CVE-2019-1935 (CNNVD-201908-1721)

CRITICAL 有利用代码
中文标题:
Cisco Integrated Management Controller Supervisor、Cisco UCS Director和Cisco UCS Director Express for Big Data 信任管理问题漏洞
英文标题:
Cisco Integrated Management Controller Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data SCP User Default Credentials Vulnerability
CVSS分数: 9.8
发布时间: 2019-08-21 18:25:23
漏洞类型: 信任管理问题
状态: PUBLISHED
数据质量分数: 0.30
数据版本: v4
漏洞描述
中文描述:

Cisco Integrated Management Controller (IMC) Supervisor等都是美国思科(Cisco)公司的产品。Cisco Integrated Management Controller (IMC) Supervisor是一套机架式服务器集中管理系统。Cisco UCS Director是一套私有云基础架构即服务(IaaS)的异构平台。Cisco UCS Director Express for Big Data是一套针对大数据集群的基础架构统一管理平台。 Cisco Integrated Management Controller (IMC) Supervisor、Cisco UCS Director和Cisco UCS Director Express for Big Data中存在信任管理问题漏洞,该漏洞源于设备中所记录的默认账户使用了未记录的默认密码并且程序为该账户进行了不安全的权限设置。远程攻击者可借助该账户利用该漏洞登录到受影响系统的CLI中。以下产品及版本受到影响:Cisco IMC Supervisor 2.1版本,2.2.0.0版本至2.2.0.6版本;Cisco UCS Director 6.0版本,6.5版本,6.6.0.0版本,6.6.1.0版本,6.7.0.0版本,6.7.1.0版本;Cisco UCS Director Express for Big Data 3.0版本,3.5版本,3.6版本,3.7.0.0版本,3.7.1.0版本。

英文描述:

A vulnerability in Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to log in to the CLI of an affected system by using the SCP User account (scpuser), which has default user credentials. The vulnerability is due to the presence of a documented default account with an undocumented default password and incorrect permission settings for that account. Changing the default password for this account is not enforced during the installation of the product. An attacker could exploit this vulnerability by using the account to log in to an affected system. A successful exploit could allow the attacker to execute arbitrary commands with the privileges of the scpuser account. This includes full read and write access to the system's database.

CWE类型:
CWE-798
标签:
remote unix Metasploit
受影响产品
厂商 产品 版本 版本范围 平台 CPE
Cisco Cisco Unified Computing System Director - < 6.7.3.0 - cpe:2.3:a:cisco:cisco_unified_computing_system_director:*:*:*:*:*:*:*:*
cisco integrated_management_controller_supervisor * - - cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*
cisco integrated_management_controller_supervisor 2.1.0.0 - - cpe:2.3:a:cisco:integrated_management_controller_supervisor:2.1.0.0:*:*:*:*:*:*:*
cisco ucs_director 6.0.0.0 - - cpe:2.3:a:cisco:ucs_director:6.0.0.0:*:*:*:*:*:*:*
cisco ucs_director 6.5.0.0 - - cpe:2.3:a:cisco:ucs_director:6.5.0.0:*:*:*:*:*:*:*
cisco ucs_director 6.6.0.0 - - cpe:2.3:a:cisco:ucs_director:6.6.0.0:*:*:*:*:*:*:*
cisco ucs_director 6.6.1.0 - - cpe:2.3:a:cisco:ucs_director:6.6.1.0:*:*:*:*:*:*:*
cisco ucs_director 6.7\(0.0.67265\) - - cpe:2.3:a:cisco:ucs_director:6.7\(0.0.67265\):*:*:*:*:*:*:*
cisco ucs_director 6.7.0.0 - - cpe:2.3:a:cisco:ucs_director:6.7.0.0:*:*:*:*:*:*:*
cisco ucs_director 6.7.1.0 - - cpe:2.3:a:cisco:ucs_director:6.7.1.0:*:*:*:*:*:*:*
cisco ucs_director_express_for_big_data 3.0.0.0 - - cpe:2.3:a:cisco:ucs_director_express_for_big_data:3.0.0.0:*:*:*:*:*:*:*
cisco ucs_director_express_for_big_data 3.5.0.0 - - cpe:2.3:a:cisco:ucs_director_express_for_big_data:3.5.0.0:*:*:*:*:*:*:*
cisco ucs_director_express_for_big_data 3.6.0.0 - - cpe:2.3:a:cisco:ucs_director_express_for_big_data:3.6.0.0:*:*:*:*:*:*:*
cisco ucs_director_express_for_big_data 3.7.0.0 - - cpe:2.3:a:cisco:ucs_director_express_for_big_data:3.7.0.0:*:*:*:*:*:*:*
cisco ucs_director_express_for_big_data 3.7.1.0 - - cpe:2.3:a:cisco:ucs_director_express_for_big_data:3.7.1.0:*:*:*:*:*:*:*
解决方案
中文解决方案:
(暂无数据)
英文解决方案:
(暂无数据)
临时解决方案:
(暂无数据)
参考链接
20190821 Cisco Integrated Management Controller Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data SCP User Default Credentials Vulnerability vendor-advisory
cve.org
访问
20190828 Multiple vulns in Cisco UCS Director: from unauth remote access to code execution as root mailing-list
cve.org
访问
无标题 x_refsource_MISC
cve.org
访问
20190830 Multiple vulns in Cisco UCS Director: from unauth remote access to code execution as root mailing-list
cve.org
访问
无标题 x_refsource_MISC
cve.org
访问
ExploitDB EDB-47346 EXPLOIT
exploitdb
访问
Download Exploit EDB-47346 EXPLOIT
exploitdb
访问
CVE Reference: CVE-2019-1935 ADVISORY
cve.org
访问
CVSS评分详情
3.0 (cna)
CRITICAL
9.8
CVSS向量: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
机密性
HIGH
完整性
HIGH
可用性
HIGH
时间信息
发布时间:
2019-08-21 18:25:23
修改时间:
2024-11-19 19:00:31
创建时间:
2025-11-11 15:35:41
更新时间:
2025-11-11 16:52:06
利用信息
此漏洞有可利用代码!
利用代码数量: 1
利用来源:
未知
数据源详情
数据源 记录ID 版本 提取时间
CVE cve_CVE-2019-1935 2025-11-11 15:20:09 2025-11-11 07:35:41
NVD nvd_CVE-2019-1935 2025-11-11 14:56:25 2025-11-11 07:44:11
CNNVD cnnvd_CNNVD-201908-1721 2025-11-11 15:10:16 2025-11-11 07:54:45
EXPLOITDB exploitdb_EDB-47346 2025-11-11 15:05:48 2025-11-11 08:52:06
版本与语言
当前版本: v4
主要语言: EN
支持语言:
EN ZH
其他标识符:
:
:
安全公告
暂无安全公告信息
变更历史
v4 EXPLOITDB
2025-11-11 16:52:06
references_count: 5 → 8; tags_count: 0 → 3; data_sources: ['cnnvd', 'cve', 'nvd'] → ['cnnvd', 'cve', 'exploitdb', 'nvd']
查看详细变更
  • references_count: 5 -> 8
  • tags_count: 0 -> 3
  • data_sources: ['cnnvd', 'cve', 'nvd'] -> ['cnnvd', 'cve', 'exploitdb', 'nvd']
v3 CNNVD
2025-11-11 15:54:45
vulnerability_type: 未提取 → 信任管理问题; cnnvd_id: 未提取 → CNNVD-201908-1721; data_sources: ['cve', 'nvd'] → ['cnnvd', 'cve', 'nvd']
查看详细变更
  • vulnerability_type: 未提取 -> 信任管理问题
  • cnnvd_id: 未提取 -> CNNVD-201908-1721
  • data_sources: ['cve', 'nvd'] -> ['cnnvd', 'cve', 'nvd']
v2 NVD
2025-11-11 15:44:11
affected_products_count: 1 → 15; data_sources: ['cve'] → ['cve', 'nvd']
查看详细变更
  • affected_products_count: 1 -> 15
  • data_sources: ['cve'] -> ['cve', 'nvd']