1. Home
  2. Mapping Frameworks
  3. CVE Home
  4. Cisco Unified Computing System E-Series Software (UCSE)

CVE CVE-2019-1863 Mappings

A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an authenticated, remote attacker to make unauthorized changes to the system configuration. The vulnerability is due to insufficient authorization enforcement. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected software. A successful exploit could allow a user with read-only privileges to change critical system configurations using administrator privileges.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
CVE-2019-1863 Cisco Unified Computing System E-Series Software (UCSE) primary_impact T1068 Exploitation for Privilege Escalation
CVE-2019-1863 Cisco Unified Computing System E-Series Software (UCSE) secondary_impact T1565.001 Stored Data Manipulation
CVE-2019-1863 Cisco Unified Computing System E-Series Software (UCSE) exploitation_technique T1190 Exploit Public-Facing Application
CVE-2019-1863 Cisco Unified Computing System E-Series Software (UCSE) exploitation_technique T1078 Valid Accounts