VDB
CVE-2019-1861
CVE-2019-1861
PUBLISHED
CVSS 7.199999809265137 HIGH
A vulnerability in the software update feature of Cisco Industrial Network Director could allow an authenticated, remote attacker to execute arbitrary code. The vulnerability is due to improper validation of files uploaded to the affected application. An attacker could exploit this vulnerability by authenticating to the affected system using administrator privileges and uploading an arbitrary file. A successful exploit could allow the attacker to execute arbitrary code with elevated privileges.
EPSS 1.26% · 79.8th percentile
Risk Scores
CVSS 3.0
7.199999809265137
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS Score
1.26%
79.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | TelePresence VCS | |
| Cisco | Unified Communications Manager | |
| Cisco | Cisco Industrial Network Director | unspecified |
| Cisco | N/A | |
| cisco | industrial_network_director | 0 |
Exploit Intelligence
Timeline
- Jun 5, 2019 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
- Jan 8, 2023 EPSS Score