CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-1861

A vulnerability in the software update feature of Cisco Industrial Network Director could allow an authenticated, remote attacker to execute arbitrary code. The vulnerability is due to improper validation of files uploaded to the affected application. An attacker could exploit this vulnerability by authenticating to the affected system using administrator privileges and uploading an arbitrary file. A successful exploit could allow the attacker to execute arbitrary code with elevated privileges.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.024

EPSS Ranking 84.5%

CVSS Severity

CVSS v3 Score 7.2

CVSS v2 Score 9.0

References

Products affected by CVE-2019-1861

Cisco » Industrial Network Director » Version: 1.0.0

cpe:2.3:a:cisco:industrial_network_director:1.0.0
Cisco » Industrial Network Director » Version: 1.1(0.176)

cpe:2.3:a:cisco:industrial_network_director:1.1(0.176)
Cisco » Industrial Network Director » Version: 1.1.0

cpe:2.3:a:cisco:industrial_network_director:1.1.0
Cisco » Industrial Network Director » Version: 1.2.0

cpe:2.3:a:cisco:industrial_network_director:1.2.0
Cisco » Industrial Network Director » Version: 1.3.0

cpe:2.3:a:cisco:industrial_network_director:1.3.0
Cisco » Industrial Network Director » Version: 1.4.0

cpe:2.3:a:cisco:industrial_network_director:1.4.0
Cisco » Industrial Network Director » Version: 1.5(0.250)

cpe:2.3:a:cisco:industrial_network_director:1.5(0.250)
Cisco » Industrial Network Director » Version: 1.5.0

cpe:2.3:a:cisco:industrial_network_director:1.5.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-1861

Products

Pricing

Contact Us