Cisco SPA100 Series Multiple Vulnerabilities

Medium Nessus Plugin ID 129982

New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.

VPR Score: 5.9

Synopsis

The remote device is missing a vendor-supplied security patch.

Description

The remote Cisco SPA100 Series device is affected by multiple vulnerabilities:

- Multiple remote code execution vulnerabilities. An authenticated attacker can cause a stack overflow leading to control flow change in the Cisco SPA 112/122 device. (CVE-2019-15240, CVE-2019-15241, CVE-2019-15242, CVE-2019-15243, CVE-2019-15244, CVE-2019-15245, CVE-2019-15246, CVE-2019-15247, CVE-2019-15248, CVE-2019-15249, CVE-2019-15250, CVE-2019-15251, CVE-2019-15252)

- Multiple cross-site scripting vulnerabilities. An authenticated attacker can inject javascript on the Cisco SPA 112/122 device. (CVE-2019-12702, CVE-2019-12703)

- An arbitrary file disclosure vulnerability. An unauthenticated attacker can read any file on the device and elevate local privilege. (CVE-2019-12704)

- Multiple privilege escalation vulnerabilites. An authenticated attacker can leak the administrator password hash to escalate local privilege. (CVE-2019-12708, CVE-2019-15257)

- A denial of service vulnerability. An authenticated attacker can crash the web service with a malformed request. (CVE-2019-12258)

Solution

Upgrade Cisco SPA100 Series to firmware version 1.4.1 SR5 or later.

See Also

https://www.tenable.com/security/research/tra-2019-44

http://www.nessus.org/u?36518fa8

http://www.nessus.org/u?88204172

http://www.nessus.org/u?50f480f5

http://www.nessus.org/u?c85940fa

http://www.nessus.org/u?c6a2b0c7

http://www.nessus.org/u?7615d430

Plugin Details

Severity: Medium

ID: 129982

File Name: cisco-sa-20191016-spa-rce.nasl

Version: 1.5

Type: remote

Family: CISCO

Published: 2019/10/17

Updated: 2020/06/26

Dependencies: 129984, 129983

Risk Information

Risk Factor: Medium

VPR Score: 5.9

CVSS Score Source: CVE-2019-15252

CVSS v2.0

Base Score: 5.2

Temporal Score: 3.8

Vector: CVSS2#AV:A/AC:L/Au:S/C:P/I:P/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

CVSS v3.0

Base Score: 8

Temporal Score: 7

Vector: CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: x-cpe:/h:cisco:spa, x-cpe:/o:cisco:spa

Required KB Items: installed_sw/Cisco SPA ATA

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 2019/10/16

Reference Information

CVE: CVE-2019-12702, CVE-2019-12703, CVE-2019-12704, CVE-2019-15240, CVE-2019-15241, CVE-2019-15242, CVE-2019-15243, CVE-2019-15244, CVE-2019-15245, CVE-2019-15246, CVE-2019-15247, CVE-2019-15248, CVE-2019-15249, CVE-2019-15250, CVE-2019-15251, CVE-2019-15252, CVE-2019-15257, CVE-2019-15258