CVE-2019-1794
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N
Summary
A vulnerability in the search path processing of Cisco Directory Connector could allow an authenticated, local attacker to load a binary of their choosing. The vulnerability is due to uncontrolled search path elements. An attacker could exploit this vulnerability by placing a binary of their choosing earlier in the search path utilized by Cisco Directory Connector to locate and load required resources.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Cisco | Cisco Directory Connector | 2.2 | affected |
Weaknesses
- CWE-427: CWE-427
Workarounds
To ensure that supporting dynamic link libraries (DLLs) are loaded from system locations prior to the user's current working directory, an administrator can verify SafeDLLSearchMode is enabled in the Windows Registry. This process is outlined in Deployment Guide for Cisco Directory Connector. Warning: Incorrectly modifying the system registry of a Microsoft Windows-based device may cause serious problems. Neither Cisco nor Microsoft can guarantee that problems that may result from improper registry modification, either from applying registry changes via a .reg file or by using the Registry Editor, can be resolved. Modify the registry of a system at the user's own risk.
ADP Enrichment
CVE Program Container
Additional References
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-cdc-hijack
- http://www.securityfocus.com/bid/108032
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-cdc-hijack
- http://www.securityfocus.com/bid/108032
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.