CVE-2019-12651
Summary
| CVE | CVE-2019-12651 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2019-09-25 20:15:00 UTC |
| Updated | 2019-10-09 23:45:00 UTC |
| Description | Multiple vulnerabilities in the web-based user interface (Web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker to execute commands with elevated privileges on the affected device. For more information about these vulnerabilities, see the Details section of this advisory. |
Risk And Classification
Problem Types: CWE-78
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Cisco | Cloud Services Router 1000v | - | All | All | All |
| Hardware | Cisco | Cloud Services Router 1000v | - | All | All | All |
| Operating System | Cisco | Cloud Services Router 1000v Firmware | 17.1.1 | All | All | All |
| Operating System | Cisco | Cloud Services Router 1000v Firmware | 17.1.1 | All | All | All |
| Hardware | Cisco | Integrated Services Virtual Router | - | All | All | All |
| Hardware | Cisco | Integrated Services Virtual Router | - | All | All | All |
| Operating System | Cisco | Integrated Services Virtual Router Firmware | 16.6.5 | All | All | All |
| Operating System | Cisco | Integrated Services Virtual Router Firmware | 16.6.5 | All | All | All |
| Operating System | Cisco | Ios | 16.11.1 | All | All | All |
| Operating System | Cisco | Ios | 16.11.1 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Cisco IOS XE Software Web UI Command Injection Vulnerabilities | CISCO | tools.cisco.com | Mitigation, Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.