CVE-2019-1851

Current Description

A vulnerability in the External RESTful Services (ERS) API of the Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to generate arbitrary certificates signed by the Internal Certificate Authority (CA) Services on ISE. This vulnerability is due to an incorrect implementation of role-based access control (RBAC). An attacker could exploit this vulnerability by crafting a specific HTTP request with administrative credentials. A successful exploit could allow the attacker to generate a certificate that is signed and trusted by the ISE CA with arbitrary attributes. The attacker could use this certificate to access other networks or assets that are protected by certificate authentication.

Basic Data

PublishedMay 16, 2019
Last ModifiedOctober 09, 2019
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeCWE-285
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:L/Au:S/C:N/I:P/A:N
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationSINGLE
CVSS 2 - Confidentiality ImpactNONE
CVSS 2 - Availability ImpactNONE
CVSS 2 - Base Score4.0
SeverityMEDIUM
Exploitability Score8.0
Impact Score2.9
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

CVSS 3 - Version3.0
CVSS 3 - Vector StringCVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
CVSS 3 - Attack VectorNETWORK
CVSS 3 - Attack ComplexityLOW
CVSS 3 - Privileges RequiredHIGH
CVSS 3 - User InteractionNONE
CVSS 3 - ScopeUNCHANGED
CVSS 3 - Confidentiality ImpactNONE
CVSS 3 - Integrity ImpactHIGH
CVSS 3 - Availability ImpactNONE
CVSS 3 - Base Score4.9
CVSS 3 - Base SeverityMEDIUM
Exploitability Score1.2
Base SeverityMEDIUM

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationCiscoIdentity Services Engine2.2(0.470)*******
    2.3ApplicationCiscoIdentity Services Engine2.3(0.298)*******
    2.3ApplicationCiscoIdentity Services Engine2.4(0.357)*******

Vulnerable Software List

VendorProductVersions
Cisco Identity Services Engine 2.2(0.470), 2.3(0.298), 2.4(0.357)

References

NameSourceURLTags
108356http://www.securityfocus.com/bid/108356BIDThird Party Advisory VDB Entry
20190515 Cisco Identity Services Engine Arbitrary Client Certificate Creation Vulnerabilityhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-ise-certcreaCISCOVendor Advisory