CVE-2019-1911 — Vulnetix

CVE-2019-1911 PUBLISHED CVSS 5.300000190734863 MEDIUM

A vulnerability in the CLI of Cisco Unified Communications Domain Manager (Cisco Unified CDM) Software could allow an authenticated, local attacker to escape the restricted shell. The vulnerability is due to insufficient input validation of shell commands. An attacker could exploit this vulnerability by executing crafted commands in the shell. A successful exploit could allow the attacker to escape the restricted shell and access commands in the context of the restricted shell user, which does not have root privileges.

EPSS 0.05% · 17.5th percentile

Risk Scores

CVSS 3.0

5.300000190734863

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

EPSS Score

0.05%

17.5th percentile

Affected Products

Vendor	Product	Versions
Cisco	Cisco Unified Communications Domain Manager	unspecified
cisco	hosted_collaboration_solution	0

Exploit Intelligence

20190703 Cisco Unified Communications Domain Manager Restricted Shell Escape Vulnerability (circl)

Timeline

Jul 3, 2019 CVE Published
Apr 14, 2021 EPSS Score
Jun 23, 2021 EPSS Score
Aug 24, 2021 EPSS Score
Oct 26, 2021 EPSS Score
Dec 27, 2021 EPSS Score
Feb 28, 2022 EPSS Score
Apr 1, 2022 EPSS Score
May 1, 2022 EPSS Score
Jul 3, 2022 EPSS Score
Sep 4, 2022 EPSS Score
Nov 6, 2022 EPSS Score

References

20190703 Cisco Unified Communications Domain Manager Restricted Shell Escape Vulnerability vendor-advisory
https://nvd.nist.gov/vuln/detail/CVE-2019-1911 advisory

Open in Interactive Console →