Vulnerabilites related to Cisco - Cisco Directory Connector
CVE-2019-1794 (GCVE-0-2019-1794)
Vulnerability from cvelistv5
Published
2019-04-18 00:35
Modified
2024-11-21 19:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
A vulnerability in the search path processing of Cisco Directory Connector could allow an authenticated, local attacker to load a binary of their choosing. The vulnerability is due to uncontrolled search path elements. An attacker could exploit this vulnerability by placing a binary of their choosing earlier in the search path utilized by Cisco Directory Connector to locate and load required resources.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Directory Connector |
Version: 2.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:28:42.890Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190417 Cisco Directory Connector Search Order Hijacking Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-cdc-hijack"
},
{
"name": "108032",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/108032"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1794",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-21T18:59:25.912131Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T19:38:39.439Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Directory Connector",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "2.2"
}
]
}
],
"datePublic": "2019-04-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the search path processing of Cisco Directory Connector could allow an authenticated, local attacker to load a binary of their choosing. The vulnerability is due to uncontrolled search path elements. An attacker could exploit this vulnerability by placing a binary of their choosing earlier in the search path utilized by Cisco Directory Connector to locate and load required resources."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "CWE-427",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-23T09:06:05",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190417 Cisco Directory Connector Search Order Hijacking Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-cdc-hijack"
},
{
"name": "108032",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/108032"
}
],
"source": {
"advisory": "cisco-sa-20190417-cdc-hijack",
"defect": [
[
"CSCvk22605"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Directory Connector Search Order Hijacking Vulnerability",
"workarounds": [
{
"lang": "en",
"value": "To ensure that supporting dynamic link libraries (DLLs) are loaded from system locations prior to the user\u0027s current working directory, an administrator can verify SafeDLLSearchMode is enabled in the Windows Registry. This process is outlined in Deployment Guide for Cisco Directory Connector. Warning: Incorrectly modifying the system registry of a Microsoft Windows-based device may cause serious problems. Neither Cisco nor Microsoft can guarantee that problems that may result from improper registry modification, either from applying registry changes via a .reg file or by using the Registry Editor, can be resolved. Modify the registry of a system at the user\u0027s own risk."
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-04-17T16:00:00-0700",
"ID": "CVE-2019-1794",
"STATE": "PUBLIC",
"TITLE": "Cisco Directory Connector Search Order Hijacking Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Directory Connector",
"version": {
"version_data": [
{
"version_value": "2.2"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the search path processing of Cisco Directory Connector could allow an authenticated, local attacker to load a binary of their choosing. The vulnerability is due to uncontrolled search path elements. An attacker could exploit this vulnerability by placing a binary of their choosing earlier in the search path utilized by Cisco Directory Connector to locate and load required resources."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "5.1",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-427"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190417 Cisco Directory Connector Search Order Hijacking Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-cdc-hijack"
},
{
"name": "108032",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/108032"
}
]
},
"source": {
"advisory": "cisco-sa-20190417-cdc-hijack",
"defect": [
[
"CSCvk22605"
]
],
"discovery": "INTERNAL"
},
"work_around": [
{
"lang": "en",
"value": "To ensure that supporting dynamic link libraries (DLLs) are loaded from system locations prior to the user\u0027s current working directory, an administrator can verify SafeDLLSearchMode is enabled in the Windows Registry. This process is outlined in Deployment Guide for Cisco Directory Connector. Warning: Incorrectly modifying the system registry of a Microsoft Windows-based device may cause serious problems. Neither Cisco nor Microsoft can guarantee that problems that may result from improper registry modification, either from applying registry changes via a .reg file or by using the Registry Editor, can be resolved. Modify the registry of a system at the user\u0027s own risk."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1794",
"datePublished": "2019-04-18T00:35:18.813610Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-21T19:38:39.439Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}