CVE-2019-9507

The web interface of the Vertiv Avocent UMG-4000 version 4.2.1.19 is vulnerable to command injection because the application incorrectly neutralizes code syntax before executing. Since all commands within the web application are executed as root, this could allow a remote attacker authenticated with an administrator account to execute arbitrary commands as root.

CVSS v3.0 7.2 HIGH
CVSS v2.0 9.0 HIGH

7.2^/10

CVSS v3.0 : HIGH

Vector :

Exploitability : 1.2 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

9.0^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:S/C:C/I:C/A:C

Exploitability : 8.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
https://www.vertiv.com/en-us/support/software-download/it-management/avocent-universal-management-gateway-appliance--software-downloads/	Vendor Advisory
https://www.vertiv.com/en-us/support/software-download/software/trellis-enterprise-and-quick-start-solutions-software-downloads/	Vendor Advisory

Advertisement

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:vertiv:avocent_umg-4000_firmware:4.2.1.19:*:*:*:*:*:*:*

cpe:2.3:h:vertiv:avocent_umg-4000:-:*:*:*:*:*:*:*

Information

Published : 2020-03-30 15:15

Updated : 2021-11-03 12:32

NVD link : CVE-2019-9507

Mitre link : CVE-2019-9507

JSON object : View

CWE

CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')

Advertisement

Products Affected

vertiv

avocent_umg-4000_firmware
avocent_umg-4000

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://www.vertiv.com/en-us/support/software-download/it-management/avocent-universal-management-gateway-appliance--software-downloads/", "name": "https://www.vertiv.com/en-us/support/software-download/it-management/avocent-universal-management-gateway-appliance--software-downloads/", "tags": ["Vendor Advisory"], "refsource": "MISC"}, {"url": "https://www.vertiv.com/en-us/support/software-download/software/trellis-enterprise-and-quick-start-solutions-software-downloads/", "name": "https://www.vertiv.com/en-us/support/software-download/software/trellis-enterprise-and-quick-start-solutions-software-downloads/", "tags": ["Vendor Advisory"], "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "The web interface of the Vertiv Avocent UMG-4000 version 4.2.1.19 is vulnerable to command injection because the application incorrectly neutralizes code syntax before executing. Since all commands within the web application are executed as root, this could allow a remote attacker authenticated with an administrator account to execute arbitrary commands as root."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-77"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2019-9507", "ASSIGNER": "cert@cert.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 9.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "authentication": "SINGLE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "HIGH", "acInsufInfo": false, "impactScore": 10.0, "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.2}}, "publishedDate": "2020-03-30T22:15Z", "configurations": {"nodes": [{"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:vertiv:avocent_umg-4000_firmware:4.2.1.19:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:vertiv:avocent_umg-4000:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2021-11-03T19:32Z"}