Detections
Analytics

Cisco SPA100 Series Multiple Vulnerabilities

high Nessus Plugin ID 129982

Language:

Synopsis

The remote device is missing a vendor-supplied security patch.

Description

The remote Cisco SPA100 Series device is affected by multiple vulnerabilities:

 - Multiple remote code execution vulnerabilities. An authenticated attacker can cause a stack overflow leading to control flow change in the Cisco SPA 112/122 device. (CVE-2019-15240, CVE-2019-15241, CVE-2019-15242, CVE-2019-15243, CVE-2019-15244, CVE-2019-15245, CVE-2019-15246, CVE-2019-15247, CVE-2019-15248, CVE-2019-15249, CVE-2019-15250, CVE-2019-15251, CVE-2019-15252)

 - Multiple cross-site scripting vulnerabilities. An authenticated attacker can inject javascript on the Cisco SPA 112/122 device. (CVE-2019-12702, CVE-2019-12703)

 - An arbitrary file disclosure vulnerability. An unauthenticated attacker can read any file on the device and elevate local privilege. (CVE-2019-12704)

 - Multiple privilege escalation vulnerabilites. An authenticated attacker can leak the administrator password hash to escalate local privilege. (CVE-2019-12708, CVE-2019-15257)

 - A denial of service vulnerability. An authenticated attacker can crash the web service with a malformed request. (CVE-2019-12258)

Solution

Upgrade Cisco SPA100 Series to firmware version 1.4.1 SR5 or later.

See Also

https://www.tenable.com/security/research/tra-2019-44

http://www.nessus.org/u?36518fa8

http://www.nessus.org/u?88204172

http://www.nessus.org/u?50f480f5

http://www.nessus.org/u?c85940fa

http://www.nessus.org/u?c6a2b0c7

http://www.nessus.org/u?7615d430

Plugin Details

Severity: High

ID: 129982

File Name: cisco-sa-20191016-spa-rce.nasl

Version: 1.7

Type: remote

Family: CISCO

Published: 10/17/2019

Updated: 4/18/2024

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 5.2

Temporal Score: 4.1

Vector: CVSS2#AV:A/AC:L/Au:S/C:P/I:P/A:P

CVSS Score Source: CVE-2019-15252

CVSS v3

Risk Factor: High

Base Score: 8

Temporal Score: 7.2

Vector: CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: x-cpe:/h:cisco:spa, x-cpe:/o:cisco:spa

Required KB Items: installed_sw/Cisco SPA ATA

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 10/16/2019

Reference Information

CVE: CVE-2019-12702, CVE-2019-12703, CVE-2019-12704, CVE-2019-15240, CVE-2019-15241, CVE-2019-15242, CVE-2019-15243, CVE-2019-15244, CVE-2019-15245, CVE-2019-15246, CVE-2019-15247, CVE-2019-15248, CVE-2019-15249, CVE-2019-15250, CVE-2019-15251, CVE-2019-15252, CVE-2019-15257, CVE-2019-15258