CVE-2019-1917
published 2019-07-17CVE-2019-1917: A vulnerability in the REST API interface of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to bypass authentication on…
PriorityP269critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
5.34%
91.6th percentile
A vulnerability in the REST API interface of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to bypass authentication on an affected system. The vulnerability is due to insufficient validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected system. A successful exploit could allow the attacker to execute arbitrary actions through the REST API with administrative privileges on the affected system. The REST API is enabled by default and cannot be disabled.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | cisco_vision_dynamic_signage_director | >= unspecified < 6.1sp3 | 6.1sp3 |
| cisco | vision_dynamic_signage_director | <= 5.0 | — |
| cisco | vision_dynamic_signage_director | — | — |
| cisco | vision_dynamic_signage_director | — | — |
| cisco | vision_dynamic_signage_director | 6.0 – 6.1 | — |
| cisco | vision_dynamic_signage_director_rest | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Exploit vector is a crafted HTTP request to the REST API interface of Cisco Vision Dynamic Signage Director that bypasses authentication — monitor for unauthenticated REST API calls that successfully perform administrative actions. ↗
- →The REST API is always exposed (enabled by default and cannot be disabled); any unauthenticated REST API administrative activity on Cisco Vision Dynamic Signage Director should be treated as suspicious. ↗
- ·There are no workarounds available for this vulnerability; the only remediation is applying Cisco's software update. ↗
- ·The vulnerability is rooted in insufficient HTTP request validation (CWE-287 — improper authentication), meaning authentication checks on the REST API can be bypassed without valid credentials. ↗
CVSS provenance
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
vendor_cisco9.1CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Cisco
Cisco Vision Dynamic Signage Director REST API Authentication Bypass Vulnerability
vendor_cisco·2019-07-17·CVSS 9.1
CVE-2019-1917 [CRITICAL] CWE-287 Cisco Vision Dynamic Signage Director REST API Authentication Bypass Vulnerability
Cisco Vision Dynamic Signage Director REST API Authentication Bypass Vulnerability
A vulnerability in the REST API interface of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to bypass authentication on an affected system.
The vulnerability is due to insufficient validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected system. A successful exploit could allow the attacker to execute arbitrary actions through the REST API with administrative privileges on the affected system.
The REST API is enabled by default and cannot be disabled.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available
Cisco
Cisco Vision Dynamic Signage Director REST API Authentication Bypass Vulnerability
vendor_cisco·CVSS 3.0
CVE-2019-1917 Cisco Vision Dynamic Signage Director REST API Authentication Bypass Vulnerability
CVE-2019-1917: Cisco Vision Dynamic Signage Director REST API Authentication Bypass Vulnerability
A vulnerability in the REST API interface of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to bypass authentication on an affected system. The vulnerability is due to insufficient validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected system. A successful exploit could allow the attacker to execute arbitrary actions through the REST API with administrative privileges on the affected system. The REST API is enabled by default and cannot be disabled. Cisco has released software updates that address this vulnerability. There are no
CVSS: 3.0
CWE: CWE-287, CWE-287
Bug IDs: CSCvo52767
GHSA
GHSA-q69m-6hqq-2968: A vulnerability in the REST API interface of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to bypass authentic
ghsa_unreviewed·2022-05-24
CVE-2019-1917 [CRITICAL] CWE-287 GHSA-q69m-6hqq-2968: A vulnerability in the REST API interface of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to bypass authentic
A vulnerability in the REST API interface of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to bypass authentication on an affected system. The vulnerability is due to insufficient validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected system. A successful exploit could allow the attacker to execute arbitrary actions through the REST API with administrative privileges on the affected system. The REST API is enabled by default and cannot be disabled.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2019-07-17
Published