A vulnerability in the Import Cisco IMC configuration utility of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition and implement arbitrary commands with root privileges on an affected device. The vulnerability is due to improper bounds checking by the import-config process. An attacker could exploit this vulnerability by sending malicious packets to an affected device. When the packets are processed, an exploitable buffer overflow condition may occur. A successful exploit could allow the attacker to implement arbitrary code on the affected device with elevated privileges.
Metrics
Affected Vendors & Products
References
History
Wed, 20 Nov 2024 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: cisco
Published: 2019-08-21T18:15:13.566393Z
Updated: 2024-11-20T17:12:13.465Z
Reserved: 2018-12-06T00:00:00
Link: CVE-2019-1871
Vulnrichment
Updated: 2024-08-04T18:28:42.971Z
NVD
Status : Modified
Published: 2019-08-21T19:15:14.480
Modified: 2024-11-21T04:37:34.953
Link: CVE-2019-1871
Redhat
No data.