CVE-2019-15958: Cisco Prime Infrastructure and Evolved Programmable Network Manager Remote Code Execution Vulnerability
First published: Tue Nov 26 2019(Updated: )
A vulnerability in the REST API of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network Manager (EPNM) could allow an unauthenticated remote attacker to execute arbitrary code with root privileges on the underlying operating system. The vulnerability is due to insufficient input validation during the initial High Availability (HA) configuration and registration process of an affected device. An attacker could exploit this vulnerability by uploading a malicious file during the HA registration period. A successful exploit could allow the attacker to execute arbitrary code with root-level privileges on the underlying operating system. Note: This vulnerability can only be exploited during the HA registration period. See the Details section for more information.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Prime Infrastructure | <3.4.2 | |
| Cisco Prime Infrastructure | >=3.5<3.5.1 | |
| Cisco Prime Infrastructure | =3.6 | |
| Cisco Evolved Programmable Network Manager | <3.0.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2019-15958?
CVE-2019-15958 is a vulnerability in the REST API of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network Manager (EPNM) that could allow an unauthenticated remote attacker to execute arbitrary code with root privileges on the underlying operating system.
How severe is CVE-2019-15958?
CVE-2019-15958 has a severity rating of 9.8, which is classified as critical.
Which software products are affected by CVE-2019-15958?
Cisco Prime Infrastructure (PI) versions 3.4.2, 3.5.0, and 3.5.1, as well as Cisco Evolved Programmable Network Manager (EPNM) version 3.0.2 are affected by CVE-2019-15958.
How can an attacker exploit CVE-2019-15958?
An unauthenticated remote attacker can exploit CVE-2019-15958 by sending a specially crafted request to the vulnerable REST API, allowing them to execute arbitrary code with root privileges.
Is there a fix available for CVE-2019-15958?
Yes, Cisco has released a security advisory with fixes and mitigations for CVE-2019-15958. Please refer to the official Cisco Security Advisory for specific details.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/title
- agent/last-modified-date
- agent/author
- agent/references
- agent/first-publish-date
- agent/tags
- agent/event
- agent/description
- vendor/cisco
- canonical/cisco prime infrastructure
- version/cisco prime infrastructure/3.5
- version/cisco prime infrastructure/3.6
- canonical/cisco evolved programmable network manager