CVE-2019-1936

🗓️ 21 Aug 2019 18:25:18Reported by ciscoType

cve🔗 web.nvd.nist.gov👁 158 Views🌐 WEB

A vulnerability in Cisco IMC and UCS Director allows remote command execution as root user

Reporter	Title	Published	Views	Family All 18
0day.today	Cisco UCS Director, Cisco Integrated Management Controller Supervisor - Multiple Vulnerabilities	29 Aug 201900:00	–	zdt
0day.today	Cisco UCS Director Unauthenticated Remote Code Execution Exploit	2 Sep 201900:00	–	zdt
BDU FSTEC	The vulnerability affects the Cisco Integrated Management Controller (IMC) Supervisor web interface, as well as tools for managing physical infrastructure and virtual environments from Cisco UCS Director and Cisco UCS Director Express for Big Data. This allows attackers to execute arbitrary commands.	19 Sep 201900:00	–	bdu_fstec
Circl	CVE-2019-1936	2 Sep 201915:56	–	circl
Cisco	Cisco Integrated Management Controller Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data Command Injection Vulnerability	21 Aug 201916:00	–	cisco
Tenable Nessus	Cisco UCS Director Authentication Bypass (cisco-sa-20190821-imcs-ucs-cmdinj)	24 Sep 201900:00	–	nessus
CNVD	Cisco Integrated Management Controller Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data Input Validation Error Vulnerability	26 Aug 201900:00	–	cnvd
Check Point Advisories	Cisco IMC Supervisor and Cisco UCS Director Command Injection (CVE-2019-1936)	18 Sep 201900:00	–	checkpoint_advisories
Cvelist	CVE-2019-1936 Cisco Integrated Management Controller Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data Command Injection Vulnerability	21 Aug 201918:25	–	cvelist
exploitpack	Cisco UCS Director_ Cisco Integrated Management Controller Supervisor and Cisco UCS Director Express for Big Data - Multiple Vulnerabilities	21 Aug 201900:00	–	exploitpack

NVD

Vulners

Node

cisco integrated_management_controller_supervisorRange2.2.0.0–2.2.0.6

cisco integrated_management_controller_supervisorMatch2.1.0.0

Node

cisco ucs_directorMatch6.0.0.0

cisco ucs_directorMatch6.5.0.0

cisco ucs_directorMatch6.6.0.0

cisco ucs_directorMatch6.6.1.0

cisco ucs_directorMatch6.7(0.0.67265)

cisco ucs_directorMatch6.7.0.0

cisco ucs_directorMatch6.7.1.0

Node

cisco ucs_director_express_for_big_dataMatch3.0.0.0

cisco ucs_director_express_for_big_dataMatch3.5.0.0

cisco ucs_director_express_for_big_dataMatch3.6.0.0

cisco ucs_director_express_for_big_dataMatch3.7.0.0

cisco ucs_director_express_for_big_dataMatch3.7.1.0

[
  {
    "product": "Cisco Unified Computing System Director",
    "vendor": "Cisco",
    "versions": [
      {
        "lessThan": "6.7.3.0",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
seclists	www.seclists.org/fulldisclosure/2019/Aug/36
seclists	www.seclists.org/bugtraq/2019/Aug/49
tools	www.tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imcs-ucs-cmdinj
packetstormsecurity	www.packetstormsecurity.com/files/154308/Cisco-UCS-Director-Unauthenticated-Remote-Code-Execution.html
packetstormsecurity	www.packetstormsecurity.com/files/154239/Cisco-UCS-IMC-Supervisor-Authentication-Bypass-Command-Injection.html

Parameter	Position	Path	Description	CWE
apiName	path	app/ui/ClientServlet	Endpoint used to submit admin operations, including a payload leading to command execution as root (post-auth bypass enabled flow).	CWE-20
serviceName	path	app/ui/ClientServlet	Endpoint used to submit admin operations, including a payload leading to command execution as root (post-auth bypass enabled flow).	CWE-20
opName	path	app/ui/ClientServlet	Endpoint used to submit admin operations, including a payload leading to command execution as root (post-auth bypass enabled flow).	CWE-20
opData	path	app/ui/ClientServlet	Endpoint used to submit admin operations, including a payload leading to command execution as root (post-auth bypass enabled flow).	CWE-20

17 Jun 2026 02:29Current

7.3High risk

Vulners AI Score7.3

CVSS 3.17.2

CVSS 29

CVSS 37.2

EPSS0.39475

SSVC

CWE-20