CVE-2019-1938
published 2019-08-21CVE-2019-1938: A vulnerability in the web-based management interface of Cisco UCS Director and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote…
PriorityP270critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
4.57%
90.4th percentile
A vulnerability in the web-based management interface of Cisco UCS Director and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrator privileges on an affected system. The vulnerability is due to improper authentication request handling. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow an unprivileged attacker to access and execute arbitrary actions through certain APIs.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | cisco_unified_computing_system_director | >= unspecified < 6.7.3.0 | 6.7.3.0 |
| cisco | ucs_director | — | — |
| cisco | ucs_director | — | — |
| cisco | ucs_director_and_cisco_ucs_director_express_for_big_data | — | — |
| cisco | ucs_director_express_for_big_data | — | — |
| cisco | ucs_director_express_for_big_data | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Exploit involves sending crafted HTTP requests to the web-based management interface of Cisco UCS Director to bypass authentication and access privileged APIs ↗
- →The vulnerability is rooted in improper authentication request handling (CWE-287); monitor for unauthenticated API calls reaching privileged endpoints on Cisco UCS Director ↗
- ·No workarounds are available; the only remediation is applying Cisco's released software updates ↗
- ·Affects both Cisco UCS Director and Cisco UCS Director Express for Big Data; both products should be assessed and patched ↗
CVSS provenance
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
vendor_cisco9.8CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-99xv-4fxw-wm5h: A vulnerability in the web-based management interface of Cisco UCS Director and Cisco UCS Director Express for Big Data could allow an unauthenticated
ghsa_unreviewed·2022-05-24
CVE-2019-1938 [CRITICAL] CWE-287 GHSA-99xv-4fxw-wm5h: A vulnerability in the web-based management interface of Cisco UCS Director and Cisco UCS Director Express for Big Data could allow an unauthenticated
A vulnerability in the web-based management interface of Cisco UCS Director and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrator privileges on an affected system. The vulnerability is due to improper authentication request handling. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow an unprivileged attacker to access and execute arbitrary actions through certain APIs.
Cisco
Cisco UCS Director and Cisco UCS Director Express for Big Data API Authentication Bypass Vulnerability
vendor_cisco·2019-08-21·CVSS 9.8
CVE-2019-1938 [CRITICAL] CWE-287 Cisco UCS Director and Cisco UCS Director Express for Big Data API Authentication Bypass Vulnerability
Cisco UCS Director and Cisco UCS Director Express for Big Data API Authentication Bypass Vulnerability
A vulnerability in the web-based management interface of Cisco UCS Director and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrator privileges on an affected system.
The vulnerability is due to improper authentication request handling. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow an unprivileged attacker to access and execute arbitrary actions through certain APIs.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
T
Cisco
Cisco UCS Director and Cisco UCS Director Express for Big Data API Authentication Bypass Vulnerability
vendor_cisco·CVSS 3.0
CVE-2019-1938 Cisco UCS Director and Cisco UCS Director Express for Big Data API Authentication Bypass Vulnerability
CVE-2019-1938: Cisco UCS Director and Cisco UCS Director Express for Big Data API Authentication Bypass Vulnerability
A vulnerability in the web-based management interface of Cisco UCS Director and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrator privileges on an affected system. The vulnerability is due to improper authentication request handling. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow an unprivileged attacker to access and execute arbitrary actions through certain APIs. Cisco has released software updates that address this vulnerability. There are no
CVSS: 3.0
CWE: CWE-287, CWE-287
B
No detection rules found.
No public exploits indexed.
Tenable
Critical Cisco Vulnerabilities Across Multiple Products, Exploit Code for CVE-2019-1913 Reportedly Released
blogs_tenable·2019-08-22·CVSS 9.8
[CRITICAL] Critical Cisco Vulnerabilities Across Multiple Products, Exploit Code for CVE-2019-1913 Reportedly Released
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
Greynoiseio
NoiseLetter March 2026
blogs_greynoiseio
NoiseLetter March 2026
Events, events… and yes, even more events. 🌍 GreyNoise has been on the move. March kept us busy with stops at eCrimes in London and SecIT in Hanover—but we’re just getting started. Over the next few months, we’ll be hitting the road for CrowdStrike CrowdTours across eight cities, heading to Glasgow to speak and sponsor CyberUK, and making our way to Tampa for H-ISAC. If you’ll be at any of these (or nearby), we’d love to connect.
And while we’ve been racking up miles, we haven’t slowed down on the research front. We’ve just released some exciting new findings—with even more coming in the next few weeks—so keep an eye out.
Thanks, as always, for being part of the GreyNoise community.
Featured
About this new report
Every enterprise firewall processes traffic from residential IP space. T
2019-08-21
Published