CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-1907

A vulnerability in the web server of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to set sensitive configuration values and gain elevated privileges. The vulnerability is due to improper handling of substring comparison operations that are performed by the affected software. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected software. A successful exploit could allow the attacker with read-only privileges to gain administrator privileges.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 37.6%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.5

References

Products affected by CVE-2019-1907

Cisco » Integrated Management Controller Supervisor » Version: 1.0.0.0

cpe:2.3:a:cisco:integrated_management_controller_supervisor:1.0.0.0
Cisco » Integrated Management Controller Supervisor » Version: 1.0.0.1

cpe:2.3:a:cisco:integrated_management_controller_supervisor:1.0.0.1
Cisco » Integrated Management Controller Supervisor » Version: 1.1.0.0

cpe:2.3:a:cisco:integrated_management_controller_supervisor:1.1.0.0
Cisco » Integrated Management Controller Supervisor » Version: 1.5(1b)

cpe:2.3:a:cisco:integrated_management_controller_supervisor:1.5(1b)
Cisco » Integrated Management Controller Supervisor » Version: 1.5(1f)

cpe:2.3:a:cisco:integrated_management_controller_supervisor:1.5(1f)
Cisco » Integrated Management Controller Supervisor » Version: 1.5(1j)

cpe:2.3:a:cisco:integrated_management_controller_supervisor:1.5(1j)
Cisco » Integrated Management Controller Supervisor » Version: 1.5(1k)

cpe:2.3:a:cisco:integrated_management_controller_supervisor:1.5(1k)
Cisco » Integrated Management Controller Supervisor » Version: 1.5(1l)

cpe:2.3:a:cisco:integrated_management_controller_supervisor:1.5(1l)
Cisco » Integrated Management Controller Supervisor » Version: 1.5(2)

cpe:2.3:a:cisco:integrated_management_controller_supervisor:1.5(2)
Cisco » Integrated Management Controller Supervisor » Version: 1.5(2)3

cpe:2.3:a:cisco:integrated_management_controller_supervisor:1.5(2)3
Cisco » Integrated Management Controller Supervisor » Version: 1.5(3d)

cpe:2.3:a:cisco:integrated_management_controller_supervisor:1.5(3d)
Cisco » Integrated Management Controller Supervisor » Version: 1.5(3g)

cpe:2.3:a:cisco:integrated_management_controller_supervisor:1.5(3g)
Cisco » Integrated Management Controller Supervisor » Version: 1.5(3h)1

cpe:2.3:a:cisco:integrated_management_controller_supervisor:1.5(3h)1
Cisco » Integrated Management Controller Supervisor » Version: 1.5(4)3

cpe:2.3:a:cisco:integrated_management_controller_supervisor:1.5(4)3
Cisco » Integrated Management Controller Supervisor » Version: 1.5(4g)

cpe:2.3:a:cisco:integrated_management_controller_supervisor:1.5(4g)
Cisco » Integrated Management Controller Supervisor » Version: 1.5(5)

cpe:2.3:a:cisco:integrated_management_controller_supervisor:1.5(5)
Cisco » Integrated Management Controller Supervisor » Version: 1.5(7a)2

cpe:2.3:a:cisco:integrated_management_controller_supervisor:1.5(7a)2
Cisco » Integrated Management Controller Supervisor » Version: 1.5(7c)2

cpe:2.3:a:cisco:integrated_management_controller_supervisor:1.5(7c)2
Cisco » Integrated Management Controller Supervisor » Version: 1.5(7e)

cpe:2.3:a:cisco:integrated_management_controller_supervisor:1.5(7e)
Cisco » Integrated Management Controller Supervisor » Version: 1.5(7f)

cpe:2.3:a:cisco:integrated_management_controller_supervisor:1.5(7f)
Cisco » Integrated Management Controller Supervisor » Version: 1.5(9g)

cpe:2.3:a:cisco:integrated_management_controller_supervisor:1.5(9g)
Cisco » Integrated Management Controller Supervisor » Version: 1.5.0.0

cpe:2.3:a:cisco:integrated_management_controller_supervisor:1.5.0.0
Cisco » Integrated Management Controller Supervisor » Version: 2.0(13o)

cpe:2.3:a:cisco:integrated_management_controller_supervisor:2.0(13o)
Cisco » Integrated Management Controller Supervisor » Version: 2.0.0.0

cpe:2.3:a:cisco:integrated_management_controller_supervisor:2.0.0.0
Cisco » Integrated Management Controller Supervisor » Version: 2.1(0.0)

cpe:2.3:a:cisco:integrated_management_controller_supervisor:2.1(0.0)
Cisco » Integrated Management Controller Supervisor » Version: 2.1(0.2)

cpe:2.3:a:cisco:integrated_management_controller_supervisor:2.1(0.2)
Cisco » Integrated Management Controller Supervisor » Version: 2.1.0.0

cpe:2.3:a:cisco:integrated_management_controller_supervisor:2.1.0.0
Cisco » Integrated Management Controller Supervisor » Version: 2.1.0.1

cpe:2.3:a:cisco:integrated_management_controller_supervisor:2.1.0.1
Cisco » Integrated Management Controller Supervisor » Version: 2.1.0.2

cpe:2.3:a:cisco:integrated_management_controller_supervisor:2.1.0.2
Cisco » Integrated Management Controller Supervisor » Version: 2.2(0.2)

cpe:2.3:a:cisco:integrated_management_controller_supervisor:2.2(0.2)
Cisco » Integrated Management Controller Supervisor » Version: 2.2.0.0

cpe:2.3:a:cisco:integrated_management_controller_supervisor:2.2.0.0
Cisco » Integrated Management Controller Supervisor » Version: 2.2.0.1

cpe:2.3:a:cisco:integrated_management_controller_supervisor:2.2.0.1
Cisco » Integrated Management Controller Supervisor » Version: 2.2.0.2

cpe:2.3:a:cisco:integrated_management_controller_supervisor:2.2.0.2
Cisco » Integrated Management Controller Supervisor » Version: 2.2.0.3

cpe:2.3:a:cisco:integrated_management_controller_supervisor:2.2.0.3
Cisco » Integrated Management Controller Supervisor » Version: 2.2.0.4

cpe:2.3:a:cisco:integrated_management_controller_supervisor:2.2.0.4
Cisco » Integrated Management Controller Supervisor » Version: 2.2.0.5

cpe:2.3:a:cisco:integrated_management_controller_supervisor:2.2.0.5
Cisco » Integrated Management Controller Supervisor » Version: 2.2.0.6

cpe:2.3:a:cisco:integrated_management_controller_supervisor:2.2.0.6
Cisco » Integrated Management Controller Supervisor » Version: 2.2.1.0

cpe:2.3:a:cisco:integrated_management_controller_supervisor:2.2.1.0
Cisco » Integrated Management Controller Supervisor » Version: 2.2.1.3

cpe:2.3:a:cisco:integrated_management_controller_supervisor:2.2.1.3
Cisco » Integrated Management Controller Supervisor » Version: 3.0(1c)

cpe:2.3:a:cisco:integrated_management_controller_supervisor:3.0(1c)
Cisco » Integrated Management Controller Supervisor » Version: 3.0(4k)

cpe:2.3:a:cisco:integrated_management_controller_supervisor:3.0(4k)
Cisco » Integrated Management Controller Supervisor » Version: 3.0.0.0

cpe:2.3:a:cisco:integrated_management_controller_supervisor:3.0.0.0
Cisco » Integrated Management Controller Supervisor » Version: 4.0(1a)

cpe:2.3:a:cisco:integrated_management_controller_supervisor:4.0(1a)
Cisco » Integrated Management Controller Supervisor » Version: 4.0(1b)

cpe:2.3:a:cisco:integrated_management_controller_supervisor:4.0(1b)
Cisco » Integrated Management Controller Supervisor » Version: 4.0(1c)

cpe:2.3:a:cisco:integrated_management_controller_supervisor:4.0(1c)
Cisco » Integrated Management Controller Supervisor » Version: 4.0(1d)

cpe:2.3:a:cisco:integrated_management_controller_supervisor:4.0(1d)
Cisco » Integrated Management Controller Supervisor » Version: 4.0(2c)

cpe:2.3:a:cisco:integrated_management_controller_supervisor:4.0(2c)
Cisco » Integrated Management Controller Supervisor » Version: 4.0(2f)

cpe:2.3:a:cisco:integrated_management_controller_supervisor:4.0(2f)
Cisco » Unified Computing System » Version: 4.0(1c)hs3

cpe:2.3:a:cisco:unified_computing_system:4.0(1c)hs3
Cisco » Ucs C125 M5 » Version: N/A

cpe:2.3:h:cisco:ucs_c125_m5:-
Cisco » Ucs C4200 » Version: N/A

cpe:2.3:h:cisco:ucs_c4200:-
Cisco » Ucs S3260 » Version: N/A

cpe:2.3:h:cisco:ucs_s3260:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-1907

Products

Pricing

Contact Us