{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T20:01:02.687","vulnerabilities":[{"cve":{"id":"CVE-2019-1935","sourceIdentifier":"psirt@cisco.com","published":"2019-08-21T19:15:15.277","lastModified":"2024-11-21T04:37:43.173","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to log in to the CLI of an affected system by using the SCP User account (scpuser), which has default user credentials. The vulnerability is due to the presence of a documented default account with an undocumented default password and incorrect permission settings for that account. Changing the default password for this account is not enforced during the installation of the product. An attacker could exploit this vulnerability by using the account to log in to an affected system. A successful exploit could allow the attacker to execute arbitrary commands with the privileges of the scpuser account. This includes full read and write access to the system's database."},{"lang":"es","value":"Una vulnerabilidad en Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, y Cisco UCS Director Express for Big Data podría permitir que un atacante remoto no autenticado inicie sesión en la CLI de un sistema afectado utilizando la cuenta de usuario SCP (scpuser) , que tiene credenciales de usuario predeterminadas. La vulnerabilidad se debe a la presencia de una cuenta predeterminada documentada con una contraseña predeterminada no documentada y una configuración de permisos incorrecta para esa cuenta. El cambio de la contraseña predeterminada para esta cuenta no se aplica durante la instalación del producto. Un atacante podría aprovechar esta vulnerabilidad utilizando la cuenta para iniciar sesión en un sistema afectado. Una explotación exitosa podría permitir al atacante ejecutar comandos arbitrarios con los privilegios de la cuenta scpuser. Esto incluye acceso completo de lectura y escritura a la base de datos del sistema."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV30":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","baseScore":10.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-798"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-798"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*","versionStartIncluding":"2.2.0.0","versionEndIncluding":"2.2.0.6","matchCriteriaId":"B97B4B36-28E2-4550-B766-BA10DE00A33D"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:integrated_management_controller_supervisor:2.1.0.0:*:*:*:*:*:*:*","matchCriteriaId":"512DAB16-F482-424A-AC39-69977B775AA4"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:ucs_director:6.0.0.0:*:*:*:*:*:*:*","matchCriteriaId":"F5F6460C-AD67-4B0A-A900-798E7A2A92C3"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:ucs_director:6.5.0.0:*:*:*:*:*:*:*","matchCriteriaId":"1DB174AA-261E-4252-AF4E-463EB72309D2"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:ucs_director:6.6.0.0:*:*:*:*:*:*:*","matchCriteriaId":"F95E9D60-7976-4CFB-B36B-0BC6675FA383"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:ucs_director:6.6.1.0:*:*:*:*:*:*:*","matchCriteriaId":"4E99B2DD-0E27-42FE-AE41-BE9FE8E78D4F"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:ucs_director:6.7\\(0.0.67265\\):*:*:*:*:*:*:*","matchCriteriaId":"DDB592A9-56F6-422A-9698-09AFB96BE298"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:ucs_director:6.7.0.0:*:*:*:*:*:*:*","matchCriteriaId":"53FB8D53-BF77-443F-947A-79A6268CCC5B"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:ucs_director:6.7.1.0:*:*:*:*:*:*:*","matchCriteriaId":"D16313A1-5D0B-4C91-B476-A9352A11AEE4"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:ucs_director_express_for_big_data:3.0.0.0:*:*:*:*:*:*:*","matchCriteriaId":"93BE2DF4-CD88-407C-BDF6-ADD6001E3822"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:ucs_director_express_for_big_data:3.5.0.0:*:*:*:*:*:*:*","matchCriteriaId":"8D361A6E-1F55-4CB0-97A3-A96042E7AFB8"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:ucs_director_express_for_big_data:3.6.0.0:*:*:*:*:*:*:*","matchCriteriaId":"451ABC79-936F-469E-B1D8-ADB3EDCA52F3"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:ucs_director_express_for_big_data:3.7.0.0:*:*:*:*:*:*:*","matchCriteriaId":"0D842353-38D3-4F67-BAAC-EFEBDA7511D6"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:ucs_director_express_for_big_data:3.7.1.0:*:*:*:*:*:*:*","matchCriteriaId":"C4B9E1E3-F91D-4EB6-B7FA-8BC72DC38006"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/154239/Cisco-UCS-IMC-Supervisor-Authentication-Bypass-Command-Injection.html","source":"psirt@cisco.com","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"http://packetstormsecurity.com/files/154305/Cisco-UCS-Director-Default-scpuser-Password.html","source":"psirt@cisco.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://seclists.org/fulldisclosure/2019/Aug/36","source":"psirt@cisco.com","tags":["Mailing List","Third Party Advisory"]},{"url":"https://seclists.org/bugtraq/2019/Aug/49","source":"psirt@cisco.com","tags":["Exploit","Mailing List","Third Party Advisory"]},{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imcs-usercred","source":"psirt@cisco.com","tags":["Vendor Advisory"]},{"url":"http://packetstormsecurity.com/files/154239/Cisco-UCS-IMC-Supervisor-Authentication-Bypass-Command-Injection.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"http://packetstormsecurity.com/files/154305/Cisco-UCS-Director-Default-scpuser-Password.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://seclists.org/fulldisclosure/2019/Aug/36","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://seclists.org/bugtraq/2019/Aug/49","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Mailing List","Third Party Advisory"]},{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imcs-usercred","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}