaId":"0056011A-04F0-4185-8EE7-B1B30CAAA863"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*","versionStartIncluding":"4.0.0.0","versionEndExcluding":"4.0\\(4b\\)","matchCriteriaId":"59EE9E78-D09E-4069-BC84-ED42E3EE76F1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:encs_5100:-:*:*:*:*:*:*:*","matchCriteriaId":"678F3A32-372A-441E-8115-95181FBAF628"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:encs_5400:-:*:*:*:*:*:*:*","matchCriteriaId":"01AE8153-6C23-46AB-BEAA-A6F27FDFEED7"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:ucs-e1120d-m3:-:*:*:*:*:*:*:*","matchCriteriaId":"DF77273F-73C0-40EB-BB4E-75269D46F074"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:ucs-e140s-m2:-:*:*:*:*:*:*:*","matchCriteriaId":"757958F5-F58C-4128-B128-D989A56ACA34"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:ucs-e160d-m2:-:*:*:*:*:*:*:*","matchCriteriaId":"F62D6B73-1AB7-4B93-A92E-275E78DF114C"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:ucs-e160s-m3:-:*:*:*:*:*:*:*","matchCriteriaId":"A0E6AAD9-824C-4126-8347-2FF1895E6D33"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:ucs-e168d-m2:-:*:*:*:*:*:*:*","matchCriteriaId":"3BD31E5A-518C-482F-A926-383ADCC7015E"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:ucs-e180d-m3:-:*:*:*:*:*:*:*","matchCriteriaId":"155D990F-C7DA-48DD-92CC-18542DBBE572"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:ucs_c125_m5:-:*:*:*:*:*:*:*","matchCriteriaId":"ADD4A429-F168-460B-A964-8F1BD94C6387"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:ucs_c4200:-:*:*:*:*:*:*:*","matchCriteriaId":"BD25964B-08B7-477E-A507-5FE5EE7CD286"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:ucs_s3260:-:*:*:*:*:*:*:*","matchCriteriaId":"2FDC8A69-0914-44C1-8AEA-262E0A285C81"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*","versionStartIncluding":"4.0.0.0","versionEndExcluding":"4.0\\(1d\\)","matchCriteriaId":"1D094D51-8F25-430F-99C4-1A734CAA63E4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:encs_5100:-:*:*:*:*:*:*:*","matchCriteriaId":"678F3A32-372A-441E-8115-95181FBAF628"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:encs_5400:-:*:*:*:*:*:*:*","matchCriteriaId":"01AE8153-6C23-46AB-BEAA-A6F27FDFEED7"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:ucs-e1120d-m3:-:*:*:*:*:*:*:*","matchCriteriaId":"DF77273F-73C0-40EB-BB4E-75269D46F074"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:ucs-e140s-m2:-:*:*:*:*:*:*:*","matchCriteriaId":"757958F5-F58C-4128-B128-D989A56ACA34"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:ucs-e160d-m2:-:*:*:*:*:*:*:*","matchCriteriaId":"F62D6B73-1AB7-4B93-A92E-275E78DF114C"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:ucs-e160s-m3:-:*:*:*:*:*:*:*","matchCriteriaId":"A0E6AAD9-824C-4126-8347-2FF1895E6D33"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:ucs-e168d-m2:-:*:*:*:*:*:*:*","matchCriteriaId":"3BD31E5A-518C-482F-A926-383ADCC7015E"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:ucs-e180d-m3:-:*:*:*:*:*:*:*","matchCriteriaId":"155D990F-C7DA-48DD-92CC-18542DBBE572"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:ucs_c125_m5:-:*:*:*:*:*:*:*","matchCriteriaId":"ADD4A429-F168-460B-A964-8F1BD94C6387"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:ucs_c4200:-:*:*:*:*:*:*:*","matchCriteriaId":"BD25964B-08B7-477E-A507-5FE5EE7CD286"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:ucs_s3260:-:*:*:*:*:*:*:*","matchCriteriaId":"2FDC8A69-0914-44C1-8AEA-262E0A285C81"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*","versionStartIncluding":"4.0.0.0","versionEndExcluding":"4.0\\(2c\\)","matchCriteriaId":"B9AB71C7-E751-4390-84B0-D88794FE2E5A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:encs_5100:-:*:*:*:*:*:*:*","matchCriteriaId":"678F3A32-372A-441E-8115-95181FBAF628"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:encs_5400:-:*:*:*:*:*:*:*","matchCriteriaId":"01AE8153-6C23-46AB-BEAA-A6F27FDFEED7"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:ucs-e1120d-m3:-:*:*:*:*:*:*:*","matchCriteriaId":"DF77273F-73C0-40EB-BB4E-75269D46F074"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:ucs-e140s-m2:-:*:*:*:*:*:*:*","matchCriteriaId":"757958F5-F58C-4128-B128-D989A56ACA34"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:ucs-e160d-m2:-:*:*:*:*:*:*:*","matchCriteriaId":"F62D6B73-1AB7-4B93-A92E-275E78DF114C"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:ucs-e160s-m3:-:*:*:*:*:*:*:*","matchCriteriaId":"A0E6AAD9-824C-4126-8347-2FF1895E6D33"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:ucs-e168d-m2:-:*:*:*:*:*:*:*","matchCriteriaId":"3BD31E5A-518C-482F-A926-383ADCC7015E"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:ucs-e180d-m3:-:*:*:*:*:*:*:*","matchCriteriaId":"155D990F-C7DA-48DD-92CC-18542DBBE572"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:ucs_c125_m5:-:*:*:*:*:*:*:*","matchCriteriaId":"ADD4A429-F168-460B-A964-8F1BD94C6387"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:ucs_c4200:-:*:*:*:*:*:*:*","matchCriteriaId":"BD25964B-08B7-477E-A507-5FE5EE7CD286"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:ucs_s3260:-:*:*:*:*:*:*:*","matchCriteriaId":"2FDC8A69-0914-44C1-8AEA-262E0A285C81"}]}]}],"references":[{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imc-cmdinj-1865","source":"psirt@cisco.com","tags":["Vendor Advisory"]},{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imc-cmdinj-1865","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}