Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2019-1935

CWE-798Hard-coded Credentials6 documents6 sources
Severity
9.8CRITICAL
EPSS
89.1%
top 0.47%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
4
Cisco Cisco Unified Computing System DirectorCisco Integrated Management Controller SupervisorCisco UCS Director+1 more
Timeline
PublishedAug 21
Latest updateMay 24

Description

A vulnerability in Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to log in to the CLI of an affected system by using the SCP User account (scpuser), which has default user credentials. The vulnerability is due to the presence of a documented default account with an undocumented default password and incorrect permission settings for that account. Changing the default password

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages4 packages

CVEListV5cisco/cisco_unified_computing_system_directorunspecified6.7.3.0
NVDcisco/ucs_director_express5 versions+4
NVDcisco/ucs_director7 versions+6

🔴Vulnerability Details

2
GHSA
GHSA-c9g8-fgq6-h2wg: A vulnerability in Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allo2022-05-24
CVEList
Cisco Integrated Management Controller Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data SCP User Default Credentials Vulnerability2019-08-21

💥Exploits & PoCs

1
Exploit-DB
Cisco UCS Director - default scpuser password (Metasploit)2019-09-03

📋Vendor Advisories

2
Cisco
Cisco Integrated Management Controller Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data SCP User Default Credentials Vulnerability2019-08-21
Apache
Apache tomcat: CVE-2020-1935