Cisco Unified Computing System Smart Call Home Input Validation Vulnerability (CSCtl00186)
2014-02-18T00:00:00
ID CISCO-SN-CSCTL00186-UCS.NASL Type nessus Reporter This script is Copyright (C) 2014-2018 Tenable Network Security, Inc. Modified 2021-02-02T00:00:00
Description
A vulnerability in Cisco Unified Computing System (UCS) Manager could
allow an authenticated, local attacker to trigger a denial of service
(DoS) condition.
The vulnerability is due to improper input validation. An attacker
could exploit this vulnerability by configuring an invalid contact
address for the Smart Call Home functionality. Successful exploitation
could allow the attacker to trigger a DoS condition.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text in this plugin was extracted from Cisco
# Security Notice CVE-2012-4093. The text itself is
# copyright (C) Cisco.
#
include("compat.inc");
if (description)
{
script_id(72559);
script_version("1.3");
script_cvs_date("Date: 2018/11/15 20:50:20");
script_cve_id("CVE-2012-4093");
script_bugtraq_id(62456);
script_xref(name:"CISCO-BUG-ID", value:"CSCtl00186");
script_name(english:"Cisco Unified Computing System Smart Call Home Input Validation Vulnerability (CSCtl00186)");
script_summary(english:"Checks the UCS version");
script_set_attribute(attribute:"synopsis", value:"The remote device is missing a vendor-supplied security patch.");
script_set_attribute(
attribute:"description",
value:
"A vulnerability in Cisco Unified Computing System (UCS) Manager could
allow an authenticated, local attacker to trigger a denial of service
(DoS) condition.
The vulnerability is due to improper input validation. An attacker
could exploit this vulnerability by configuring an invalid contact
address for the Smart Call Home functionality. Successful exploitation
could allow the attacker to trigger a DoS condition."
);
# https://tools.cisco.com/security/center/viewAlert.x?alertId=30859
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?4a1adaec");
script_set_attribute(attribute:"solution", value:"Apply the relevant patch referenced in Cisco Bug Id CSCtl00186.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/h:cisco:unified_computing_system");
script_set_attribute(attribute:"vuln_publication_date", value:"2013/09/17");
script_set_attribute(attribute:"patch_publication_date", value:"2013/09/17");
script_set_attribute(attribute:"plugin_publication_date", value:"2014/02/18");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.");
script_family(english:"CISCO");
script_dependencies("cisco_ucs_manager_version.nasl");
script_require_keys("www/cisco_ucs_manager");
script_require_ports("Services/www", 80);
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("http.inc");
include("webapp_func.inc");
port = get_http_port(default:80);
install = get_install_from_kb(appname:'cisco_ucs_manager', port:port, exit_on_fail:TRUE);
url = build_url(qs:install['dir'] + '/', port:port);
version = install['ver'];
if (version == UNKNOWN_VER) audit(AUDIT_UNKNOWN_WEB_SERVER_VER, 'Cisco UCS Manager', port);
match = eregmatch(pattern:"^([0-9.]+)\(([^)]+)\)", string:version);
if (isnull(match)) exit(1, "Failed to parse the version of Cisco UCS Manager installed at <"+url+">.");
major = match[1];
build = match[2];
fix = "";
if (
(major == '1.0' && build =~ '^(|Base|2k)$') ||
(major == '1.1' && build =~ '^(|Base|1m)$') ||
(major == '1.2' && build =~ '^(|Base|1d)$') ||
(major == '1.3' && build =~ '^(|Base|1c|1m|1n|1o|1p|1q|1t|1w|1y|0.100)$') ||
(major == '1.4' && build =~ '^(|Base|1i|1j|1m|3i|3l|3m|3q|3s|3u|3y|4f|4g|4i|4j|4k|0.1)$') ||
(major == '2.0' && build =~ '^(|Base)$')
)
{
if (report_verbosity > 0)
{
report =
'\n URL : ' + url +
'\n Installed version : ' + version +
'\n Fixed version : 2.0(1m)' +
'\n';
security_warning(port:port, extra:report);
}
else security_warning(port);
}
else audit(AUDIT_WEB_APP_NOT_AFFECTED, 'Cisco UCS Manager', url, version);
{"id": "CISCO-SN-CSCTL00186-UCS.NASL", "bulletinFamily": "scanner", "title": "Cisco Unified Computing System Smart Call Home Input Validation Vulnerability (CSCtl00186)", "description": "A vulnerability in Cisco Unified Computing System (UCS) Manager could\nallow an authenticated, local attacker to trigger a denial of service\n(DoS) condition. \n\nThe vulnerability is due to improper input validation. An attacker\ncould exploit this vulnerability by configuring an invalid contact\naddress for the Smart Call Home functionality. Successful exploitation\ncould allow the attacker to trigger a DoS condition.", "published": "2014-02-18T00:00:00", "modified": "2021-02-02T00:00:00", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:S/C:N/I:N/A:C"}, "href": "https://www.tenable.com/plugins/nessus/72559", "reporter": "This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.", "references": ["http://www.nessus.org/u?4a1adaec"], "cvelist": ["CVE-2012-4093"], "type": "nessus", "lastseen": "2021-02-01T01:38:02", "edition": 25, "viewCount": 8, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2012-4093"]}, {"type": "cisco", "idList": ["CISCO-SA-20130918-CVE-2012-4093"]}], "modified": "2021-02-01T01:38:02", "rev": 2}, "score": {"value": 6.3, "vector": "NONE", "modified": "2021-02-01T01:38:02", "rev": 2}, "vulnersScore": 6.3}, "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text in this plugin was extracted from Cisco\n# Security Notice CVE-2012-4093. The text itself is\n# copyright (C) Cisco.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(72559);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2018/11/15 20:50:20\");\n\n script_cve_id(\"CVE-2012-4093\");\n script_bugtraq_id(62456);\n script_xref(name:\"CISCO-BUG-ID\", value:\"CSCtl00186\");\n\n script_name(english:\"Cisco Unified Computing System Smart Call Home Input Validation Vulnerability (CSCtl00186)\");\n script_summary(english:\"Checks the UCS version\");\n\n script_set_attribute(attribute:\"synopsis\", value:\"The remote device is missing a vendor-supplied security patch.\");\n script_set_attribute(\n attribute:\"description\",\n value:\n\"A vulnerability in Cisco Unified Computing System (UCS) Manager could\nallow an authenticated, local attacker to trigger a denial of service\n(DoS) condition. \n\nThe vulnerability is due to improper input validation. An attacker\ncould exploit this vulnerability by configuring an invalid contact\naddress for the Smart Call Home functionality. Successful exploitation\ncould allow the attacker to trigger a DoS condition.\"\n );\n # https://tools.cisco.com/security/center/viewAlert.x?alertId=30859\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?4a1adaec\");\n script_set_attribute(attribute:\"solution\", value:\"Apply the relevant patch referenced in Cisco Bug Id CSCtl00186.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:cisco:unified_computing_system\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/09/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/09/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/02/18\");\n\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n script_family(english:\"CISCO\");\n\n script_dependencies(\"cisco_ucs_manager_version.nasl\");\n script_require_keys(\"www/cisco_ucs_manager\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\nport = get_http_port(default:80);\ninstall = get_install_from_kb(appname:'cisco_ucs_manager', port:port, exit_on_fail:TRUE);\n\nurl = build_url(qs:install['dir'] + '/', port:port);\nversion = install['ver'];\n\nif (version == UNKNOWN_VER) audit(AUDIT_UNKNOWN_WEB_SERVER_VER, 'Cisco UCS Manager', port);\n\nmatch = eregmatch(pattern:\"^([0-9.]+)\\(([^)]+)\\)\", string:version);\nif (isnull(match)) exit(1, \"Failed to parse the version of Cisco UCS Manager installed at <\"+url+\">.\");\n\nmajor = match[1];\nbuild = match[2];\nfix = \"\";\n\nif (\n (major == '1.0' && build =~ '^(|Base|2k)$') ||\n (major == '1.1' && build =~ '^(|Base|1m)$') ||\n (major == '1.2' && build =~ '^(|Base|1d)$') ||\n (major == '1.3' && build =~ '^(|Base|1c|1m|1n|1o|1p|1q|1t|1w|1y|0.100)$') ||\n (major == '1.4' && build =~ '^(|Base|1i|1j|1m|3i|3l|3m|3q|3s|3u|3y|4f|4g|4i|4j|4k|0.1)$') ||\n (major == '2.0' && build =~ '^(|Base)$')\n)\n{ \n if (report_verbosity > 0)\n {\n report =\n '\\n URL : ' + url +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 2.0(1m)' + \n '\\n';\n security_warning(port:port, extra:report);\n }\n else security_warning(port);\n}\nelse audit(AUDIT_WEB_APP_NOT_AFFECTED, 'Cisco UCS Manager', url, version);\n", "naslFamily": "CISCO", "pluginID": "72559", "cpe": ["cpe:/h:cisco:unified_computing_system"], "scheme": null}
{"cve": [{"lastseen": "2021-02-02T05:59:53", "description": "The Manager component in Cisco Unified Computing System (UCS) allows local users to cause a denial of service via an invalid Smart Call Home contact address, aka Bug ID CSCtl00186.", "edition": 4, "cvss3": {}, "published": "2013-09-20T16:55:00", "title": "CVE-2012-4093", "type": "cve", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4093"], "modified": "2016-09-22T14:27:00", "cpe": ["cpe:/h:cisco:unified_computing_system:-"], "id": "CVE-2012-4093", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4093", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:S/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:h:cisco:unified_computing_system:-:*:*:*:*:*:*:*"]}], "cisco": [{"lastseen": "2020-12-24T11:41:51", "bulletinFamily": "software", "cvelist": ["CVE-2012-4093"], "description": "A vulnerability in Cisco Unified Computing System (UCS) Manager could\nallow an authenticated, local attacker to trigger a denial of service (DoS) condition.\n\nThe\nvulnerability is due to improper input validation. An attacker could\nexploit this vulnerability by configuring an invalid contact address for\nthe Smart Call Home functionality. A successful exploit could allow the\nattacker to trigger a DoS condition.\n\nCisco has confirmed the vulnerability in a security notice and released software updates.\n\nTo exploit this vulnerability, an attacker would need to authenticate and have local access to the targeted device. These access requirements may limit the likelihood of a successful exploit.\n\nCisco indicates through the CVSS score that functional exploit code exists; however, the code is not known to be publicly available.", "modified": "2013-09-18T13:57:56", "published": "2013-09-18T13:58:05", "id": "CISCO-SA-20130918-CVE-2012-4093", "href": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20130918-CVE-2012-4093", "type": "cisco", "title": "Cisco Unified Computing System Smart Call Home Input Validation Vulnerability ", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:S/C:N/I:N/A:C"}}]}
