CVE-2019-1935 : What You Need to Know

A security weakness in Cisco Unified Computing System Director allows unauthorized access to the Command Line Interface (CLI) through default credentials.

Understanding CVE-2019-1935

This CVE involves a vulnerability in Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data.

What is CVE-2019-1935?

The vulnerability enables unauthorized access to the CLI of affected systems using the SCP User account with default credentials.

The Impact of CVE-2019-1935

CVSS Score: 9.8 (Critical)
Attack Vector: Network
Confidentiality Impact: High
Integrity Impact: High
Availability Impact: High
No privileges required for exploitation
Scope: Unchanged
Attack Complexity: Low
User Interaction: None
The vulnerability allows attackers to execute arbitrary commands with full read and write access to the system's database.

Technical Details of CVE-2019-1935

Vulnerability Description

Default credentials in the SCP User account allow unauthorized access to the CLI.

Affected Systems and Versions

Product: Cisco Unified Computing System Director
Vendor: Cisco
Versions Affected: < 6.7.3.0

Exploitation Mechanism

Attackers can leverage the SCP User account with default credentials to gain access to the CLI and execute arbitrary commands.

Mitigation and Prevention

Immediate Steps to Take

Change the default password for the SCP User account immediately.
Implement strong password policies for all accounts.
Monitor and restrict network access to vulnerable systems.

Long-Term Security Practices

Regularly update and patch systems to address known vulnerabilities.
Conduct security training for staff to raise awareness of social engineering tactics.

Patching and Updates

Apply the latest security patches and updates provided by Cisco to mitigate this vulnerability.