All the vulnerabilites related to cisco - 9536pq
Vulnerability from fkie_nvd
Published
2019-05-15 20:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securityfocus.com/bid/108371 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1774-1775 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/108371 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1774-1775 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E762B981-6AC3-41E2-9FF5-DBA9616EA75C",
"versionEndExcluding": "6.2\\(25\\)",
"versionStartIncluding": "5.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86770ECC-BC1D-42BC-A65B-FCE598491BEE",
"versionEndExcluding": "8.1\\(1b\\)",
"versionStartIncluding": "7.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F4863FC5-6578-48DE-838D-E5D2EEFF27B1",
"versionEndExcluding": "8.3\\(1\\)",
"versionStartIncluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:mds_9132t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56426D35-FCFD-406E-9144-2E66C8C86EFC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9148s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D25FA4A8-408B-4E94-B7D9-7DC54B61322F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9148t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "831B6D0F-A975-4CBA-B5BB-0AC4AD718FE8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9216:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A72BDC4-6640-45CC-A128-0CDEE38D3ADC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9216a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90094569-AA2C-4D35-807F-9551FACE255F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9216i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "306AFBC9-A236-4D03-A1EB-CE7E838D8415",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9222i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12DB1A25-A7C9-412F-88BC-E89588896395",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9250i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67CD5738-029B-43AA-9342-63719DC16138",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9396s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9EF9DC03-5370-46FD-9CA8-AC4DF5E922FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9396t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E81D2CC1-376A-4D87-88EA-6E1831741EC6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9506:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3925D2CF-9D7C-4498-8AF2-45E15D5D009F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9509:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C677D356-86C9-4491-A6CA-5E6306B2BB70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9513:-:*:*:*:*:*:*:*",
"matchCriteriaId": "28A3C579-7AAD-41A4-947F-CCB9B09402A5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9706:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5182CB50-4D32-4835-B1A8-817D989F919F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36B3B617-7554-4C36-9B41-19AA3BD2F6E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9718:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B88879A9-A7F5-41E0-8A38-0E09E3FD27F4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "92B576CF-5EAD-4830-A7B7-ACC434349691",
"versionEndExcluding": "7.0\\(3\\)i4\\(9\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1865052B-3A59-4996-A1B0-0FA8B19F5949",
"versionEndExcluding": "7.3\\(3\\)i7\\(4\\)",
"versionStartIncluding": "7.0\\(3\\)i7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:9432pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E88418C-0BC4-4D90-A14D-0B89F8399AA5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:9536pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB93AD1-B5DD-4A69-B1A3-3F163BD2D8BA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:9636pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19F88FB2-1A75-4166-A4F5-039D67EAA1D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:9736pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A01B0559-5632-4658-AA3A-221DD28D963F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9432c-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "082A5A44-DC9A-4B48-8F28-1D0EC7F82410",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9464px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19BCB669-5CC8-4C67-B34C-3F5ADDD4C232",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9464tx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5E693D2-F1D5-4D22-885B-AE853221ABA9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9564px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C63F63AD-94EC-4A6D-92AF-7FBF6275746A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9564tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "490EAB88-A0F3-4A88-9A81-B414CE78B34B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9CE53D-E8B7-46CD-9B8B-C746A2524BA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636c-rx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6782DA1-5568-410D-86E6-2C2B909693DD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x97160yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "04A26215-DEB3-4337-AFE0-5E23C760060D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9732c-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B8F7177-147E-47C0-ADFB-4CD0768D52CD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9732c-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06A72F9F-773A-463D-8BEB-6B316DF21CFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9736c-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FC94E7D-84AF-4D2A-85A7-264CED2D107B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9736c-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC0082AD-1EFB-4AFE-9974-EAAB926553F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9788tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4BFAAE41-AD17-4F69-9029-8DD90D824E6F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-x\\/3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E142C18F-9FB5-4D96-866A-141D7D16CAF7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq\\/pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EFC116A-627F-4E05-B631-651D161217C8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E505C0B1-2119-4C6A-BF96-C282C633D169",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "915EF8F6-6039-4DD0-B875-30D911752B74",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "102F91CD-DFB6-43D4-AE5B-DA157A696230",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF467E2-4567-426E-8F48-39669E0F514C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31B9D1E4-10B9-4B6F-B848-D93ABF6486D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_a\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB270C45-756E-400A-979F-D07D750C881A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E8A085C-2DBA-4269-AB01-B16019FBB4DA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_b\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A79DD582-AF68-44F1-B640-766B46EF2BE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:x9636q-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90F30A43-9E4F-4A03-8060-A38B0925DBD2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81FEA96D-5A66-415A-B46C-F25DC3E4E5EE",
"versionEndExcluding": "6.0\\(2\\)a8\\(11\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3DFCC3C2-3483-4BD0-AF71-23574D0849B1",
"versionEndExcluding": "7.0\\(3\\)i4\\(9\\)",
"versionStartIncluding": "7.0\\(3\\)i4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1865052B-3A59-4996-A1B0-0FA8B19F5949",
"versionEndExcluding": "7.3\\(3\\)i7\\(4\\)",
"versionStartIncluding": "7.0\\(3\\)i7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E505C0B1-2119-4C6A-BF96-C282C633D169",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "915EF8F6-6039-4DD0-B875-30D911752B74",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "96BFEE5D-EF9F-4C21-BC51-FBA71029A6A7",
"versionEndExcluding": "7.0\\(3\\)f3\\(5\\)",
"versionStartIncluding": "7.0\\(3\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:n9k-c9504-fm-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91595E9E-BF7A-4438-9D25-05AB29DD16ED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9508-fm-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4818B000-7022-445A-8B0F-6B2E937AAEA3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x96136yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BEE867E4-9EE8-4A06-A51B-627C228EF0A2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9CE53D-E8B7-46CD-9B8B-C746A2524BA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636c-rx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6782DA1-5568-410D-86E6-2C2B909693DD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636q-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1734D373-CA79-447E-96A7-EDA4D3F9C924",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:x96136yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2163BE9A-89E8-4585-9AD5-A1C764533F10",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:x9636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "569B5384-B93C-4FEF-88E7-3155ACE94F4B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:x9636c-rx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E7646FC-74C9-4188-9FDB-2C91D8D559D1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:x9636q-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90F30A43-9E4F-4A03-8060-A38B0925DBD2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA0C7252-4931-47EF-9AFD-0CE05C786613",
"versionEndExcluding": "7.3\\(4\\)n1\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA7F5823-41A8-47C8-A154-02C6C31EF76A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up-16g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "367C2A49-4C4D-471B-9B34-AFAFA5AE9503",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F557E38-09F6-42C6-BABA-3C3168B38BBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A67D92F3-7EE1-4CFD-9608-4E35994C1BC4",
"versionEndExcluding": "6.2\\(22\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3411F8C2-D65A-46CF-9563-0A9866462491",
"versionEndExcluding": "7.3\\(3\\)d1\\(1\\)",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02E6779A-5759-4A83-B884-1B47FC124A22",
"versionEndExcluding": "8.3\\(1\\)",
"versionStartIncluding": "8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:7000_10-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489A59F2-D44D-44ED-844C-E0EF83A23C4F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7000_18-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "79689D81-D8F0-4FB1-9B8F-62407474A042",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7000_4-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBA5F539-E8AC-44B5-9E9C-2E35F6CAA22E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7000_9-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D01E7A7E-7111-4C89-8EBD-080B0A3E069C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7700_10-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADCDCAC9-30F2-4EE3-9D02-5AA8BA6A1E99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7700_18-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "610E21F4-8188-4B5E-A80F-CFE0F2B9D8A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7700_2-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83003054-E458-4405-BA7F-A5EA415D296A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7700_6-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7610AAC-D1FE-44A8-9925-31F1CCA8AFEF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-f312ck-26:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F58B1C42-9150-48C9-9203-A2466FC61261",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-f324fq-25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0AD5DA69-09D9-436A-8FC1-A46626DE2789",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-f348xp-23:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0A9CD4D-4659-402D-BDF8-E5EF86449641",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-f430cq-36:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C9DC24E-6B6E-496C-8D8C-09B197B0A77E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-m312cq-26l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9AFA9BC1-3386-4AAE-A1B6-D81761D3EA9B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-m324fq-25l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D753638-4BE8-4BF5-A083-F8360003869D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-m348xp-23l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6AC35C-29B2-42C7-862D-D9AC3461D8D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-f248xp-25e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4FD83D1-8ECB-4DB8-A6E0-2F795F83B4CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-f306ck-25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B875911-E742-427B-AE07-C8A5955DEA62",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-f312fq-25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD0C6431-8EB1-4F69-AF28-8F5C55348AF5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-m202cf-22l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AFCA5EC7-9F36-4473-B0DF-4F0F9C680F10",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-m206fq-23l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D0E31D5-9F1D-46EC-824F-352A0098944B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-m224xp-23l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8AD0767-C42B-4BAC-B90C-F4412B661D7A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-m324fq-25l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B6BF05BA-E0CC-45D6-963F-27F0BD7B3C4F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-m348xp-25l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D409BDF3-9F35-4D94-9DF0-7B58A519A005",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_supervisor_1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "993AFE99-DFC3-4D92-90C8-D3A6495547BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_supervisor_2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7453E0FA-B05D-4888-AFB0-8FE8B8040DFC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_supervisor_2e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "108DB6B5-CB29-477F-84FC-52116F295878",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_supervisor_2e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FBB9435-1CD4-469E-BF16-AD98ADC99AAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_supervisor_3e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42ABB93D-2C3A-4029-B545-B638B6C7788E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la CLI del programa Cisco NX-OS podr\u00eda permitir a un atacante local autenticado ejecutar comandos arbitrarios en el sistema operativo subyacente de un dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de los argumentos pasados ??a ciertos comandos de la CLI. Un atacante podr\u00eda aprovechar esta vulnerabilidad al incluir una entrada maliciosa como el argumento de un comando afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar comandos arbitrarios en el sistema operativo subyacente con privilegios elevados. Un atacante necesitar\u00eda credenciales de administrador v\u00e1lidas para aprovechar esta vulnerabilidad."
}
],
"id": "CVE-2019-1775",
"lastModified": "2024-11-21T04:37:20.987",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-05-15T20:29:01.133",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108371"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1774-1775"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108371"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1774-1775"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-05-15 20:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with a privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securityfocus.com/bid/108377 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1776 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/108377 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1776 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B3AF4670-21BF-443C-94F2-230E254862F4",
"versionEndExcluding": "8.2\\(2\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CFC2CF14-BF68-49FD-AFDE-886FD1A51520",
"versionEndExcluding": "8.3\\(1\\)",
"versionStartIncluding": "8.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:mds_9132t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56426D35-FCFD-406E-9144-2E66C8C86EFC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9148s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D25FA4A8-408B-4E94-B7D9-7DC54B61322F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9148t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "831B6D0F-A975-4CBA-B5BB-0AC4AD718FE8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9216:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A72BDC4-6640-45CC-A128-0CDEE38D3ADC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9216a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90094569-AA2C-4D35-807F-9551FACE255F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9216i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "306AFBC9-A236-4D03-A1EB-CE7E838D8415",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9222i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12DB1A25-A7C9-412F-88BC-E89588896395",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9250i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67CD5738-029B-43AA-9342-63719DC16138",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9396s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9EF9DC03-5370-46FD-9CA8-AC4DF5E922FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9396t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E81D2CC1-376A-4D87-88EA-6E1831741EC6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9506:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3925D2CF-9D7C-4498-8AF2-45E15D5D009F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9509:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C677D356-86C9-4491-A6CA-5E6306B2BB70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9513:-:*:*:*:*:*:*:*",
"matchCriteriaId": "28A3C579-7AAD-41A4-947F-CCB9B09402A5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9706:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5182CB50-4D32-4835-B1A8-817D989F919F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36B3B617-7554-4C36-9B41-19AA3BD2F6E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9718:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B88879A9-A7F5-41E0-8A38-0E09E3FD27F4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "92B576CF-5EAD-4830-A7B7-ACC434349691",
"versionEndExcluding": "7.0\\(3\\)i4\\(9\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1865052B-3A59-4996-A1B0-0FA8B19F5949",
"versionEndExcluding": "7.3\\(3\\)i7\\(4\\)",
"versionStartIncluding": "7.0\\(3\\)i7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:9432pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E88418C-0BC4-4D90-A14D-0B89F8399AA5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:9536pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB93AD1-B5DD-4A69-B1A3-3F163BD2D8BA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:9636pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19F88FB2-1A75-4166-A4F5-039D67EAA1D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:9736pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A01B0559-5632-4658-AA3A-221DD28D963F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9432c-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "082A5A44-DC9A-4B48-8F28-1D0EC7F82410",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9464px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19BCB669-5CC8-4C67-B34C-3F5ADDD4C232",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9464tx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5E693D2-F1D5-4D22-885B-AE853221ABA9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9564px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C63F63AD-94EC-4A6D-92AF-7FBF6275746A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9564tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "490EAB88-A0F3-4A88-9A81-B414CE78B34B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9CE53D-E8B7-46CD-9B8B-C746A2524BA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636c-rx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6782DA1-5568-410D-86E6-2C2B909693DD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x97160yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "04A26215-DEB3-4337-AFE0-5E23C760060D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9732c-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B8F7177-147E-47C0-ADFB-4CD0768D52CD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9732c-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06A72F9F-773A-463D-8BEB-6B316DF21CFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9736c-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FC94E7D-84AF-4D2A-85A7-264CED2D107B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9736c-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC0082AD-1EFB-4AFE-9974-EAAB926553F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9788tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4BFAAE41-AD17-4F69-9029-8DD90D824E6F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-x\\/3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E142C18F-9FB5-4D96-866A-141D7D16CAF7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq\\/pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EFC116A-627F-4E05-B631-651D161217C8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E505C0B1-2119-4C6A-BF96-C282C633D169",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "915EF8F6-6039-4DD0-B875-30D911752B74",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "102F91CD-DFB6-43D4-AE5B-DA157A696230",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF467E2-4567-426E-8F48-39669E0F514C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31B9D1E4-10B9-4B6F-B848-D93ABF6486D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_a\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB270C45-756E-400A-979F-D07D750C881A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E8A085C-2DBA-4269-AB01-B16019FBB4DA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_b\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A79DD582-AF68-44F1-B640-766B46EF2BE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:x9636q-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90F30A43-9E4F-4A03-8060-A38B0925DBD2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81FEA96D-5A66-415A-B46C-F25DC3E4E5EE",
"versionEndExcluding": "6.0\\(2\\)a8\\(11\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3DFCC3C2-3483-4BD0-AF71-23574D0849B1",
"versionEndExcluding": "7.0\\(3\\)i4\\(9\\)",
"versionStartIncluding": "7.0\\(3\\)i4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1865052B-3A59-4996-A1B0-0FA8B19F5949",
"versionEndExcluding": "7.3\\(3\\)i7\\(4\\)",
"versionStartIncluding": "7.0\\(3\\)i7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E505C0B1-2119-4C6A-BF96-C282C633D169",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "915EF8F6-6039-4DD0-B875-30D911752B74",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "96BFEE5D-EF9F-4C21-BC51-FBA71029A6A7",
"versionEndExcluding": "7.0\\(3\\)f3\\(5\\)",
"versionStartIncluding": "7.0\\(3\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:n9k-c9504-fm-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91595E9E-BF7A-4438-9D25-05AB29DD16ED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9508-fm-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4818B000-7022-445A-8B0F-6B2E937AAEA3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x96136yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BEE867E4-9EE8-4A06-A51B-627C228EF0A2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9CE53D-E8B7-46CD-9B8B-C746A2524BA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636c-rx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6782DA1-5568-410D-86E6-2C2B909693DD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636q-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1734D373-CA79-447E-96A7-EDA4D3F9C924",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:x96136yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2163BE9A-89E8-4585-9AD5-A1C764533F10",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:x9636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "569B5384-B93C-4FEF-88E7-3155ACE94F4B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:x9636c-rx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E7646FC-74C9-4188-9FDB-2C91D8D559D1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:x9636q-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90F30A43-9E4F-4A03-8060-A38B0925DBD2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5CF3A40-A695-4722-A557-8A2C1AD831B6",
"versionEndExcluding": "7.3\\(5\\)n1\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA7F5823-41A8-47C8-A154-02C6C31EF76A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up-16g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "367C2A49-4C4D-471B-9B34-AFAFA5AE9503",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F557E38-09F6-42C6-BABA-3C3168B38BBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CEE30512-6FAD-4FDD-905B-2D33FE28991D",
"versionEndExcluding": "7.3\\(3\\)d1\\(1\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5C4884A9-CA4B-434C-99F3-2105281B1905",
"versionEndExcluding": "8.2\\(2\\)",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CFC2CF14-BF68-49FD-AFDE-886FD1A51520",
"versionEndExcluding": "8.3\\(1\\)",
"versionStartIncluding": "8.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:7000_10-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489A59F2-D44D-44ED-844C-E0EF83A23C4F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7000_18-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "79689D81-D8F0-4FB1-9B8F-62407474A042",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7000_4-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBA5F539-E8AC-44B5-9E9C-2E35F6CAA22E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7000_9-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D01E7A7E-7111-4C89-8EBD-080B0A3E069C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7700_10-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADCDCAC9-30F2-4EE3-9D02-5AA8BA6A1E99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7700_18-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "610E21F4-8188-4B5E-A80F-CFE0F2B9D8A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7700_2-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83003054-E458-4405-BA7F-A5EA415D296A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7700_6-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7610AAC-D1FE-44A8-9925-31F1CCA8AFEF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-f312ck-26:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F58B1C42-9150-48C9-9203-A2466FC61261",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-f324fq-25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0AD5DA69-09D9-436A-8FC1-A46626DE2789",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-f348xp-23:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0A9CD4D-4659-402D-BDF8-E5EF86449641",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-f430cq-36:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C9DC24E-6B6E-496C-8D8C-09B197B0A77E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-m312cq-26l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9AFA9BC1-3386-4AAE-A1B6-D81761D3EA9B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-m324fq-25l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D753638-4BE8-4BF5-A083-F8360003869D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-m348xp-23l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6AC35C-29B2-42C7-862D-D9AC3461D8D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-f248xp-25e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4FD83D1-8ECB-4DB8-A6E0-2F795F83B4CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-f306ck-25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B875911-E742-427B-AE07-C8A5955DEA62",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-f312fq-25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD0C6431-8EB1-4F69-AF28-8F5C55348AF5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-m202cf-22l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AFCA5EC7-9F36-4473-B0DF-4F0F9C680F10",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-m206fq-23l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D0E31D5-9F1D-46EC-824F-352A0098944B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-m224xp-23l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8AD0767-C42B-4BAC-B90C-F4412B661D7A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-m324fq-25l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B6BF05BA-E0CC-45D6-963F-27F0BD7B3C4F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-m348xp-25l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D409BDF3-9F35-4D94-9DF0-7B58A519A005",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_supervisor_1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "993AFE99-DFC3-4D92-90C8-D3A6495547BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_supervisor_2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7453E0FA-B05D-4888-AFB0-8FE8B8040DFC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_supervisor_2e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "108DB6B5-CB29-477F-84FC-52116F295878",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_supervisor_2e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FBB9435-1CD4-469E-BF16-AD98ADC99AAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_supervisor_3e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42ABB93D-2C3A-4029-B545-B638B6C7788E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA67BFA-71AF-4071-AD0D-CBD05E2D59CB",
"versionEndExcluding": "4.0\\(1a\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49112D3F-DFAD-4E71-992B-9E0640FA388C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B82093C6-B36D-4E4E-AD7F-8C107646B8D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E406DDCE-6753-43E9-B6F0-7A038DE84E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6332-16up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "054D8EB2-97A3-4725-9DFF-27A4D231D90A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with a privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la CLI del programa Cisco NX-OS podr\u00eda permitir a un atacante local autenticado ejecutar comandos arbitrarios en el sistema operativo Linux subyacente con un nivel de privilegio de ra\u00edz. La vulnerabilidad se debe a una validaci\u00f3n insuficiente de los argumentos pasados ??a un comando CLI espec\u00edfico en el dispositivo afectado. Un atacante podr\u00eda aprovechar esta vulnerabilidad al incluir una entrada maliciosa como el argumento de un comando afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar comandos arbitrarios en el sistema operativo Linux subyacente con privilegios elevados. Un atacante necesitar\u00eda credenciales de administrador v\u00e1lidas para aprovechar esta vulnerabilidad."
}
],
"id": "CVE-2019-1776",
"lastModified": "2024-11-21T04:37:21.137",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-05-15T20:29:01.197",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108377"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1776"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108377"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1776"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-03-11 21:29
Modified
2024-11-21 04:36
Severity ?
Summary
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability. MDS 9000 Series Multilayer Switches are affected running software versions prior to 6.2(27) and 8.2(3). Nexus 3000 Series Switches are affected running software versions prior to 7.0(3)I4(9) and 7.0(3)I7(6). Nexus 3500 Platform Switches are affected running software versions prior to 6.0(2)A8(11) and 7.0(3)I7(6). Nexus 3600 Platform Switches are affected running software versions prior to 7.0(3)F3(5). Nexus 9000 Series Switches in Standalone NX-OS Mode are affected running software versions prior to 7.0(3)I4(9), 7.0(3)I7(6). Nexus 9500 R-Series Line Cards and Fabric Modules are affected running software versions prior to 7.0(3)F3(5). Nexus 7000 and 7700 Series Switches are affected running software versions prior to 6.2(22) and 8.2(3).
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securityfocus.com/bid/107392 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-cmdinj-1613 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/107392 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-cmdinj-1613 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "907A3DEC-27F8-4D0A-9EE4-4681B6D9BADB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "80B54786-DA2A-4E2D-9835-6A7939931928",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:9432pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E88418C-0BC4-4D90-A14D-0B89F8399AA5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:9536pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB93AD1-B5DD-4A69-B1A3-3F163BD2D8BA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:9636pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19F88FB2-1A75-4166-A4F5-039D67EAA1D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:9736pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A01B0559-5632-4658-AA3A-221DD28D963F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9432c-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "082A5A44-DC9A-4B48-8F28-1D0EC7F82410",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9464px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19BCB669-5CC8-4C67-B34C-3F5ADDD4C232",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9464tx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5E693D2-F1D5-4D22-885B-AE853221ABA9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9564px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C63F63AD-94EC-4A6D-92AF-7FBF6275746A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9564tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "490EAB88-A0F3-4A88-9A81-B414CE78B34B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9CE53D-E8B7-46CD-9B8B-C746A2524BA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636c-rx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6782DA1-5568-410D-86E6-2C2B909693DD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x97160yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "04A26215-DEB3-4337-AFE0-5E23C760060D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9732c-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B8F7177-147E-47C0-ADFB-4CD0768D52CD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9732c-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06A72F9F-773A-463D-8BEB-6B316DF21CFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9736c-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FC94E7D-84AF-4D2A-85A7-264CED2D107B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9736c-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC0082AD-1EFB-4AFE-9974-EAAB926553F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9788tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4BFAAE41-AD17-4F69-9029-8DD90D824E6F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "102F91CD-DFB6-43D4-AE5B-DA157A696230",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF467E2-4567-426E-8F48-39669E0F514C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:x9636q-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90F30A43-9E4F-4A03-8060-A38B0925DBD2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DD96C7AE-EECC-43F4-9132-1E7F8047C701",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:n3k-c31128pq-10ge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D296E7EE-4531-4D2B-BC0C-177FF0F06084",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n3k-c3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "572F9105-9B6C-4460-8B49-14812AC3DC28",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n3k-c3164q-40ge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C37EFC-C0E3-446B-8688-0B07084D7AB8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n3k-c3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA0C0A01-8EDD-44DB-8DB3-799CAF4367E1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "80B54786-DA2A-4E2D-9835-6A7939931928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:8.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3FB0B238-4F3A-4569-89B0-ED80533D87C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1D43B9D6-0991-4370-9369-C0A1EDBF6627",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:n77-f312ck-26:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F58B1C42-9150-48C9-9203-A2466FC61261",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-f324fq-25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0AD5DA69-09D9-436A-8FC1-A46626DE2789",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-f348xp-23:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0A9CD4D-4659-402D-BDF8-E5EF86449641",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-f430cq-36:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C9DC24E-6B6E-496C-8D8C-09B197B0A77E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-m312cq-26l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9AFA9BC1-3386-4AAE-A1B6-D81761D3EA9B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-m324fq-25l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D753638-4BE8-4BF5-A083-F8360003869D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-m348xp-23l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6AC35C-29B2-42C7-862D-D9AC3461D8D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-f248xp-25e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4FD83D1-8ECB-4DB8-A6E0-2F795F83B4CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-f306ck-25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B875911-E742-427B-AE07-C8A5955DEA62",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-f312fq-25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD0C6431-8EB1-4F69-AF28-8F5C55348AF5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-m202cf-22l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AFCA5EC7-9F36-4473-B0DF-4F0F9C680F10",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-m206fq-23l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D0E31D5-9F1D-46EC-824F-352A0098944B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-m224xp-23l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8AD0767-C42B-4BAC-B90C-F4412B661D7A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-m324fq-25l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B6BF05BA-E0CC-45D6-963F-27F0BD7B3C4F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-m348xp-25l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D409BDF3-9F35-4D94-9DF0-7B58A519A005",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability. MDS 9000 Series Multilayer Switches are affected running software versions prior to 6.2(27) and 8.2(3). Nexus 3000 Series Switches are affected running software versions prior to 7.0(3)I4(9) and 7.0(3)I7(6). Nexus 3500 Platform Switches are affected running software versions prior to 6.0(2)A8(11) and 7.0(3)I7(6). Nexus 3600 Platform Switches are affected running software versions prior to 7.0(3)F3(5). Nexus 9000 Series Switches in Standalone NX-OS Mode are affected running software versions prior to 7.0(3)I4(9), 7.0(3)I7(6). Nexus 9500 R-Series Line Cards and Fabric Modules are affected running software versions prior to 7.0(3)F3(5). Nexus 7000 and 7700 Series Switches are affected running software versions prior to 6.2(22) and 8.2(3)."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la CLI del software NX-OS de Cisco podr\u00eda permitir a un atacante local autenticado ejecutar comandos arbitrarios en el sistema operativo subyacente de un dispositivo afectado. La vulnerabilidad se debe a una validaci\u00f3n de argumentos insuficiente que se env\u00edan a determinados comandos CLI. Un atacante podr\u00eda explotar esta vulnerabilidad incluyendo entradas maliciosas como el argumento de un comando afectado. Un exploit con \u00e9xito podr\u00eda permitir al atacante ejecutar comandos arbitrarios en el sistema operativo subyacente con privilegios elevados. Un atacante necesitar\u00eda credenciales de administrador v\u00e1lidas para explotar esta vulnerabilidad. Los switches de MDS 9000 Series Multilayer se ven afectados en versiones anteriores a las 6.2(27) y 8.2(3). Los switches de Nexus 3000 Series se ven afectados en versiones de software anteriores a las 7.0(3)I4(9) y 7.0(3)I7(6). Los switches de Nexus 3500 Platform Series se ven afectados en versiones de software anteriores a las 6.0(2)A8(11) y 7.0(3)I7(6). Los switches de Nexus 3600 Platform se ven afectados en versiones de software anteriores a la 7.0(3)F3(5). Las versiones anteriores a las 7.0(3)I4(9) y 7.0(3)I7(6) de Nexus 9000 Series Switches, en modo NX-OS, se ven afectadas. Los switches de 9500 R-Series Line Cards y Fabric Modules se ven afectados en versiones anteriores a la 7.0(3)F3(5). Los switches de Nexus, en sus series 7000 y 7700, se ven afectados en versiones anteriores a las 6.2(22) y 8.2(3)."
}
],
"id": "CVE-2019-1613",
"lastModified": "2024-11-21T04:36:55.777",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"exploitabilityScore": 0.8,
"impactScore": 3.4,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-03-11T21:29:00.840",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/107392"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-cmdinj-1613"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/107392"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-cmdinj-1613"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-88"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-05-15 23:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability exists because software digital signatures are not properly verified during CLI command execution. An attacker could exploit this vulnerability to install an unsigned software image on an affected device.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securityfocus.com/bid/108425 | Broken Link, Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-sisv2 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/108425 | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-sisv2 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5EBDB710-2B63-4219-8B3D-A930008C0122",
"versionEndExcluding": "7.0\\(3\\)i7\\(5\\)",
"versionStartIncluding": "6.0\\(2\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F38F5064-F7E2-4B6F-BB50-32DBC205E164",
"versionEndExcluding": "9.2\\(2\\)",
"versionStartIncluding": "9.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-x\\/3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E142C18F-9FB5-4D96-866A-141D7D16CAF7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq\\/pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EFC116A-627F-4E05-B631-651D161217C8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E505C0B1-2119-4C6A-BF96-C282C633D169",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "915EF8F6-6039-4DD0-B875-30D911752B74",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "96BFEE5D-EF9F-4C21-BC51-FBA71029A6A7",
"versionEndExcluding": "7.0\\(3\\)f3\\(5\\)",
"versionStartIncluding": "7.0\\(3\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F38F5064-F7E2-4B6F-BB50-32DBC205E164",
"versionEndExcluding": "9.2\\(2\\)",
"versionStartIncluding": "9.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:n9k-c9504-fm-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91595E9E-BF7A-4438-9D25-05AB29DD16ED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9508-fm-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4818B000-7022-445A-8B0F-6B2E937AAEA3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13870733-AF0E-4453-AA0D-4A624F5AF2DD",
"versionEndExcluding": "7.0\\(3\\)i7\\(5\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F38F5064-F7E2-4B6F-BB50-32DBC205E164",
"versionEndExcluding": "9.2\\(2\\)",
"versionStartIncluding": "9.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:9432pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E88418C-0BC4-4D90-A14D-0B89F8399AA5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:9536pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB93AD1-B5DD-4A69-B1A3-3F163BD2D8BA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:9636pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19F88FB2-1A75-4166-A4F5-039D67EAA1D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:9736pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A01B0559-5632-4658-AA3A-221DD28D963F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9432c-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "082A5A44-DC9A-4B48-8F28-1D0EC7F82410",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9464px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19BCB669-5CC8-4C67-B34C-3F5ADDD4C232",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9464tx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5E693D2-F1D5-4D22-885B-AE853221ABA9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9564px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C63F63AD-94EC-4A6D-92AF-7FBF6275746A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9564tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "490EAB88-A0F3-4A88-9A81-B414CE78B34B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9CE53D-E8B7-46CD-9B8B-C746A2524BA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636c-rx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6782DA1-5568-410D-86E6-2C2B909693DD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x97160yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "04A26215-DEB3-4337-AFE0-5E23C760060D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9732c-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B8F7177-147E-47C0-ADFB-4CD0768D52CD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9732c-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06A72F9F-773A-463D-8BEB-6B316DF21CFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9736c-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FC94E7D-84AF-4D2A-85A7-264CED2D107B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9736c-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC0082AD-1EFB-4AFE-9974-EAAB926553F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9788tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4BFAAE41-AD17-4F69-9029-8DD90D824E6F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "102F91CD-DFB6-43D4-AE5B-DA157A696230",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF467E2-4567-426E-8F48-39669E0F514C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31B9D1E4-10B9-4B6F-B848-D93ABF6486D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_a\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB270C45-756E-400A-979F-D07D750C881A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E8A085C-2DBA-4269-AB01-B16019FBB4DA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_b\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A79DD582-AF68-44F1-B640-766B46EF2BE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:x9636q-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90F30A43-9E4F-4A03-8060-A38B0925DBD2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability exists because software digital signatures are not properly verified during CLI command execution. An attacker could exploit this vulnerability to install an unsigned software image on an affected device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funci\u00f3n Image Signature Verification del programa Cisco NX-OS podr\u00eda permitir que un atacante local autenticado con credenciales de administrador para instalar una imagen de programa malintencionado en un dispositivo afectado. La vulnerabilidad se debe a que las firmas digitales del programa no se verifican correctamente durante la ejecuci\u00f3n del comando CLI. Un atacante podr\u00eda aprovechar esta vulnerabilidad para instalar una imagen de programa sin firmar en un dispositivo afectado."
}
],
"id": "CVE-2019-1811",
"lastModified": "2024-11-21T04:37:25.917",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-05-15T23:29:01.230",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108425"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-sisv2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108425"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-sisv2"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-347"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-347"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-08-28 19:15
Modified
2024-11-21 04:37
Severity ?
7.7 (High) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application on an affected device to restart unexpectedly. The vulnerability is due to improper validation of Abstract Syntax Notation One (ASN.1)-encoded variables in SNMP packets. An attacker could exploit this vulnerability by sending a crafted SNMP packet to the SNMP daemon on the affected device. A successful exploit could allow the attacker to cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service (DoS) condition.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "55812D67-23B2-4EE1-8DEF-B1386551D825",
"versionEndExcluding": "6.2\\(29\\)",
"versionStartIncluding": "5.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E912DD93-695F-43A2-9F85-01B2C338A914",
"versionEndExcluding": "8.4",
"versionStartIncluding": "7.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:mds_9132t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56426D35-FCFD-406E-9144-2E66C8C86EFC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9148s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D25FA4A8-408B-4E94-B7D9-7DC54B61322F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9148t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "831B6D0F-A975-4CBA-B5BB-0AC4AD718FE8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9216:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A72BDC4-6640-45CC-A128-0CDEE38D3ADC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9216a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90094569-AA2C-4D35-807F-9551FACE255F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9216i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "306AFBC9-A236-4D03-A1EB-CE7E838D8415",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9222i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12DB1A25-A7C9-412F-88BC-E89588896395",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9250i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67CD5738-029B-43AA-9342-63719DC16138",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9396s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9EF9DC03-5370-46FD-9CA8-AC4DF5E922FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9396t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E81D2CC1-376A-4D87-88EA-6E1831741EC6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9506:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3925D2CF-9D7C-4498-8AF2-45E15D5D009F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9509:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C677D356-86C9-4491-A6CA-5E6306B2BB70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9513:-:*:*:*:*:*:*:*",
"matchCriteriaId": "28A3C579-7AAD-41A4-947F-CCB9B09402A5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9706:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5182CB50-4D32-4835-B1A8-817D989F919F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36B3B617-7554-4C36-9B41-19AA3BD2F6E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9718:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B88879A9-A7F5-41E0-8A38-0E09E3FD27F4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A70947-97A8-4CC4-A656-1ABE64CA698F",
"versionEndExcluding": "13.2\\(7k\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "78F357E2-8074-420D-B06E-94D5076415AD",
"versionEndExcluding": "14.0\\(2c\\)",
"versionStartIncluding": "14.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A497D055-0061-425D-A209-C8919C708B4E",
"versionEndExcluding": "14.1\\(1i\\)",
"versionStartIncluding": "14.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "102F91CD-DFB6-43D4-AE5B-DA157A696230",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF467E2-4567-426E-8F48-39669E0F514C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31B9D1E4-10B9-4B6F-B848-D93ABF6486D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_a\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB270C45-756E-400A-979F-D07D750C881A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E8A085C-2DBA-4269-AB01-B16019FBB4DA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_b\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A79DD582-AF68-44F1-B640-766B46EF2BE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A49B703F-71AC-4D71-B20B-B373A1F20F2D",
"versionEndExcluding": "9.2\\(3\\)",
"versionStartIncluding": "7.0\\(3\\)f",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:n9k-c9504-fm-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91595E9E-BF7A-4438-9D25-05AB29DD16ED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9508-fm-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4818B000-7022-445A-8B0F-6B2E937AAEA3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x96136yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BEE867E4-9EE8-4A06-A51B-627C228EF0A2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9CE53D-E8B7-46CD-9B8B-C746A2524BA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636c-rx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6782DA1-5568-410D-86E6-2C2B909693DD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636q-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1734D373-CA79-447E-96A7-EDA4D3F9C924",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:x96136yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2163BE9A-89E8-4585-9AD5-A1C764533F10",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:x9636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "569B5384-B93C-4FEF-88E7-3155ACE94F4B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:x9636c-rx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E7646FC-74C9-4188-9FDB-2C91D8D559D1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:x9636q-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90F30A43-9E4F-4A03-8060-A38B0925DBD2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "934E7941-C773-4032-944B-4AC57FB11D23",
"versionEndExcluding": "7.1\\(5\\)n1\\(1b\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DF45649B-78F2-41C0-B74C-A917858C10C3",
"versionEndExcluding": "7.3\\(5\\)n1\\(1\\)",
"versionStartIncluding": "7.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA7F5823-41A8-47C8-A154-02C6C31EF76A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up-16g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "367C2A49-4C4D-471B-9B34-AFAFA5AE9503",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F557E38-09F6-42C6-BABA-3C3168B38BBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A67D92F3-7EE1-4CFD-9608-4E35994C1BC4",
"versionEndExcluding": "6.2\\(22\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "074FE258-CE05-48CB-896C-AEACDF645093",
"versionEndExcluding": "7.2\\(0\\)d1\\(1\\)",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B8882184-A5B1-4F67-B942-FDEE2FFD43F4",
"versionEndExcluding": "8.2\\(3\\)",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DFAE6700-E2D9-486F-9113-CEAA6B47DE1F",
"versionEndExcluding": "8.3\\(2\\)",
"versionStartIncluding": "8.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:7000_10-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489A59F2-D44D-44ED-844C-E0EF83A23C4F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7000_18-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "79689D81-D8F0-4FB1-9B8F-62407474A042",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7000_4-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBA5F539-E8AC-44B5-9E9C-2E35F6CAA22E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7000_9-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D01E7A7E-7111-4C89-8EBD-080B0A3E069C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7700_10-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADCDCAC9-30F2-4EE3-9D02-5AA8BA6A1E99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7700_18-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "610E21F4-8188-4B5E-A80F-CFE0F2B9D8A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7700_2-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83003054-E458-4405-BA7F-A5EA415D296A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7700_6-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7610AAC-D1FE-44A8-9925-31F1CCA8AFEF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-f312ck-26:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F58B1C42-9150-48C9-9203-A2466FC61261",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-f324fq-25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0AD5DA69-09D9-436A-8FC1-A46626DE2789",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-f348xp-23:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0A9CD4D-4659-402D-BDF8-E5EF86449641",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-f430cq-36:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C9DC24E-6B6E-496C-8D8C-09B197B0A77E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-m312cq-26l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9AFA9BC1-3386-4AAE-A1B6-D81761D3EA9B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-m324fq-25l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D753638-4BE8-4BF5-A083-F8360003869D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-m348xp-23l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6AC35C-29B2-42C7-862D-D9AC3461D8D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-f248xp-25e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4FD83D1-8ECB-4DB8-A6E0-2F795F83B4CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-f306ck-25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B875911-E742-427B-AE07-C8A5955DEA62",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-f312fq-25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD0C6431-8EB1-4F69-AF28-8F5C55348AF5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-m202cf-22l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AFCA5EC7-9F36-4473-B0DF-4F0F9C680F10",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-m206fq-23l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D0E31D5-9F1D-46EC-824F-352A0098944B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-m224xp-23l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8AD0767-C42B-4BAC-B90C-F4412B661D7A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-m324fq-25l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B6BF05BA-E0CC-45D6-963F-27F0BD7B3C4F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-m348xp-25l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D409BDF3-9F35-4D94-9DF0-7B58A519A005",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_supervisor_1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "993AFE99-DFC3-4D92-90C8-D3A6495547BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_supervisor_2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7453E0FA-B05D-4888-AFB0-8FE8B8040DFC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_supervisor_2e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "108DB6B5-CB29-477F-84FC-52116F295878",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_supervisor_2e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FBB9435-1CD4-469E-BF16-AD98ADC99AAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_supervisor_3e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42ABB93D-2C3A-4029-B545-B638B6C7788E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:fx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C4F8E70D-012F-4465-AC5B-D31563BE219A",
"versionEndExcluding": "2.2.2.91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:fx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5C2C8263-BA5C-41D0-ABD9-42925B94BF84",
"versionEndExcluding": "2.3.1.130",
"versionStartIncluding": "2.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:fx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "564D0A43-37E4-477A-8ADD-5D2FC8092142",
"versionEndExcluding": "2.4.1.222",
"versionStartIncluding": "2.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38AE6DC0-2B03-4D36-9856-42530312CC46",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3DB2822B-B752-4CD9-A178-934957E306B4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65378F3A-777C-4AE2-87FB-1E7402F9EA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_9300_with_1_sm-24_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3C6CC11-470A-47A4-AAF5-D5580FB78562",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_9300_with_1_sm-36_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA4A2B35-5106-4F43-835A-7F97D2324373",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_9300_with_1_sm-44_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0F7F452-9294-4445-A344-1A76B277C45D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_9300_with_3_sm-44_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EA604D8-76C0-40B9-8675-02BEEA18E432",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A70947-97A8-4CC4-A656-1ABE64CA698F",
"versionEndExcluding": "13.2\\(7k\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "78F357E2-8074-420D-B06E-94D5076415AD",
"versionEndExcluding": "14.0\\(2c\\)",
"versionStartIncluding": "14.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5F3D4DA7-351B-4C4A-8C84-BBF0A2718974",
"versionEndIncluding": "14.1\\(1i\\)",
"versionStartIncluding": "14.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:9432pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E88418C-0BC4-4D90-A14D-0B89F8399AA5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:9536pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB93AD1-B5DD-4A69-B1A3-3F163BD2D8BA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:9636pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19F88FB2-1A75-4166-A4F5-039D67EAA1D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:9736pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A01B0559-5632-4658-AA3A-221DD28D963F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9432c-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "082A5A44-DC9A-4B48-8F28-1D0EC7F82410",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9464px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19BCB669-5CC8-4C67-B34C-3F5ADDD4C232",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9464tx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5E693D2-F1D5-4D22-885B-AE853221ABA9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9564px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C63F63AD-94EC-4A6D-92AF-7FBF6275746A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9564tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "490EAB88-A0F3-4A88-9A81-B414CE78B34B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9CE53D-E8B7-46CD-9B8B-C746A2524BA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636c-rx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6782DA1-5568-410D-86E6-2C2B909693DD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x97160yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "04A26215-DEB3-4337-AFE0-5E23C760060D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9732c-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B8F7177-147E-47C0-ADFB-4CD0768D52CD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9732c-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06A72F9F-773A-463D-8BEB-6B316DF21CFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9736c-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FC94E7D-84AF-4D2A-85A7-264CED2D107B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9736c-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC0082AD-1EFB-4AFE-9974-EAAB926553F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9788tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4BFAAE41-AD17-4F69-9029-8DD90D824E6F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "102F91CD-DFB6-43D4-AE5B-DA157A696230",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF467E2-4567-426E-8F48-39669E0F514C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31B9D1E4-10B9-4B6F-B848-D93ABF6486D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_a\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB270C45-756E-400A-979F-D07D750C881A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E8A085C-2DBA-4269-AB01-B16019FBB4DA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_b\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A79DD582-AF68-44F1-B640-766B46EF2BE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:x9636q-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90F30A43-9E4F-4A03-8060-A38B0925DBD2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "59B48D7E-BD70-4971-B508-1DAD4841C5CE",
"versionEndExcluding": "5.2\\(1\\)sv3\\(4.1a\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_1000v_switch:-:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "85E02290-E7D0-462F-A44A-30F22FFB2945",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E9D6862-7F78-47D2-B273-8EE4EAE216F5",
"versionEndExcluding": "5.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_1000v_switch:-:*:*:*:*:hyper-v:*:*",
"matchCriteriaId": "C4AB692D-309B-4A86-9558-C30C54DCCB2C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D83BFFF5-37F1-4446-AD4A-1266AD6ABBD7",
"versionEndExcluding": "5.2\\(1\\)sv5\\(1.2\\)",
"versionStartIncluding": "5.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_1000_virtual_edge:-:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "5481E367-6692-48A3-8475-5299C5EE0822",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3DFCC3C2-3483-4BD0-AF71-23574D0849B1",
"versionEndExcluding": "7.0\\(3\\)i4\\(9\\)",
"versionStartIncluding": "7.0\\(3\\)i4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1392CDF-115C-431A-AF9B-8414F9307163",
"versionEndExcluding": "7.0\\(3\\)i7\\(6\\)",
"versionStartIncluding": "7.0\\(3\\)i7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EF64A744-B207-4EAB-B395-1E477AE7E730",
"versionEndExcluding": "9.2\\(3\\)",
"versionStartIncluding": "9.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:n9k-c92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8397775-5A75-4710-9044-B56E1CEE20A1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C71319A9-5B95-410A-BDDB-C47639B8E464",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B573EF4-2ABE-4ABE-A8D6-D8E14AD29E73",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2E84307-41BC-4F85-BC9A-FF02178765F8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55A31452-5B60-4273-BA38-8FA684DED953",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C3FCA39-927B-4C89-A58B-E6859ED8176A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9732c-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B8F7177-147E-47C0-ADFB-4CD0768D52CD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9736c-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC0082AD-1EFB-4AFE-9974-EAAB926553F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1392CDF-115C-431A-AF9B-8414F9307163",
"versionEndExcluding": "7.0\\(3\\)i7\\(6\\)",
"versionStartIncluding": "7.0\\(3\\)i7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EF64A744-B207-4EAB-B395-1E477AE7E730",
"versionEndExcluding": "9.2\\(3\\)",
"versionStartIncluding": "9.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E505C0B1-2119-4C6A-BF96-C282C633D169",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "915EF8F6-6039-4DD0-B875-30D911752B74",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application on an affected device to restart unexpectedly. The vulnerability is due to improper validation of Abstract Syntax Notation One (ASN.1)-encoded variables in SNMP packets. An attacker could exploit this vulnerability by sending a crafted SNMP packet to the SNMP daemon on the affected device. A successful exploit could allow the attacker to cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service (DoS) condition."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el procesador de paquetes de entrada del Protocolo simple de administraci\u00f3n de redes (SNMP) del software Cisco FXOS y del software Cisco NX-OS podr\u00eda permitir que un atacante remoto autenticado haga que la aplicaci\u00f3n SNMP en un dispositivo afectado se reinicie inesperadamente. La vulnerabilidad se debe a la validaci\u00f3n incorrecta de las variables codificadas en la sintaxis abstracta de notaci\u00f3n uno (ASN.1) en los paquetes SNMP. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando un paquete SNMP especialmente dise\u00f1ado al demonio SNMP en el dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante hacer que la aplicaci\u00f3n SNMP se reinicie varias veces, lo que provocar\u00eda un reinicio a nivel del sistema y una condici\u00f3n de denegaci\u00f3n de servicio (DoS)."
}
],
"id": "CVE-2019-1963",
"lastModified": "2024-11-21T04:37:46.770",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.1,
"impactScore": 4.0,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-08-28T19:15:10.913",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-fxnxos-snmp-dos"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-fxnxos-snmp-dos"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-05-15 23:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability exists because software digital signatures are not properly verified during CLI command execution. An attacker could exploit this vulnerability to install an unsigned software image on an affected device.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securityfocus.com/bid/108425 | Broken Link, Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-sisv2 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/108425 | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-sisv2 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "85EA2795-869F-4406-937E-AB4C37EC6A15",
"versionEndExcluding": "7.0\\(3\\)i7\\(5\\)",
"versionStartIncluding": "7.0\\(3\\)i1\\(x\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F38F5064-F7E2-4B6F-BB50-32DBC205E164",
"versionEndExcluding": "9.2\\(2\\)",
"versionStartIncluding": "9.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-x\\/3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E142C18F-9FB5-4D96-866A-141D7D16CAF7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq\\/pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EFC116A-627F-4E05-B631-651D161217C8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E505C0B1-2119-4C6A-BF96-C282C633D169",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "915EF8F6-6039-4DD0-B875-30D911752B74",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "96BFEE5D-EF9F-4C21-BC51-FBA71029A6A7",
"versionEndExcluding": "7.0\\(3\\)f3\\(5\\)",
"versionStartIncluding": "7.0\\(3\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F38F5064-F7E2-4B6F-BB50-32DBC205E164",
"versionEndExcluding": "9.2\\(2\\)",
"versionStartIncluding": "9.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:n9k-c9504-fm-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91595E9E-BF7A-4438-9D25-05AB29DD16ED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9508-fm-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4818B000-7022-445A-8B0F-6B2E937AAEA3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13870733-AF0E-4453-AA0D-4A624F5AF2DD",
"versionEndExcluding": "7.0\\(3\\)i7\\(5\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F38F5064-F7E2-4B6F-BB50-32DBC205E164",
"versionEndExcluding": "9.2\\(2\\)",
"versionStartIncluding": "9.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:9432pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E88418C-0BC4-4D90-A14D-0B89F8399AA5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:9536pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB93AD1-B5DD-4A69-B1A3-3F163BD2D8BA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:9636pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19F88FB2-1A75-4166-A4F5-039D67EAA1D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:9736pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A01B0559-5632-4658-AA3A-221DD28D963F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9432c-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "082A5A44-DC9A-4B48-8F28-1D0EC7F82410",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9464px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19BCB669-5CC8-4C67-B34C-3F5ADDD4C232",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9464tx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5E693D2-F1D5-4D22-885B-AE853221ABA9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9564px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C63F63AD-94EC-4A6D-92AF-7FBF6275746A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9564tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "490EAB88-A0F3-4A88-9A81-B414CE78B34B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9CE53D-E8B7-46CD-9B8B-C746A2524BA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636c-rx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6782DA1-5568-410D-86E6-2C2B909693DD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x97160yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "04A26215-DEB3-4337-AFE0-5E23C760060D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9732c-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B8F7177-147E-47C0-ADFB-4CD0768D52CD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9732c-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06A72F9F-773A-463D-8BEB-6B316DF21CFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9736c-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FC94E7D-84AF-4D2A-85A7-264CED2D107B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9736c-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC0082AD-1EFB-4AFE-9974-EAAB926553F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9788tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4BFAAE41-AD17-4F69-9029-8DD90D824E6F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "102F91CD-DFB6-43D4-AE5B-DA157A696230",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF467E2-4567-426E-8F48-39669E0F514C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31B9D1E4-10B9-4B6F-B848-D93ABF6486D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_a\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB270C45-756E-400A-979F-D07D750C881A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E8A085C-2DBA-4269-AB01-B16019FBB4DA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_b\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A79DD582-AF68-44F1-B640-766B46EF2BE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:x9636q-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90F30A43-9E4F-4A03-8060-A38B0925DBD2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability exists because software digital signatures are not properly verified during CLI command execution. An attacker could exploit this vulnerability to install an unsigned software image on an affected device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funci\u00f3n Image Signature Verification del programa NX-OS de Cisco podr\u00eda permitir que un atacante local autenticado con credenciales de administrador para instalar una imagen de programa malintencionado en un dispositivo afectado. La vulnerabilidad se debe a que las firmas digitales del programa no se verifican correctamente durante la ejecuci\u00f3n del comando CLI. Un atacante podr\u00eda aprovechar esta vulnerabilidad para instalar una imagen de programa sin firmar en un dispositivo afectado."
}
],
"id": "CVE-2019-1813",
"lastModified": "2024-11-21T04:37:26.217",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-05-15T23:29:01.357",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108425"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-sisv2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108425"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-sisv2"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-347"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-347"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-03-11 21:29
Modified
2024-11-21 04:36
Severity ?
6.7 (Medium) - CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability is due to improper verification of digital signatures for software images. An attacker could exploit this vulnerability by loading an unsigned software image on an affected device. A successful exploit could allow the attacker to boot a malicious software image. Note: The fix for this vulnerability requires a BIOS upgrade as part of the software upgrade. For additional information, see the Details section of this advisory. Nexus 3000 Series Switches are affected running software versions prior to 7.0(3)I7(5). Nexus 9000 Series Fabric Switches in ACI Mode are affected running software versions prior to 13.2(1l). Nexus 9000 Series Switches in Standalone NX-OS Mode are affected running software versions prior to 7.0(3)I7(5). Nexus 9500 R-Series Line Cards and Fabric Modules are affected running software versions prior to 7.0(3)F3(5).
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securityfocus.com/bid/107397 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-sig-verif | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/107397 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-sig-verif | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7688EC58-4647-4A08-9E86-A71EA7C41B88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:9.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DD96C7AE-EECC-43F4-9132-1E7F8047C701",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:12.3\\(0.97\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6469886E-5C55-454F-A793-E64953B11E41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:9432pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E88418C-0BC4-4D90-A14D-0B89F8399AA5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:9536pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB93AD1-B5DD-4A69-B1A3-3F163BD2D8BA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:9636pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19F88FB2-1A75-4166-A4F5-039D67EAA1D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:9736pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A01B0559-5632-4658-AA3A-221DD28D963F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9432c-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "082A5A44-DC9A-4B48-8F28-1D0EC7F82410",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9464px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19BCB669-5CC8-4C67-B34C-3F5ADDD4C232",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9464tx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5E693D2-F1D5-4D22-885B-AE853221ABA9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9564px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C63F63AD-94EC-4A6D-92AF-7FBF6275746A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9564tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "490EAB88-A0F3-4A88-9A81-B414CE78B34B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9CE53D-E8B7-46CD-9B8B-C746A2524BA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636c-rx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6782DA1-5568-410D-86E6-2C2B909693DD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x97160yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "04A26215-DEB3-4337-AFE0-5E23C760060D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9732c-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B8F7177-147E-47C0-ADFB-4CD0768D52CD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9732c-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06A72F9F-773A-463D-8BEB-6B316DF21CFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9736c-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FC94E7D-84AF-4D2A-85A7-264CED2D107B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9736c-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC0082AD-1EFB-4AFE-9974-EAAB926553F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9788tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4BFAAE41-AD17-4F69-9029-8DD90D824E6F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "102F91CD-DFB6-43D4-AE5B-DA157A696230",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF467E2-4567-426E-8F48-39669E0F514C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:x9636q-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90F30A43-9E4F-4A03-8060-A38B0925DBD2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4480D800-595F-44CB-85ED-7E17A34A5BEF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:n3k-c31128pq-10ge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D296E7EE-4531-4D2B-BC0C-177FF0F06084",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n3k-c3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "572F9105-9B6C-4460-8B49-14812AC3DC28",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n3k-c3164q-40ge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C37EFC-C0E3-446B-8688-0B07084D7AB8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n3k-c3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA0C0A01-8EDD-44DB-8DB3-799CAF4367E1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability is due to improper verification of digital signatures for software images. An attacker could exploit this vulnerability by loading an unsigned software image on an affected device. A successful exploit could allow the attacker to boot a malicious software image. Note: The fix for this vulnerability requires a BIOS upgrade as part of the software upgrade. For additional information, see the Details section of this advisory. Nexus 3000 Series Switches are affected running software versions prior to 7.0(3)I7(5). Nexus 9000 Series Fabric Switches in ACI Mode are affected running software versions prior to 13.2(1l). Nexus 9000 Series Switches in Standalone NX-OS Mode are affected running software versions prior to 7.0(3)I7(5). Nexus 9500 R-Series Line Cards and Fabric Modules are affected running software versions prior to 7.0(3)F3(5)."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funcionalidad del software NX-OS de Cisco podr\u00eda permitir a un atacante local autenticado con credenciales de privilegios de administrador instalar una imagen de software maliciosa en un dispositivo. La vulnerabilidad se debe a una verificaci\u00f3n de firmas NX-OS incorrecta para im\u00e1genes de software. Un atacante podr\u00eda explotar esta vulnerabilidad cargando una imagen de software no firmada en un dispositivo afectado. Su explotaci\u00f3n con \u00e9xito podr\u00eda permitir que el atacante cargue una imagen de software maliciosa. Nota: Para solucionar esta vulnerabilidad, es necesario instalar una actualizaci\u00f3n de BIOS como parte de la actualizaci\u00f3n de software. Para m\u00e1s informaci\u00f3n, consulte los detalles de este aviso. Los switches de Nexus 3000 Series se ven afectados en versiones de software anteriores a la 7.0(3)I7(5). Las versiones anteriores a la 13.2(1l) de Nexus 9000 Series Fabric Switches, en modo ACI, se ven afectadas. Los switches de Nexus 9000 Series en modo Standalone NX-OS se ven afectados en versiones de software anteriores a la 7.0(3)I7(5). Los switches de 9500 R-Series Line Cards y Fabric Modules se ven afectados en versiones anteriores a la 7.0(3)F3(5)."
}
],
"id": "CVE-2019-1615",
"lastModified": "2024-11-21T04:36:56.073",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-03-11T21:29:00.920",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/107397"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-sig-verif"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/107397"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-sig-verif"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-347"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-347"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-05-15 21:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securityfocus.com/bid/108390 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1791 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/108390 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1791 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E762B981-6AC3-41E2-9FF5-DBA9616EA75C",
"versionEndExcluding": "6.2\\(25\\)",
"versionStartIncluding": "5.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A0ED649-6CBB-4CF6-9E0E-9C65184771BF",
"versionEndExcluding": "8.2\\(3\\)",
"versionStartIncluding": "7.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CFC2CF14-BF68-49FD-AFDE-886FD1A51520",
"versionEndExcluding": "8.3\\(1\\)",
"versionStartIncluding": "8.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:mds_9132t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56426D35-FCFD-406E-9144-2E66C8C86EFC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9148s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D25FA4A8-408B-4E94-B7D9-7DC54B61322F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9148t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "831B6D0F-A975-4CBA-B5BB-0AC4AD718FE8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9216:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A72BDC4-6640-45CC-A128-0CDEE38D3ADC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9216a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90094569-AA2C-4D35-807F-9551FACE255F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9216i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "306AFBC9-A236-4D03-A1EB-CE7E838D8415",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9222i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12DB1A25-A7C9-412F-88BC-E89588896395",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9250i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67CD5738-029B-43AA-9342-63719DC16138",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9396s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9EF9DC03-5370-46FD-9CA8-AC4DF5E922FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9396t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E81D2CC1-376A-4D87-88EA-6E1831741EC6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9506:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3925D2CF-9D7C-4498-8AF2-45E15D5D009F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9509:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C677D356-86C9-4491-A6CA-5E6306B2BB70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9513:-:*:*:*:*:*:*:*",
"matchCriteriaId": "28A3C579-7AAD-41A4-947F-CCB9B09402A5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9706:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5182CB50-4D32-4835-B1A8-817D989F919F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36B3B617-7554-4C36-9B41-19AA3BD2F6E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9718:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B88879A9-A7F5-41E0-8A38-0E09E3FD27F4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "92B576CF-5EAD-4830-A7B7-ACC434349691",
"versionEndExcluding": "7.0\\(3\\)i4\\(9\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "47A52C04-1709-413B-8B03-4EE27F3F1602",
"versionEndExcluding": "7.3\\(3\\)i7\\(6\\)",
"versionStartIncluding": "7.0\\(3\\)i7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:9432pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E88418C-0BC4-4D90-A14D-0B89F8399AA5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:9536pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB93AD1-B5DD-4A69-B1A3-3F163BD2D8BA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:9636pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19F88FB2-1A75-4166-A4F5-039D67EAA1D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:9736pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A01B0559-5632-4658-AA3A-221DD28D963F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9432c-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "082A5A44-DC9A-4B48-8F28-1D0EC7F82410",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9464px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19BCB669-5CC8-4C67-B34C-3F5ADDD4C232",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9464tx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5E693D2-F1D5-4D22-885B-AE853221ABA9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9564px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C63F63AD-94EC-4A6D-92AF-7FBF6275746A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9564tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "490EAB88-A0F3-4A88-9A81-B414CE78B34B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9CE53D-E8B7-46CD-9B8B-C746A2524BA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636c-rx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6782DA1-5568-410D-86E6-2C2B909693DD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x97160yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "04A26215-DEB3-4337-AFE0-5E23C760060D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9732c-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B8F7177-147E-47C0-ADFB-4CD0768D52CD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9732c-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06A72F9F-773A-463D-8BEB-6B316DF21CFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9736c-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FC94E7D-84AF-4D2A-85A7-264CED2D107B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9736c-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC0082AD-1EFB-4AFE-9974-EAAB926553F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9788tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4BFAAE41-AD17-4F69-9029-8DD90D824E6F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-x\\/3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E142C18F-9FB5-4D96-866A-141D7D16CAF7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq\\/pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EFC116A-627F-4E05-B631-651D161217C8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E505C0B1-2119-4C6A-BF96-C282C633D169",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "915EF8F6-6039-4DD0-B875-30D911752B74",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "102F91CD-DFB6-43D4-AE5B-DA157A696230",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF467E2-4567-426E-8F48-39669E0F514C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31B9D1E4-10B9-4B6F-B848-D93ABF6486D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_a\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB270C45-756E-400A-979F-D07D750C881A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E8A085C-2DBA-4269-AB01-B16019FBB4DA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_b\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A79DD582-AF68-44F1-B640-766B46EF2BE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:x9636q-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90F30A43-9E4F-4A03-8060-A38B0925DBD2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81FEA96D-5A66-415A-B46C-F25DC3E4E5EE",
"versionEndExcluding": "6.0\\(2\\)a8\\(11\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3DFCC3C2-3483-4BD0-AF71-23574D0849B1",
"versionEndExcluding": "7.0\\(3\\)i4\\(9\\)",
"versionStartIncluding": "7.0\\(3\\)i4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "47A52C04-1709-413B-8B03-4EE27F3F1602",
"versionEndExcluding": "7.3\\(3\\)i7\\(6\\)",
"versionStartIncluding": "7.0\\(3\\)i7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E505C0B1-2119-4C6A-BF96-C282C633D169",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "915EF8F6-6039-4DD0-B875-30D911752B74",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "96BFEE5D-EF9F-4C21-BC51-FBA71029A6A7",
"versionEndExcluding": "7.0\\(3\\)f3\\(5\\)",
"versionStartIncluding": "7.0\\(3\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:n9k-c9504-fm-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91595E9E-BF7A-4438-9D25-05AB29DD16ED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9508-fm-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4818B000-7022-445A-8B0F-6B2E937AAEA3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x96136yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BEE867E4-9EE8-4A06-A51B-627C228EF0A2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9CE53D-E8B7-46CD-9B8B-C746A2524BA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636c-rx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6782DA1-5568-410D-86E6-2C2B909693DD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636q-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1734D373-CA79-447E-96A7-EDA4D3F9C924",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:x96136yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2163BE9A-89E8-4585-9AD5-A1C764533F10",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:x9636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "569B5384-B93C-4FEF-88E7-3155ACE94F4B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:x9636c-rx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E7646FC-74C9-4188-9FDB-2C91D8D559D1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:x9636q-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90F30A43-9E4F-4A03-8060-A38B0925DBD2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA0C7252-4931-47EF-9AFD-0CE05C786613",
"versionEndExcluding": "7.3\\(4\\)n1\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA7F5823-41A8-47C8-A154-02C6C31EF76A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up-16g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "367C2A49-4C4D-471B-9B34-AFAFA5AE9503",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F557E38-09F6-42C6-BABA-3C3168B38BBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A67D92F3-7EE1-4CFD-9608-4E35994C1BC4",
"versionEndExcluding": "6.2\\(22\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3411F8C2-D65A-46CF-9563-0A9866462491",
"versionEndExcluding": "7.3\\(3\\)d1\\(1\\)",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B8882184-A5B1-4F67-B942-FDEE2FFD43F4",
"versionEndExcluding": "8.2\\(3\\)",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CFC2CF14-BF68-49FD-AFDE-886FD1A51520",
"versionEndExcluding": "8.3\\(1\\)",
"versionStartIncluding": "8.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:7000_10-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489A59F2-D44D-44ED-844C-E0EF83A23C4F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7000_18-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "79689D81-D8F0-4FB1-9B8F-62407474A042",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7000_4-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBA5F539-E8AC-44B5-9E9C-2E35F6CAA22E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7000_9-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D01E7A7E-7111-4C89-8EBD-080B0A3E069C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7700_10-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADCDCAC9-30F2-4EE3-9D02-5AA8BA6A1E99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7700_18-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "610E21F4-8188-4B5E-A80F-CFE0F2B9D8A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7700_2-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83003054-E458-4405-BA7F-A5EA415D296A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7700_6-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7610AAC-D1FE-44A8-9925-31F1CCA8AFEF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-f312ck-26:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F58B1C42-9150-48C9-9203-A2466FC61261",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-f324fq-25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0AD5DA69-09D9-436A-8FC1-A46626DE2789",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-f348xp-23:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0A9CD4D-4659-402D-BDF8-E5EF86449641",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-f430cq-36:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C9DC24E-6B6E-496C-8D8C-09B197B0A77E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-m312cq-26l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9AFA9BC1-3386-4AAE-A1B6-D81761D3EA9B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-m324fq-25l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D753638-4BE8-4BF5-A083-F8360003869D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-m348xp-23l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6AC35C-29B2-42C7-862D-D9AC3461D8D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-f248xp-25e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4FD83D1-8ECB-4DB8-A6E0-2F795F83B4CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-f306ck-25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B875911-E742-427B-AE07-C8A5955DEA62",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-f312fq-25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD0C6431-8EB1-4F69-AF28-8F5C55348AF5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-m202cf-22l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AFCA5EC7-9F36-4473-B0DF-4F0F9C680F10",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-m206fq-23l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D0E31D5-9F1D-46EC-824F-352A0098944B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-m224xp-23l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8AD0767-C42B-4BAC-B90C-F4412B661D7A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-m324fq-25l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B6BF05BA-E0CC-45D6-963F-27F0BD7B3C4F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-m348xp-25l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D409BDF3-9F35-4D94-9DF0-7B58A519A005",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_supervisor_1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "993AFE99-DFC3-4D92-90C8-D3A6495547BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_supervisor_2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7453E0FA-B05D-4888-AFB0-8FE8B8040DFC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_supervisor_2e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "108DB6B5-CB29-477F-84FC-52116F295878",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_supervisor_2e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FBB9435-1CD4-469E-BF16-AD98ADC99AAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_supervisor_3e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42ABB93D-2C3A-4029-B545-B638B6C7788E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la CLI del programa NX-OS de Cisco podr\u00eda permitir que un atacante local identificado con credenciales de administrador ejecute comandos arbitrarios con privilegios elevados en el sistema operativo subyacente de un dispositivo afectado. La vulnerabilidad es debido a una comprobaci\u00f3n insuficiente de los argumentos pasados ??a ciertos comandos de la CLI. Un atacante podr\u00eda explotar esta vulnerabilidad al incluir una entrada maliciosa como el argumento de un comando afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar comandos arbitrarios en el sistema operativo subyacente con privilegios elevados. Un atacante deber contar con credenciales de administrador v\u00e1lidas para explotar esta vulnerabilidad."
}
],
"id": "CVE-2019-1791",
"lastModified": "2024-11-21T04:37:23.437",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-05-15T21:29:03.303",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108390"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1791"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108390"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1791"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-88"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-05-15 21:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securityfocus.com/bid/108479 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1795 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/108479 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1795 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8F9D7D11-A8C6-4AAD-97DA-C5E5F9681F09",
"versionEndExcluding": "8.2\\(3\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CFC2CF14-BF68-49FD-AFDE-886FD1A51520",
"versionEndExcluding": "8.3\\(1\\)",
"versionStartIncluding": "8.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:mds_9132t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56426D35-FCFD-406E-9144-2E66C8C86EFC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9148s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D25FA4A8-408B-4E94-B7D9-7DC54B61322F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9148t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "831B6D0F-A975-4CBA-B5BB-0AC4AD718FE8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9216:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A72BDC4-6640-45CC-A128-0CDEE38D3ADC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9216a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90094569-AA2C-4D35-807F-9551FACE255F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9216i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "306AFBC9-A236-4D03-A1EB-CE7E838D8415",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9222i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12DB1A25-A7C9-412F-88BC-E89588896395",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9250i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67CD5738-029B-43AA-9342-63719DC16138",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9396s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9EF9DC03-5370-46FD-9CA8-AC4DF5E922FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9396t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E81D2CC1-376A-4D87-88EA-6E1831741EC6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9506:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3925D2CF-9D7C-4498-8AF2-45E15D5D009F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9509:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C677D356-86C9-4491-A6CA-5E6306B2BB70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9513:-:*:*:*:*:*:*:*",
"matchCriteriaId": "28A3C579-7AAD-41A4-947F-CCB9B09402A5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9706:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5182CB50-4D32-4835-B1A8-817D989F919F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36B3B617-7554-4C36-9B41-19AA3BD2F6E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9718:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B88879A9-A7F5-41E0-8A38-0E09E3FD27F4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "458C07FB-06EE-4081-8B4C-D16962FF9035",
"versionEndExcluding": "7.0\\(3\\)i4\\(8\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C4692FD8-8B7E-4418-A6E2-51A34117FFCD",
"versionEndExcluding": "7.3\\(3\\)i7\\(3\\)",
"versionStartIncluding": "7.0\\(3\\)i7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:9432pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E88418C-0BC4-4D90-A14D-0B89F8399AA5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:9536pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB93AD1-B5DD-4A69-B1A3-3F163BD2D8BA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:9636pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19F88FB2-1A75-4166-A4F5-039D67EAA1D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:9736pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A01B0559-5632-4658-AA3A-221DD28D963F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9432c-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "082A5A44-DC9A-4B48-8F28-1D0EC7F82410",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9464px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19BCB669-5CC8-4C67-B34C-3F5ADDD4C232",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9464tx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5E693D2-F1D5-4D22-885B-AE853221ABA9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9564px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C63F63AD-94EC-4A6D-92AF-7FBF6275746A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9564tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "490EAB88-A0F3-4A88-9A81-B414CE78B34B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9CE53D-E8B7-46CD-9B8B-C746A2524BA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636c-rx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6782DA1-5568-410D-86E6-2C2B909693DD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x97160yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "04A26215-DEB3-4337-AFE0-5E23C760060D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9732c-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B8F7177-147E-47C0-ADFB-4CD0768D52CD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9732c-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06A72F9F-773A-463D-8BEB-6B316DF21CFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9736c-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FC94E7D-84AF-4D2A-85A7-264CED2D107B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9736c-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC0082AD-1EFB-4AFE-9974-EAAB926553F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9788tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4BFAAE41-AD17-4F69-9029-8DD90D824E6F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-x\\/3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E142C18F-9FB5-4D96-866A-141D7D16CAF7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq\\/pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EFC116A-627F-4E05-B631-651D161217C8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E505C0B1-2119-4C6A-BF96-C282C633D169",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "915EF8F6-6039-4DD0-B875-30D911752B74",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "102F91CD-DFB6-43D4-AE5B-DA157A696230",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF467E2-4567-426E-8F48-39669E0F514C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31B9D1E4-10B9-4B6F-B848-D93ABF6486D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_a\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB270C45-756E-400A-979F-D07D750C881A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E8A085C-2DBA-4269-AB01-B16019FBB4DA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_b\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A79DD582-AF68-44F1-B640-766B46EF2BE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:x9636q-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90F30A43-9E4F-4A03-8060-A38B0925DBD2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81FEA96D-5A66-415A-B46C-F25DC3E4E5EE",
"versionEndExcluding": "6.0\\(2\\)a8\\(11\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F809C85E-BC8C-4650-B7C9-7A15315AE2BD",
"versionEndExcluding": "7.0\\(3\\)i4\\(8\\)",
"versionStartIncluding": "7.0\\(3\\)i4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C4692FD8-8B7E-4418-A6E2-51A34117FFCD",
"versionEndExcluding": "7.3\\(3\\)i7\\(3\\)",
"versionStartIncluding": "7.0\\(3\\)i7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E505C0B1-2119-4C6A-BF96-C282C633D169",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "915EF8F6-6039-4DD0-B875-30D911752B74",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "96BFEE5D-EF9F-4C21-BC51-FBA71029A6A7",
"versionEndExcluding": "7.0\\(3\\)f3\\(5\\)",
"versionStartIncluding": "7.0\\(3\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:n9k-c9504-fm-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91595E9E-BF7A-4438-9D25-05AB29DD16ED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9508-fm-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4818B000-7022-445A-8B0F-6B2E937AAEA3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x96136yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BEE867E4-9EE8-4A06-A51B-627C228EF0A2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9CE53D-E8B7-46CD-9B8B-C746A2524BA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636c-rx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6782DA1-5568-410D-86E6-2C2B909693DD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636q-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1734D373-CA79-447E-96A7-EDA4D3F9C924",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:x96136yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2163BE9A-89E8-4585-9AD5-A1C764533F10",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:x9636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "569B5384-B93C-4FEF-88E7-3155ACE94F4B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:x9636c-rx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E7646FC-74C9-4188-9FDB-2C91D8D559D1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:x9636q-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90F30A43-9E4F-4A03-8060-A38B0925DBD2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA0C7252-4931-47EF-9AFD-0CE05C786613",
"versionEndExcluding": "7.3\\(4\\)n1\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA7F5823-41A8-47C8-A154-02C6C31EF76A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up-16g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "367C2A49-4C4D-471B-9B34-AFAFA5AE9503",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F557E38-09F6-42C6-BABA-3C3168B38BBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A67D92F3-7EE1-4CFD-9608-4E35994C1BC4",
"versionEndExcluding": "6.2\\(22\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3411F8C2-D65A-46CF-9563-0A9866462491",
"versionEndExcluding": "7.3\\(3\\)d1\\(1\\)",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B8882184-A5B1-4F67-B942-FDEE2FFD43F4",
"versionEndExcluding": "8.2\\(3\\)",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CFC2CF14-BF68-49FD-AFDE-886FD1A51520",
"versionEndExcluding": "8.3\\(1\\)",
"versionStartIncluding": "8.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:7000_10-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489A59F2-D44D-44ED-844C-E0EF83A23C4F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7000_18-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "79689D81-D8F0-4FB1-9B8F-62407474A042",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7000_4-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBA5F539-E8AC-44B5-9E9C-2E35F6CAA22E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7000_9-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D01E7A7E-7111-4C89-8EBD-080B0A3E069C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7700_10-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADCDCAC9-30F2-4EE3-9D02-5AA8BA6A1E99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7700_18-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "610E21F4-8188-4B5E-A80F-CFE0F2B9D8A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7700_2-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83003054-E458-4405-BA7F-A5EA415D296A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7700_6-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7610AAC-D1FE-44A8-9925-31F1CCA8AFEF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-f312ck-26:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F58B1C42-9150-48C9-9203-A2466FC61261",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-f324fq-25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0AD5DA69-09D9-436A-8FC1-A46626DE2789",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-f348xp-23:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0A9CD4D-4659-402D-BDF8-E5EF86449641",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-f430cq-36:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C9DC24E-6B6E-496C-8D8C-09B197B0A77E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-m312cq-26l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9AFA9BC1-3386-4AAE-A1B6-D81761D3EA9B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-m324fq-25l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D753638-4BE8-4BF5-A083-F8360003869D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-m348xp-23l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6AC35C-29B2-42C7-862D-D9AC3461D8D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-f248xp-25e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4FD83D1-8ECB-4DB8-A6E0-2F795F83B4CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-f306ck-25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B875911-E742-427B-AE07-C8A5955DEA62",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-f312fq-25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD0C6431-8EB1-4F69-AF28-8F5C55348AF5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-m202cf-22l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AFCA5EC7-9F36-4473-B0DF-4F0F9C680F10",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-m206fq-23l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D0E31D5-9F1D-46EC-824F-352A0098944B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-m224xp-23l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8AD0767-C42B-4BAC-B90C-F4412B661D7A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-m324fq-25l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B6BF05BA-E0CC-45D6-963F-27F0BD7B3C4F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-m348xp-25l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D409BDF3-9F35-4D94-9DF0-7B58A519A005",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_supervisor_1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "993AFE99-DFC3-4D92-90C8-D3A6495547BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_supervisor_2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7453E0FA-B05D-4888-AFB0-8FE8B8040DFC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_supervisor_2e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "108DB6B5-CB29-477F-84FC-52116F295878",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_supervisor_2e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FBB9435-1CD4-469E-BF16-AD98ADC99AAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_supervisor_3e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42ABB93D-2C3A-4029-B545-B638B6C7788E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "19B38FA2-5F5C-45D3-9F03-1020AD03C0C7",
"versionEndExcluding": "3.2\\(3a\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E21FF51-A716-40AE-A9F3-BBAC2CF3A87D",
"versionEndExcluding": "4.0\\(1a\\)",
"versionStartIncluding": "4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49112D3F-DFAD-4E71-992B-9E0640FA388C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B82093C6-B36D-4E4E-AD7F-8C107646B8D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E406DDCE-6753-43E9-B6F0-7A038DE84E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6332-16up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "054D8EB2-97A3-4725-9DFF-27A4D231D90A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4356AAFD-C447-485B-8F9C-281A076C4BE4",
"versionEndExcluding": "2.0.1.201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4C3732BD-8732-4EE4-B915-92A040A6795B",
"versionEndExcluding": "2.2.2.54",
"versionStartIncluding": "2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D256B7B-1043-4D2B-9E2F-AA25637B29D6",
"versionEndExcluding": "2.3.1.73",
"versionStartIncluding": "2.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF89AAA7-02D6-486A-9AF6-8977E756115D",
"versionEndExcluding": "2.4.1.101",
"versionStartIncluding": "2.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38AE6DC0-2B03-4D36-9856-42530312CC46",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3DB2822B-B752-4CD9-A178-934957E306B4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65378F3A-777C-4AE2-87FB-1E7402F9EA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_9300_with_1_sm-24_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3C6CC11-470A-47A4-AAF5-D5580FB78562",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_9300_with_1_sm-36_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA4A2B35-5106-4F43-835A-7F97D2324373",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_9300_with_1_sm-44_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0F7F452-9294-4445-A344-1A76B277C45D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_9300_with_3_sm-44_modules:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5036DB7B-137C-413E-B328-8E7E5A84D5D8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DDF06979-4813-49A4-920D-D3B280B2456C",
"versionEndExcluding": "5.2\\(1\\)sv3\\(4.1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "9A5FFC5B-6F90-4E8F-9AE2-B4DA4C7A144B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E9D6862-7F78-47D2-B273-8EE4EAE216F5",
"versionEndExcluding": "5.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:hyper-v:*:*",
"matchCriteriaId": "69E1B4D2-4200-4C05-9E64-57A18823AF38",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la CLI de los programas FXOS y NX-OS de Cisco podr\u00eda permitir a un atacante local autenticado realizar comandos arbitrarios sobre el sistema operativo subyacente de un dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de los argumentos pasados ??a ciertos comandos de la CLI. Un atacante podr\u00eda aprovechar esta vulnerabilidad al incluir una entrada maliciosa como el argumento de un comando afectado. Un aprovechamiento exitoso podr\u00eda permitir al atacante ejecutar comandos arbitrarios en el sistema operativo subyacente con elevados privilegios. Un atacante necesitar\u00eda credenciales de administrador para aprovechar esta vulnerabilidad."
}
],
"id": "CVE-2019-1795",
"lastModified": "2024-11-21T04:37:23.847",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-05-15T21:29:03.367",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108479"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1795"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108479"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1795"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-88"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-05-15 23:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability exists because software digital signatures are not properly verified during CLI command execution. An attacker could exploit this vulnerability to install an unsigned software image on an affected device.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securityfocus.com/bid/108425 | Broken Link, Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-sisv2 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/108425 | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-sisv2 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5EBDB710-2B63-4219-8B3D-A930008C0122",
"versionEndExcluding": "7.0\\(3\\)i7\\(5\\)",
"versionStartIncluding": "6.0\\(2\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F38F5064-F7E2-4B6F-BB50-32DBC205E164",
"versionEndExcluding": "9.2\\(2\\)",
"versionStartIncluding": "9.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-x\\/3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E142C18F-9FB5-4D96-866A-141D7D16CAF7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq\\/pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EFC116A-627F-4E05-B631-651D161217C8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E505C0B1-2119-4C6A-BF96-C282C633D169",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "915EF8F6-6039-4DD0-B875-30D911752B74",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "96BFEE5D-EF9F-4C21-BC51-FBA71029A6A7",
"versionEndExcluding": "7.0\\(3\\)f3\\(5\\)",
"versionStartIncluding": "7.0\\(3\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F38F5064-F7E2-4B6F-BB50-32DBC205E164",
"versionEndExcluding": "9.2\\(2\\)",
"versionStartIncluding": "9.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:n9k-c9504-fm-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91595E9E-BF7A-4438-9D25-05AB29DD16ED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9508-fm-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4818B000-7022-445A-8B0F-6B2E937AAEA3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13870733-AF0E-4453-AA0D-4A624F5AF2DD",
"versionEndExcluding": "7.0\\(3\\)i7\\(5\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F38F5064-F7E2-4B6F-BB50-32DBC205E164",
"versionEndExcluding": "9.2\\(2\\)",
"versionStartIncluding": "9.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:9432pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E88418C-0BC4-4D90-A14D-0B89F8399AA5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:9536pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB93AD1-B5DD-4A69-B1A3-3F163BD2D8BA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:9636pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19F88FB2-1A75-4166-A4F5-039D67EAA1D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:9736pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A01B0559-5632-4658-AA3A-221DD28D963F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9432c-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "082A5A44-DC9A-4B48-8F28-1D0EC7F82410",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9464px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19BCB669-5CC8-4C67-B34C-3F5ADDD4C232",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9464tx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5E693D2-F1D5-4D22-885B-AE853221ABA9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9564px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C63F63AD-94EC-4A6D-92AF-7FBF6275746A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9564tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "490EAB88-A0F3-4A88-9A81-B414CE78B34B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9CE53D-E8B7-46CD-9B8B-C746A2524BA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636c-rx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6782DA1-5568-410D-86E6-2C2B909693DD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x97160yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "04A26215-DEB3-4337-AFE0-5E23C760060D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9732c-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B8F7177-147E-47C0-ADFB-4CD0768D52CD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9732c-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06A72F9F-773A-463D-8BEB-6B316DF21CFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9736c-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FC94E7D-84AF-4D2A-85A7-264CED2D107B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9736c-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC0082AD-1EFB-4AFE-9974-EAAB926553F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9788tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4BFAAE41-AD17-4F69-9029-8DD90D824E6F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "102F91CD-DFB6-43D4-AE5B-DA157A696230",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF467E2-4567-426E-8F48-39669E0F514C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31B9D1E4-10B9-4B6F-B848-D93ABF6486D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_a\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB270C45-756E-400A-979F-D07D750C881A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E8A085C-2DBA-4269-AB01-B16019FBB4DA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_b\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A79DD582-AF68-44F1-B640-766B46EF2BE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:x9636q-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90F30A43-9E4F-4A03-8060-A38B0925DBD2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability exists because software digital signatures are not properly verified during CLI command execution. An attacker could exploit this vulnerability to install an unsigned software image on an affected device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funci\u00f3n Image Signature Verification del software Cisco NX-OS podr\u00eda permitir que un atacante local autenticado con credenciales de administrador para instalar una imagen de software malintencionado en un dispositivo afectado. La vulnerabilidad se debe a que las firmas digitales del software no se verifican correctamente durante la ejecuci\u00f3n del comando CLI. Un atacante podr\u00eda aprovechar esta vulnerabilidad para instalar una imagen de software sin firmar en un dispositivo afectado."
}
],
"id": "CVE-2019-1812",
"lastModified": "2024-11-21T04:37:26.070",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-05-15T23:29:01.277",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108425"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-sisv2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108425"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-sisv2"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-347"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-347"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-07-04 20:15
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the fabric infrastructure VLAN connection establishment of the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, adjacent attacker to bypass security validations and connect an unauthorized server to the infrastructure VLAN. The vulnerability is due to insufficient security requirements during the Link Layer Discovery Protocol (LLDP) setup phase of the infrastructure VLAN. An attacker could exploit this vulnerability by sending a malicious LLDP packet on the adjacent subnet to the Cisco Nexus 9000 Series Switch in ACI mode. A successful exploit could allow the attacker to connect an unauthorized server to the infrastructure VLAN, which is highly privileged. With a connection to the infrastructure VLAN, the attacker can make unauthorized connections to Cisco Application Policy Infrastructure Controller (APIC) services or join other host endpoints.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securityfocus.com/bid/109052 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-n9kaci-bypass | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/109052 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-n9kaci-bypass | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | application_policy_infrastructure_controller | 7.3\(0\)zn\(0.113\) | |
| cisco | 9432pq | - | |
| cisco | 9536pq | - | |
| cisco | 9636pq | - | |
| cisco | 9736pq | - | |
| cisco | n9k-x9432c-s | - | |
| cisco | n9k-x9464px | - | |
| cisco | n9k-x9464tx2 | - | |
| cisco | n9k-x9564px | - | |
| cisco | n9k-x9564tx | - | |
| cisco | n9k-x9636c-r | - | |
| cisco | n9k-x9636c-rx | - | |
| cisco | n9k-x97160yc-ex | - | |
| cisco | n9k-x9732c-ex | - | |
| cisco | n9k-x9732c-fx | - | |
| cisco | n9k-x9736c-ex | - | |
| cisco | n9k-x9736c-fx | - | |
| cisco | n9k-x9788tc-fx | - | |
| cisco | nexus_92160yc-x | - | |
| cisco | nexus_93108tc-ex | - | |
| cisco | nexus_93108tc-fx | - | |
| cisco | nexus_93120tx | - | |
| cisco | nexus_9316d-gx | - | |
| cisco | nexus_93180yc-ex | - | |
| cisco | nexus_93180yc-fx | - | |
| cisco | nexus_93216tc-fx2 | - | |
| cisco | nexus_93240yc-fx2 | - | |
| cisco | nexus_9332c | - | |
| cisco | nexus_93360yc-fx2 | - | |
| cisco | nexus_9336c-fx2 | - | |
| cisco | nexus_9348gc-fxp | - | |
| cisco | nexus_93600cd-gx | - | |
| cisco | nexus_9364c | - | |
| cisco | x9636q-r | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:7.3\\(0\\)zn\\(0.113\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2A9DBF19-A5F0-4F62-84FB-1C73FCA1BF23",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:9432pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E88418C-0BC4-4D90-A14D-0B89F8399AA5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:9536pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB93AD1-B5DD-4A69-B1A3-3F163BD2D8BA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:9636pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19F88FB2-1A75-4166-A4F5-039D67EAA1D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:9736pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A01B0559-5632-4658-AA3A-221DD28D963F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9432c-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "082A5A44-DC9A-4B48-8F28-1D0EC7F82410",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9464px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19BCB669-5CC8-4C67-B34C-3F5ADDD4C232",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9464tx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5E693D2-F1D5-4D22-885B-AE853221ABA9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9564px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C63F63AD-94EC-4A6D-92AF-7FBF6275746A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9564tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "490EAB88-A0F3-4A88-9A81-B414CE78B34B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9CE53D-E8B7-46CD-9B8B-C746A2524BA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636c-rx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6782DA1-5568-410D-86E6-2C2B909693DD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x97160yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "04A26215-DEB3-4337-AFE0-5E23C760060D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9732c-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B8F7177-147E-47C0-ADFB-4CD0768D52CD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9732c-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06A72F9F-773A-463D-8BEB-6B316DF21CFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9736c-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FC94E7D-84AF-4D2A-85A7-264CED2D107B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9736c-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC0082AD-1EFB-4AFE-9974-EAAB926553F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9788tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4BFAAE41-AD17-4F69-9029-8DD90D824E6F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "102F91CD-DFB6-43D4-AE5B-DA157A696230",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF467E2-4567-426E-8F48-39669E0F514C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:x9636q-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90F30A43-9E4F-4A03-8060-A38B0925DBD2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the fabric infrastructure VLAN connection establishment of the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, adjacent attacker to bypass security validations and connect an unauthorized server to the infrastructure VLAN. The vulnerability is due to insufficient security requirements during the Link Layer Discovery Protocol (LLDP) setup phase of the infrastructure VLAN. An attacker could exploit this vulnerability by sending a malicious LLDP packet on the adjacent subnet to the Cisco Nexus 9000 Series Switch in ACI mode. A successful exploit could allow the attacker to connect an unauthorized server to the infrastructure VLAN, which is highly privileged. With a connection to the infrastructure VLAN, the attacker can make unauthorized connections to Cisco Application Policy Infrastructure Controller (APIC) services or join other host endpoints."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el establecimiento de conexi\u00f3n VLAN de la infraestructura de Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software podr\u00eda permitir a un atacante adyacente no autenticado eludir las validaciones de seguridad y conectar un servidor no autorizado a la infraestructura VLAN. La vulnerabilidad se debe a requisitos de seguridad insuficientes durante la fase de configuraci\u00f3n del protocolo de descubrimiento de capa de enlace (LLDP) de la infraestructura VLAN. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando un paquete LLDP malintencionado en la subred adyacente al conmutador Cisco Nexus 9000 Series en modo ACI. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir que el atacante conecte un servidor no autorizado a la infraestructura VLAN, que es altamente privilegiada. Con una conexi\u00f3n a la VLAN de infraestructura, el atacante puede realizar conexiones no autorizadas a los servicios Cisco Application Policy Infrastructure Controller (APIC) o unirse a otros puntos finales de host."
}
],
"id": "CVE-2019-1890",
"lastModified": "2024-11-21T04:37:37.437",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 4.0,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-07-04T20:15:11.123",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/109052"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-n9kaci-bypass"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/109052"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-n9kaci-bypass"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-05-15 20:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securityfocus.com/bid/108371 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1774-1775 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/108371 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1774-1775 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E762B981-6AC3-41E2-9FF5-DBA9616EA75C",
"versionEndExcluding": "6.2\\(25\\)",
"versionStartIncluding": "5.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86770ECC-BC1D-42BC-A65B-FCE598491BEE",
"versionEndExcluding": "8.1\\(1b\\)",
"versionStartIncluding": "7.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F4863FC5-6578-48DE-838D-E5D2EEFF27B1",
"versionEndExcluding": "8.3\\(1\\)",
"versionStartIncluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:mds_9132t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56426D35-FCFD-406E-9144-2E66C8C86EFC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9148s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D25FA4A8-408B-4E94-B7D9-7DC54B61322F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9148t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "831B6D0F-A975-4CBA-B5BB-0AC4AD718FE8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9216:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A72BDC4-6640-45CC-A128-0CDEE38D3ADC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9216a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90094569-AA2C-4D35-807F-9551FACE255F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9216i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "306AFBC9-A236-4D03-A1EB-CE7E838D8415",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9222i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12DB1A25-A7C9-412F-88BC-E89588896395",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9250i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67CD5738-029B-43AA-9342-63719DC16138",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9396s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9EF9DC03-5370-46FD-9CA8-AC4DF5E922FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9396t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E81D2CC1-376A-4D87-88EA-6E1831741EC6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9506:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3925D2CF-9D7C-4498-8AF2-45E15D5D009F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9509:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C677D356-86C9-4491-A6CA-5E6306B2BB70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9513:-:*:*:*:*:*:*:*",
"matchCriteriaId": "28A3C579-7AAD-41A4-947F-CCB9B09402A5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9706:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5182CB50-4D32-4835-B1A8-817D989F919F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36B3B617-7554-4C36-9B41-19AA3BD2F6E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9718:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B88879A9-A7F5-41E0-8A38-0E09E3FD27F4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "92B576CF-5EAD-4830-A7B7-ACC434349691",
"versionEndExcluding": "7.0\\(3\\)i4\\(9\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1865052B-3A59-4996-A1B0-0FA8B19F5949",
"versionEndExcluding": "7.3\\(3\\)i7\\(4\\)",
"versionStartIncluding": "7.0\\(3\\)i7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:9432pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E88418C-0BC4-4D90-A14D-0B89F8399AA5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:9536pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB93AD1-B5DD-4A69-B1A3-3F163BD2D8BA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:9636pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19F88FB2-1A75-4166-A4F5-039D67EAA1D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:9736pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A01B0559-5632-4658-AA3A-221DD28D963F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9432c-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "082A5A44-DC9A-4B48-8F28-1D0EC7F82410",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9464px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19BCB669-5CC8-4C67-B34C-3F5ADDD4C232",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9464tx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5E693D2-F1D5-4D22-885B-AE853221ABA9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9564px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C63F63AD-94EC-4A6D-92AF-7FBF6275746A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9564tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "490EAB88-A0F3-4A88-9A81-B414CE78B34B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9CE53D-E8B7-46CD-9B8B-C746A2524BA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636c-rx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6782DA1-5568-410D-86E6-2C2B909693DD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x97160yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "04A26215-DEB3-4337-AFE0-5E23C760060D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9732c-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B8F7177-147E-47C0-ADFB-4CD0768D52CD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9732c-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06A72F9F-773A-463D-8BEB-6B316DF21CFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9736c-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FC94E7D-84AF-4D2A-85A7-264CED2D107B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9736c-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC0082AD-1EFB-4AFE-9974-EAAB926553F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9788tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4BFAAE41-AD17-4F69-9029-8DD90D824E6F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-x\\/3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E142C18F-9FB5-4D96-866A-141D7D16CAF7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq\\/pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EFC116A-627F-4E05-B631-651D161217C8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E505C0B1-2119-4C6A-BF96-C282C633D169",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "915EF8F6-6039-4DD0-B875-30D911752B74",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "102F91CD-DFB6-43D4-AE5B-DA157A696230",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF467E2-4567-426E-8F48-39669E0F514C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31B9D1E4-10B9-4B6F-B848-D93ABF6486D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_a\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB270C45-756E-400A-979F-D07D750C881A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E8A085C-2DBA-4269-AB01-B16019FBB4DA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_b\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A79DD582-AF68-44F1-B640-766B46EF2BE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:x9636q-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90F30A43-9E4F-4A03-8060-A38B0925DBD2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81FEA96D-5A66-415A-B46C-F25DC3E4E5EE",
"versionEndExcluding": "6.0\\(2\\)a8\\(11\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3DFCC3C2-3483-4BD0-AF71-23574D0849B1",
"versionEndExcluding": "7.0\\(3\\)i4\\(9\\)",
"versionStartIncluding": "7.0\\(3\\)i4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1865052B-3A59-4996-A1B0-0FA8B19F5949",
"versionEndExcluding": "7.3\\(3\\)i7\\(4\\)",
"versionStartIncluding": "7.0\\(3\\)i7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E505C0B1-2119-4C6A-BF96-C282C633D169",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "915EF8F6-6039-4DD0-B875-30D911752B74",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "96BFEE5D-EF9F-4C21-BC51-FBA71029A6A7",
"versionEndExcluding": "7.0\\(3\\)f3\\(5\\)",
"versionStartIncluding": "7.0\\(3\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:n9k-c9504-fm-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91595E9E-BF7A-4438-9D25-05AB29DD16ED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9508-fm-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4818B000-7022-445A-8B0F-6B2E937AAEA3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x96136yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BEE867E4-9EE8-4A06-A51B-627C228EF0A2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9CE53D-E8B7-46CD-9B8B-C746A2524BA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636c-rx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6782DA1-5568-410D-86E6-2C2B909693DD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636q-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1734D373-CA79-447E-96A7-EDA4D3F9C924",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:x96136yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2163BE9A-89E8-4585-9AD5-A1C764533F10",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:x9636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "569B5384-B93C-4FEF-88E7-3155ACE94F4B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:x9636c-rx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E7646FC-74C9-4188-9FDB-2C91D8D559D1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:x9636q-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90F30A43-9E4F-4A03-8060-A38B0925DBD2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA0C7252-4931-47EF-9AFD-0CE05C786613",
"versionEndExcluding": "7.3\\(4\\)n1\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA7F5823-41A8-47C8-A154-02C6C31EF76A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up-16g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "367C2A49-4C4D-471B-9B34-AFAFA5AE9503",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F557E38-09F6-42C6-BABA-3C3168B38BBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A67D92F3-7EE1-4CFD-9608-4E35994C1BC4",
"versionEndExcluding": "6.2\\(22\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3411F8C2-D65A-46CF-9563-0A9866462491",
"versionEndExcluding": "7.3\\(3\\)d1\\(1\\)",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02E6779A-5759-4A83-B884-1B47FC124A22",
"versionEndExcluding": "8.3\\(1\\)",
"versionStartIncluding": "8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:7000_10-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489A59F2-D44D-44ED-844C-E0EF83A23C4F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7000_18-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "79689D81-D8F0-4FB1-9B8F-62407474A042",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7000_4-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBA5F539-E8AC-44B5-9E9C-2E35F6CAA22E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7000_9-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D01E7A7E-7111-4C89-8EBD-080B0A3E069C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7700_10-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADCDCAC9-30F2-4EE3-9D02-5AA8BA6A1E99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7700_18-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "610E21F4-8188-4B5E-A80F-CFE0F2B9D8A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7700_2-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83003054-E458-4405-BA7F-A5EA415D296A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7700_6-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7610AAC-D1FE-44A8-9925-31F1CCA8AFEF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-f312ck-26:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F58B1C42-9150-48C9-9203-A2466FC61261",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-f324fq-25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0AD5DA69-09D9-436A-8FC1-A46626DE2789",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-f348xp-23:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0A9CD4D-4659-402D-BDF8-E5EF86449641",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-f430cq-36:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C9DC24E-6B6E-496C-8D8C-09B197B0A77E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-m312cq-26l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9AFA9BC1-3386-4AAE-A1B6-D81761D3EA9B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-m324fq-25l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D753638-4BE8-4BF5-A083-F8360003869D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-m348xp-23l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6AC35C-29B2-42C7-862D-D9AC3461D8D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-f248xp-25e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4FD83D1-8ECB-4DB8-A6E0-2F795F83B4CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-f306ck-25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B875911-E742-427B-AE07-C8A5955DEA62",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-f312fq-25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD0C6431-8EB1-4F69-AF28-8F5C55348AF5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-m202cf-22l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AFCA5EC7-9F36-4473-B0DF-4F0F9C680F10",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-m206fq-23l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D0E31D5-9F1D-46EC-824F-352A0098944B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-m224xp-23l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8AD0767-C42B-4BAC-B90C-F4412B661D7A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-m324fq-25l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B6BF05BA-E0CC-45D6-963F-27F0BD7B3C4F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-m348xp-25l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D409BDF3-9F35-4D94-9DF0-7B58A519A005",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_supervisor_1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "993AFE99-DFC3-4D92-90C8-D3A6495547BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_supervisor_2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7453E0FA-B05D-4888-AFB0-8FE8B8040DFC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_supervisor_2e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "108DB6B5-CB29-477F-84FC-52116F295878",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_supervisor_2e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FBB9435-1CD4-469E-BF16-AD98ADC99AAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_supervisor_3e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42ABB93D-2C3A-4029-B545-B638B6C7788E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la CLI del programa NX-OS de Cisco podr\u00eda permitir a un atacante local autenticado ejecutar comandos arbitrarios en el sistema operativo subyacente de un dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de los argumentos pasados ??a ciertos comandos de la CLI. Un atacante podr\u00eda aprovechar esta vulnerabilidad al incluir una entrada maliciosa como el argumento de un comando afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar comandos arbitrarios en el sistema operativo subyacente con privilegios elevados. Un atacante necesitar\u00eda credenciales de administrador v\u00e1lidas para aprovechar esta vulnerabilidad."
}
],
"id": "CVE-2019-1774",
"lastModified": "2024-11-21T04:37:20.850",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-05-15T20:29:01.057",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108371"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1774-1775"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108371"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1774-1775"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-05-15 20:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with valid administrator credentials to execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securityfocus.com/bid/108383 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1790 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/108383 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1790 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E762B981-6AC3-41E2-9FF5-DBA9616EA75C",
"versionEndExcluding": "6.2\\(25\\)",
"versionStartIncluding": "5.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86770ECC-BC1D-42BC-A65B-FCE598491BEE",
"versionEndExcluding": "8.1\\(1b\\)",
"versionStartIncluding": "7.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "27A4ABA8-4A7F-4517-A969-76DAE589D194",
"versionEndExcluding": "8.2\\(3\\)",
"versionStartIncluding": "8.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CFC2CF14-BF68-49FD-AFDE-886FD1A51520",
"versionEndExcluding": "8.3\\(1\\)",
"versionStartIncluding": "8.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:mds_9132t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56426D35-FCFD-406E-9144-2E66C8C86EFC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9148s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D25FA4A8-408B-4E94-B7D9-7DC54B61322F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9148t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "831B6D0F-A975-4CBA-B5BB-0AC4AD718FE8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9216:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A72BDC4-6640-45CC-A128-0CDEE38D3ADC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9216a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90094569-AA2C-4D35-807F-9551FACE255F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9216i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "306AFBC9-A236-4D03-A1EB-CE7E838D8415",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9222i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12DB1A25-A7C9-412F-88BC-E89588896395",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9250i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67CD5738-029B-43AA-9342-63719DC16138",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9396s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9EF9DC03-5370-46FD-9CA8-AC4DF5E922FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9396t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E81D2CC1-376A-4D87-88EA-6E1831741EC6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9506:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3925D2CF-9D7C-4498-8AF2-45E15D5D009F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9509:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C677D356-86C9-4491-A6CA-5E6306B2BB70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9513:-:*:*:*:*:*:*:*",
"matchCriteriaId": "28A3C579-7AAD-41A4-947F-CCB9B09402A5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9706:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5182CB50-4D32-4835-B1A8-817D989F919F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36B3B617-7554-4C36-9B41-19AA3BD2F6E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9718:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B88879A9-A7F5-41E0-8A38-0E09E3FD27F4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "458C07FB-06EE-4081-8B4C-D16962FF9035",
"versionEndExcluding": "7.0\\(3\\)i4\\(8\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C4692FD8-8B7E-4418-A6E2-51A34117FFCD",
"versionEndExcluding": "7.3\\(3\\)i7\\(3\\)",
"versionStartIncluding": "7.0\\(3\\)i7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:9432pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E88418C-0BC4-4D90-A14D-0B89F8399AA5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:9536pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB93AD1-B5DD-4A69-B1A3-3F163BD2D8BA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:9636pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19F88FB2-1A75-4166-A4F5-039D67EAA1D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:9736pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A01B0559-5632-4658-AA3A-221DD28D963F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9432c-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "082A5A44-DC9A-4B48-8F28-1D0EC7F82410",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9464px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19BCB669-5CC8-4C67-B34C-3F5ADDD4C232",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9464tx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5E693D2-F1D5-4D22-885B-AE853221ABA9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9564px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C63F63AD-94EC-4A6D-92AF-7FBF6275746A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9564tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "490EAB88-A0F3-4A88-9A81-B414CE78B34B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9CE53D-E8B7-46CD-9B8B-C746A2524BA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636c-rx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6782DA1-5568-410D-86E6-2C2B909693DD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x97160yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "04A26215-DEB3-4337-AFE0-5E23C760060D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9732c-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B8F7177-147E-47C0-ADFB-4CD0768D52CD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9732c-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06A72F9F-773A-463D-8BEB-6B316DF21CFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9736c-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FC94E7D-84AF-4D2A-85A7-264CED2D107B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9736c-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC0082AD-1EFB-4AFE-9974-EAAB926553F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9788tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4BFAAE41-AD17-4F69-9029-8DD90D824E6F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-x\\/3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E142C18F-9FB5-4D96-866A-141D7D16CAF7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq\\/pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EFC116A-627F-4E05-B631-651D161217C8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E505C0B1-2119-4C6A-BF96-C282C633D169",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "915EF8F6-6039-4DD0-B875-30D911752B74",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "102F91CD-DFB6-43D4-AE5B-DA157A696230",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF467E2-4567-426E-8F48-39669E0F514C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31B9D1E4-10B9-4B6F-B848-D93ABF6486D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_a\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB270C45-756E-400A-979F-D07D750C881A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E8A085C-2DBA-4269-AB01-B16019FBB4DA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_b\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A79DD582-AF68-44F1-B640-766B46EF2BE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:x9636q-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90F30A43-9E4F-4A03-8060-A38B0925DBD2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "96BFEE5D-EF9F-4C21-BC51-FBA71029A6A7",
"versionEndExcluding": "7.0\\(3\\)f3\\(5\\)",
"versionStartIncluding": "7.0\\(3\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:n9k-c9504-fm-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91595E9E-BF7A-4438-9D25-05AB29DD16ED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9508-fm-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4818B000-7022-445A-8B0F-6B2E937AAEA3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x96136yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BEE867E4-9EE8-4A06-A51B-627C228EF0A2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9CE53D-E8B7-46CD-9B8B-C746A2524BA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636c-rx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6782DA1-5568-410D-86E6-2C2B909693DD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636q-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1734D373-CA79-447E-96A7-EDA4D3F9C924",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:x96136yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2163BE9A-89E8-4585-9AD5-A1C764533F10",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:x9636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "569B5384-B93C-4FEF-88E7-3155ACE94F4B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:x9636c-rx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E7646FC-74C9-4188-9FDB-2C91D8D559D1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:x9636q-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90F30A43-9E4F-4A03-8060-A38B0925DBD2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA0C7252-4931-47EF-9AFD-0CE05C786613",
"versionEndExcluding": "7.3\\(4\\)n1\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA7F5823-41A8-47C8-A154-02C6C31EF76A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up-16g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "367C2A49-4C4D-471B-9B34-AFAFA5AE9503",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F557E38-09F6-42C6-BABA-3C3168B38BBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A67D92F3-7EE1-4CFD-9608-4E35994C1BC4",
"versionEndExcluding": "6.2\\(22\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3411F8C2-D65A-46CF-9563-0A9866462491",
"versionEndExcluding": "7.3\\(3\\)d1\\(1\\)",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B8882184-A5B1-4F67-B942-FDEE2FFD43F4",
"versionEndExcluding": "8.2\\(3\\)",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CFC2CF14-BF68-49FD-AFDE-886FD1A51520",
"versionEndExcluding": "8.3\\(1\\)",
"versionStartIncluding": "8.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:7000_10-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489A59F2-D44D-44ED-844C-E0EF83A23C4F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7000_18-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "79689D81-D8F0-4FB1-9B8F-62407474A042",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7000_4-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBA5F539-E8AC-44B5-9E9C-2E35F6CAA22E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7000_9-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D01E7A7E-7111-4C89-8EBD-080B0A3E069C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7700_10-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADCDCAC9-30F2-4EE3-9D02-5AA8BA6A1E99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7700_18-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "610E21F4-8188-4B5E-A80F-CFE0F2B9D8A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7700_2-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83003054-E458-4405-BA7F-A5EA415D296A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7700_6-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7610AAC-D1FE-44A8-9925-31F1CCA8AFEF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-f312ck-26:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F58B1C42-9150-48C9-9203-A2466FC61261",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-f324fq-25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0AD5DA69-09D9-436A-8FC1-A46626DE2789",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-f348xp-23:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0A9CD4D-4659-402D-BDF8-E5EF86449641",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-f430cq-36:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C9DC24E-6B6E-496C-8D8C-09B197B0A77E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-m312cq-26l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9AFA9BC1-3386-4AAE-A1B6-D81761D3EA9B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-m324fq-25l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D753638-4BE8-4BF5-A083-F8360003869D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-m348xp-23l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6AC35C-29B2-42C7-862D-D9AC3461D8D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-f248xp-25e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4FD83D1-8ECB-4DB8-A6E0-2F795F83B4CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-f306ck-25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B875911-E742-427B-AE07-C8A5955DEA62",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-f312fq-25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD0C6431-8EB1-4F69-AF28-8F5C55348AF5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-m202cf-22l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AFCA5EC7-9F36-4473-B0DF-4F0F9C680F10",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-m206fq-23l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D0E31D5-9F1D-46EC-824F-352A0098944B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-m224xp-23l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8AD0767-C42B-4BAC-B90C-F4412B661D7A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-m324fq-25l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B6BF05BA-E0CC-45D6-963F-27F0BD7B3C4F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-m348xp-25l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D409BDF3-9F35-4D94-9DF0-7B58A519A005",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_supervisor_1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "993AFE99-DFC3-4D92-90C8-D3A6495547BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_supervisor_2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7453E0FA-B05D-4888-AFB0-8FE8B8040DFC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_supervisor_2e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "108DB6B5-CB29-477F-84FC-52116F295878",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_supervisor_2e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FBB9435-1CD4-469E-BF16-AD98ADC99AAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_supervisor_3e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42ABB93D-2C3A-4029-B545-B638B6C7788E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA67BFA-71AF-4071-AD0D-CBD05E2D59CB",
"versionEndExcluding": "4.0\\(1a\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49112D3F-DFAD-4E71-992B-9E0640FA388C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B82093C6-B36D-4E4E-AD7F-8C107646B8D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E406DDCE-6753-43E9-B6F0-7A038DE84E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ucs_6332-16up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "054D8EB2-97A3-4725-9DFF-27A4D231D90A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with valid administrator credentials to execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la CLI del programa NX-OS de Cisco podr\u00eda permitir a un atacante local autenticado ejecutar comandos arbitrarios sobre el sistema operativo Linux subyacente con el nivel de privilegio de ra\u00edz. La vulnerabilidad es debido a una insuficiente validaci\u00f3n de los argumentos pasados ??a un comando CLI espec\u00edfico en el dispositivo afectado. Un atacante podr\u00eda aprovechar esta vulnerabilidad al incluir una entrada maliciosa como el argumento de un comando afectado. Un aprovechamiento exitoso podr\u00eda permitir al atacante realizar comandos arbitrarios sobre el sistema operativo Linux subyacente con elevados privilegios . Un atacante necesitar\u00eda credenciales de administrador v\u00e1lidas para aprovechar esta vulnerabilidad."
}
],
"id": "CVE-2019-1790",
"lastModified": "2024-11-21T04:37:23.283",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-05-15T20:29:01.650",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108383"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1790"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108383"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1790"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-88"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-05-16 02:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause the SNMP application to leak system memory, which could cause an affected device to restart unexpectedly. The vulnerability is due to improper error handling when processing inbound SNMP packets. An attacker could exploit this vulnerability by sending multiple crafted SNMP packets to an affected device. A successful exploit could allow the attacker to cause the SNMP application to leak system memory because of an improperly handled error condition during packet processing. Over time, this memory leak could cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service (DoS) condition.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securityfocus.com/bid/108358 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-snmp-dos | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/108358 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-snmp-dos | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FDA0B4D7-BFD0-474C-AAB9-7A9244CC0E08",
"versionEndExcluding": "8.1\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:mds_9132t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56426D35-FCFD-406E-9144-2E66C8C86EFC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9148s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D25FA4A8-408B-4E94-B7D9-7DC54B61322F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9148t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "831B6D0F-A975-4CBA-B5BB-0AC4AD718FE8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9216:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A72BDC4-6640-45CC-A128-0CDEE38D3ADC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9216a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90094569-AA2C-4D35-807F-9551FACE255F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9216i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "306AFBC9-A236-4D03-A1EB-CE7E838D8415",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9222i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12DB1A25-A7C9-412F-88BC-E89588896395",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9250i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67CD5738-029B-43AA-9342-63719DC16138",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9396s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9EF9DC03-5370-46FD-9CA8-AC4DF5E922FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9396t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E81D2CC1-376A-4D87-88EA-6E1831741EC6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9506:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3925D2CF-9D7C-4498-8AF2-45E15D5D009F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9509:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C677D356-86C9-4491-A6CA-5E6306B2BB70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9513:-:*:*:*:*:*:*:*",
"matchCriteriaId": "28A3C579-7AAD-41A4-947F-CCB9B09402A5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9706:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5182CB50-4D32-4835-B1A8-817D989F919F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36B3B617-7554-4C36-9B41-19AA3BD2F6E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9718:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B88879A9-A7F5-41E0-8A38-0E09E3FD27F4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "458C07FB-06EE-4081-8B4C-D16962FF9035",
"versionEndExcluding": "7.0\\(3\\)i4\\(8\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12F279A5-D64B-49E7-81CC-F2462EEF9628",
"versionEndExcluding": "7.0\\(3\\)i7\\(2\\)",
"versionStartIncluding": "7.0\\(3\\)i7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:9432pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E88418C-0BC4-4D90-A14D-0B89F8399AA5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:9536pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB93AD1-B5DD-4A69-B1A3-3F163BD2D8BA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:9636pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19F88FB2-1A75-4166-A4F5-039D67EAA1D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:9736pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A01B0559-5632-4658-AA3A-221DD28D963F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9432c-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "082A5A44-DC9A-4B48-8F28-1D0EC7F82410",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9464px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19BCB669-5CC8-4C67-B34C-3F5ADDD4C232",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9464tx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5E693D2-F1D5-4D22-885B-AE853221ABA9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9564px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C63F63AD-94EC-4A6D-92AF-7FBF6275746A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9564tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "490EAB88-A0F3-4A88-9A81-B414CE78B34B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9CE53D-E8B7-46CD-9B8B-C746A2524BA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636c-rx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6782DA1-5568-410D-86E6-2C2B909693DD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x97160yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "04A26215-DEB3-4337-AFE0-5E23C760060D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9732c-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B8F7177-147E-47C0-ADFB-4CD0768D52CD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9732c-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06A72F9F-773A-463D-8BEB-6B316DF21CFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9736c-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FC94E7D-84AF-4D2A-85A7-264CED2D107B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9736c-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC0082AD-1EFB-4AFE-9974-EAAB926553F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9788tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4BFAAE41-AD17-4F69-9029-8DD90D824E6F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-x\\/3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E142C18F-9FB5-4D96-866A-141D7D16CAF7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq\\/pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EFC116A-627F-4E05-B631-651D161217C8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E505C0B1-2119-4C6A-BF96-C282C633D169",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "915EF8F6-6039-4DD0-B875-30D911752B74",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "102F91CD-DFB6-43D4-AE5B-DA157A696230",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF467E2-4567-426E-8F48-39669E0F514C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31B9D1E4-10B9-4B6F-B848-D93ABF6486D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_a\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB270C45-756E-400A-979F-D07D750C881A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E8A085C-2DBA-4269-AB01-B16019FBB4DA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_b\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A79DD582-AF68-44F1-B640-766B46EF2BE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:x9636q-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90F30A43-9E4F-4A03-8060-A38B0925DBD2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "426B8E00-3C78-4C2B-9C0F-257875EE0335",
"versionEndExcluding": "7.0\\(3\\)f3\\(1\\)",
"versionStartIncluding": "7.0\\(3\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:n9k-c9504-fm-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91595E9E-BF7A-4438-9D25-05AB29DD16ED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-c9508-fm-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4818B000-7022-445A-8B0F-6B2E937AAEA3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x96136yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BEE867E4-9EE8-4A06-A51B-627C228EF0A2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9CE53D-E8B7-46CD-9B8B-C746A2524BA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636c-rx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6782DA1-5568-410D-86E6-2C2B909693DD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636q-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1734D373-CA79-447E-96A7-EDA4D3F9C924",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:x96136yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2163BE9A-89E8-4585-9AD5-A1C764533F10",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:x9636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "569B5384-B93C-4FEF-88E7-3155ACE94F4B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:x9636c-rx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E7646FC-74C9-4188-9FDB-2C91D8D559D1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:x9636q-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90F30A43-9E4F-4A03-8060-A38B0925DBD2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "934E7941-C773-4032-944B-4AC57FB11D23",
"versionEndExcluding": "7.1\\(5\\)n1\\(1b\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0F06C25C-4E7C-4485-9774-84FE72396BE2",
"versionEndExcluding": "7.3\\(4\\)n1\\(1a\\)",
"versionStartIncluding": "7.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA7F5823-41A8-47C8-A154-02C6C31EF76A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up-16g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "367C2A49-4C4D-471B-9B34-AFAFA5AE9503",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F557E38-09F6-42C6-BABA-3C3168B38BBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A67D92F3-7EE1-4CFD-9608-4E35994C1BC4",
"versionEndExcluding": "6.2\\(22\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "074FE258-CE05-48CB-896C-AEACDF645093",
"versionEndExcluding": "7.2\\(0\\)d1\\(1\\)",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B16DD0F7-0DF2-4423-B0AA-04C3BBDEA757",
"versionEndExcluding": "8.1\\(1\\)",
"versionStartIncluding": "8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:7000_10-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489A59F2-D44D-44ED-844C-E0EF83A23C4F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7000_18-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "79689D81-D8F0-4FB1-9B8F-62407474A042",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7000_4-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBA5F539-E8AC-44B5-9E9C-2E35F6CAA22E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7000_9-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D01E7A7E-7111-4C89-8EBD-080B0A3E069C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7700_10-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADCDCAC9-30F2-4EE3-9D02-5AA8BA6A1E99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7700_18-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "610E21F4-8188-4B5E-A80F-CFE0F2B9D8A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7700_2-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83003054-E458-4405-BA7F-A5EA415D296A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7700_6-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7610AAC-D1FE-44A8-9925-31F1CCA8AFEF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-f312ck-26:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F58B1C42-9150-48C9-9203-A2466FC61261",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-f324fq-25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0AD5DA69-09D9-436A-8FC1-A46626DE2789",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-f348xp-23:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0A9CD4D-4659-402D-BDF8-E5EF86449641",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-f430cq-36:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C9DC24E-6B6E-496C-8D8C-09B197B0A77E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-m312cq-26l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9AFA9BC1-3386-4AAE-A1B6-D81761D3EA9B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-m324fq-25l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D753638-4BE8-4BF5-A083-F8360003869D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-m348xp-23l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6AC35C-29B2-42C7-862D-D9AC3461D8D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-f248xp-25e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4FD83D1-8ECB-4DB8-A6E0-2F795F83B4CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-f306ck-25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B875911-E742-427B-AE07-C8A5955DEA62",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-f312fq-25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD0C6431-8EB1-4F69-AF28-8F5C55348AF5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-m202cf-22l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AFCA5EC7-9F36-4473-B0DF-4F0F9C680F10",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-m206fq-23l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D0E31D5-9F1D-46EC-824F-352A0098944B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-m224xp-23l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8AD0767-C42B-4BAC-B90C-F4412B661D7A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-m324fq-25l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B6BF05BA-E0CC-45D6-963F-27F0BD7B3C4F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-m348xp-25l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D409BDF3-9F35-4D94-9DF0-7B58A519A005",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_supervisor_1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "993AFE99-DFC3-4D92-90C8-D3A6495547BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_supervisor_2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7453E0FA-B05D-4888-AFB0-8FE8B8040DFC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_supervisor_2e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "108DB6B5-CB29-477F-84FC-52116F295878",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_supervisor_2e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FBB9435-1CD4-469E-BF16-AD98ADC99AAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_supervisor_3e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42ABB93D-2C3A-4029-B545-B638B6C7788E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "998DF854-FA86-4C76-8B50-44E90FBF6B48",
"versionEndExcluding": "2.6.1.131",
"versionStartIncluding": "2.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:fx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C4F8E70D-012F-4465-AC5B-D31563BE219A",
"versionEndExcluding": "2.2.2.91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:fx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5C2C8263-BA5C-41D0-ABD9-42925B94BF84",
"versionEndExcluding": "2.3.1.130",
"versionStartIncluding": "2.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:fx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "564D0A43-37E4-477A-8ADD-5D2FC8092142",
"versionEndExcluding": "2.4.1.222",
"versionStartIncluding": "2.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38AE6DC0-2B03-4D36-9856-42530312CC46",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3DB2822B-B752-4CD9-A178-934957E306B4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65378F3A-777C-4AE2-87FB-1E7402F9EA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_9300_with_1_sm-24_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3C6CC11-470A-47A4-AAF5-D5580FB78562",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_9300_with_1_sm-36_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA4A2B35-5106-4F43-835A-7F97D2324373",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_9300_with_1_sm-44_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0F7F452-9294-4445-A344-1A76B277C45D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_9300_with_3_sm-44_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EA604D8-76C0-40B9-8675-02BEEA18E432",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9904E827-0F28-4776-A3B5-7E4F3FB524C8",
"versionEndExcluding": "14.0\\(2c\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A497D055-0061-425D-A209-C8919C708B4E",
"versionEndExcluding": "14.1\\(1i\\)",
"versionStartIncluding": "14.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:9432pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E88418C-0BC4-4D90-A14D-0B89F8399AA5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:9536pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB93AD1-B5DD-4A69-B1A3-3F163BD2D8BA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:9636pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19F88FB2-1A75-4166-A4F5-039D67EAA1D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:9736pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A01B0559-5632-4658-AA3A-221DD28D963F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9432c-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "082A5A44-DC9A-4B48-8F28-1D0EC7F82410",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9464px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19BCB669-5CC8-4C67-B34C-3F5ADDD4C232",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9464tx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5E693D2-F1D5-4D22-885B-AE853221ABA9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9564px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C63F63AD-94EC-4A6D-92AF-7FBF6275746A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9564tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "490EAB88-A0F3-4A88-9A81-B414CE78B34B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9CE53D-E8B7-46CD-9B8B-C746A2524BA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636c-rx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6782DA1-5568-410D-86E6-2C2B909693DD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x97160yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "04A26215-DEB3-4337-AFE0-5E23C760060D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9732c-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B8F7177-147E-47C0-ADFB-4CD0768D52CD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9732c-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06A72F9F-773A-463D-8BEB-6B316DF21CFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9736c-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FC94E7D-84AF-4D2A-85A7-264CED2D107B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9736c-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC0082AD-1EFB-4AFE-9974-EAAB926553F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9788tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4BFAAE41-AD17-4F69-9029-8DD90D824E6F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "102F91CD-DFB6-43D4-AE5B-DA157A696230",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF467E2-4567-426E-8F48-39669E0F514C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31B9D1E4-10B9-4B6F-B848-D93ABF6486D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_a\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB270C45-756E-400A-979F-D07D750C881A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E8A085C-2DBA-4269-AB01-B16019FBB4DA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_b\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A79DD582-AF68-44F1-B640-766B46EF2BE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:x9636q-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90F30A43-9E4F-4A03-8060-A38B0925DBD2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D627F011-5AEC-4BA5-9B61-D50DD3CC4DE6",
"versionEndExcluding": "6.0\\(2\\)a8\\(4\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12F279A5-D64B-49E7-81CC-F2462EEF9628",
"versionEndExcluding": "7.0\\(3\\)i7\\(2\\)",
"versionStartIncluding": "7.0\\(3\\)i7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E505C0B1-2119-4C6A-BF96-C282C633D169",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "915EF8F6-6039-4DD0-B875-30D911752B74",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "59B48D7E-BD70-4971-B508-1DAD4841C5CE",
"versionEndExcluding": "5.2\\(1\\)sv3\\(4.1a\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:hyper-v:*:*",
"matchCriteriaId": "69E1B4D2-4200-4C05-9E64-57A18823AF38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "9A5FFC5B-6F90-4E8F-9AE2-B4DA4C7A144B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause the SNMP application to leak system memory, which could cause an affected device to restart unexpectedly. The vulnerability is due to improper error handling when processing inbound SNMP packets. An attacker could exploit this vulnerability by sending multiple crafted SNMP packets to an affected device. A successful exploit could allow the attacker to cause the SNMP application to leak system memory because of an improperly handled error condition during packet processing. Over time, this memory leak could cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service (DoS) condition."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el procesador de paquetes de entrada del Protocolo de administraci\u00f3n de red simple (SNMP) de los programas FXOS y NX-OS de Cisco podr\u00eda permitir que un atacante remoto no autenticado provoque que la aplicaci\u00f3n SNMP pierda memoria en el sistema, lo que podr\u00eda hacer que un dispositivo afectado se reinicie inesperadamente . La vulnerabilidad se debe a un manejo incorrecto de errores al procesar paquetes SNMP entrantes. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando m\u00faltiples paquetes SNMP dise\u00f1ados a un dispositivo afectado. Un aprovechamiento exitoso podr\u00eda permitir que el atacante haga que la aplicaci\u00f3n SNMP pierda memoria del sistema debido a una condici\u00f3n de error manejada incorrectamente durante el procesamiento del paquete. Con el tiempo, esta p\u00e9rdida de memoria podr\u00eda hacer que la aplicaci\u00f3n SNMP se reinicie varias veces, lo que lleva a un reinicio a nivel del sistema y una condici\u00f3n de denegaci\u00f3n de servicio (DoS)."
}
],
"id": "CVE-2019-1858",
"lastModified": "2024-11-21T04:37:32.763",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-05-16T02:29:00.670",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108358"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-snmp-dos"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108358"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-snmp-dos"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-755"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-05-15 20:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securityfocus.com/bid/108376 | Broken Link, Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1770 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/108376 | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1770 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ns-ox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02234F49-3DB6-41C8-AF3C-3B26329CB310",
"versionEndExcluding": "5.2\\(1\\)sm3\\(2.1\\)",
"versionStartIncluding": "5.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:hyper-v:*:*",
"matchCriteriaId": "69E1B4D2-4200-4C05-9E64-57A18823AF38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "9A5FFC5B-6F90-4E8F-9AE2-B4DA4C7A144B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ns-ox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "237CF768-CEE5-47C1-898C-B8E8E3580DB8",
"versionEndExcluding": "7.0\\(3\\)i4\\(9\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ns-ox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A7C8E561-80F3-45B6-B268-1252A26D9805",
"versionEndExcluding": "7.0\\(3\\)i7\\(4\\)",
"versionStartIncluding": "7.0\\(3\\)i7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:9432pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E88418C-0BC4-4D90-A14D-0B89F8399AA5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:9536pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB93AD1-B5DD-4A69-B1A3-3F163BD2D8BA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:9636pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19F88FB2-1A75-4166-A4F5-039D67EAA1D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:9736pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A01B0559-5632-4658-AA3A-221DD28D963F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9432c-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "082A5A44-DC9A-4B48-8F28-1D0EC7F82410",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9464px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19BCB669-5CC8-4C67-B34C-3F5ADDD4C232",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9464tx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5E693D2-F1D5-4D22-885B-AE853221ABA9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9564px:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C63F63AD-94EC-4A6D-92AF-7FBF6275746A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9564tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "490EAB88-A0F3-4A88-9A81-B414CE78B34B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9CE53D-E8B7-46CD-9B8B-C746A2524BA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9636c-rx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6782DA1-5568-410D-86E6-2C2B909693DD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x97160yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "04A26215-DEB3-4337-AFE0-5E23C760060D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9732c-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B8F7177-147E-47C0-ADFB-4CD0768D52CD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9732c-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06A72F9F-773A-463D-8BEB-6B316DF21CFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9736c-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FC94E7D-84AF-4D2A-85A7-264CED2D107B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9736c-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC0082AD-1EFB-4AFE-9974-EAAB926553F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n9k-x9788tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4BFAAE41-AD17-4F69-9029-8DD90D824E6F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3132q-x\\/3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E142C18F-9FB5-4D96-866A-141D7D16CAF7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172pq\\/pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EFC116A-627F-4E05-B631-651D161217C8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E505C0B1-2119-4C6A-BF96-C282C633D169",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "915EF8F6-6039-4DD0-B875-30D911752B74",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31B9D1E4-10B9-4B6F-B848-D93ABF6486D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_a\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB270C45-756E-400A-979F-D07D750C881A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E8A085C-2DBA-4269-AB01-B16019FBB4DA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_b\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A79DD582-AF68-44F1-B640-766B46EF2BE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:x9636q-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90F30A43-9E4F-4A03-8060-A38B0925DBD2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ns-ox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CD19DD7B-8B97-44CA-BFA0-987F6C63F983",
"versionEndExcluding": "6.0\\(2\\)a8\\(11\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ns-ox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "557728BA-F4A1-45B3-9535-9502CBFFE7BB",
"versionEndExcluding": "7.0\\(3\\)i4\\(9\\)",
"versionStartIncluding": "7.0\\(3\\)i4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ns-ox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A7C8E561-80F3-45B6-B268-1252A26D9805",
"versionEndExcluding": "7.0\\(3\\)i7\\(4\\)",
"versionStartIncluding": "7.0\\(3\\)i7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E505C0B1-2119-4C6A-BF96-C282C633D169",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "915EF8F6-6039-4DD0-B875-30D911752B74",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ns-ox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE4D8DC0-5166-4BC2-AE00-01B7761C78D8",
"versionEndExcluding": "7.0\\(3\\)f3\\(5\\)",
"versionStartIncluding": "7.0\\(3\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ns-ox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "148AC30B-2B43-49C9-A60A-68F4078909FF",
"versionEndExcluding": "7.3\\(4\\)n1\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA7F5823-41A8-47C8-A154-02C6C31EF76A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5672up-16g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "367C2A49-4C4D-471B-9B34-AFAFA5AE9503",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A58223F-3B15-420B-A6D4-841451CF0380",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F557E38-09F6-42C6-BABA-3C3168B38BBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ns-ox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3C88689B-C4CA-4EDD-BA94-4C549F4FE96C",
"versionEndExcluding": "6.2\\(22\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ns-ox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "06EEC72D-4A0C-4936-AA99-E063575C145A",
"versionEndExcluding": "7.3\\(3\\)d1\\(1\\)",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ns-ox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9ED30202-4B2A-466F-B184-302330B1666C",
"versionEndExcluding": "8.2\\(3\\)",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ns-ox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8DCBC8BC-9242-4BE9-9B6A-FB92AD64E6CA",
"versionEndExcluding": "8.3\\(1\\)",
"versionStartIncluding": "8.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:7000_10-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489A59F2-D44D-44ED-844C-E0EF83A23C4F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7000_18-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "79689D81-D8F0-4FB1-9B8F-62407474A042",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7000_4-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBA5F539-E8AC-44B5-9E9C-2E35F6CAA22E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7000_9-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D01E7A7E-7111-4C89-8EBD-080B0A3E069C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7700_10-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADCDCAC9-30F2-4EE3-9D02-5AA8BA6A1E99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7700_18-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "610E21F4-8188-4B5E-A80F-CFE0F2B9D8A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7700_2-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83003054-E458-4405-BA7F-A5EA415D296A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:7700_6-slot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7610AAC-D1FE-44A8-9925-31F1CCA8AFEF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-f312ck-26:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F58B1C42-9150-48C9-9203-A2466FC61261",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-f324fq-25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0AD5DA69-09D9-436A-8FC1-A46626DE2789",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-f348xp-23:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0A9CD4D-4659-402D-BDF8-E5EF86449641",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-f430cq-36:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C9DC24E-6B6E-496C-8D8C-09B197B0A77E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-m312cq-26l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9AFA9BC1-3386-4AAE-A1B6-D81761D3EA9B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-m324fq-25l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D753638-4BE8-4BF5-A083-F8360003869D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n77-m348xp-23l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6AC35C-29B2-42C7-862D-D9AC3461D8D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-f248xp-25e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4FD83D1-8ECB-4DB8-A6E0-2F795F83B4CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-f306ck-25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B875911-E742-427B-AE07-C8A5955DEA62",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-f312fq-25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD0C6431-8EB1-4F69-AF28-8F5C55348AF5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-m202cf-22l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AFCA5EC7-9F36-4473-B0DF-4F0F9C680F10",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-m206fq-23l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D0E31D5-9F1D-46EC-824F-352A0098944B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-m224xp-23l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8AD0767-C42B-4BAC-B90C-F4412B661D7A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-m324fq-25l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B6BF05BA-E0CC-45D6-963F-27F0BD7B3C4F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:n7k-m348xp-25l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D409BDF3-9F35-4D94-9DF0-7B58A519A005",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_supervisor_1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "993AFE99-DFC3-4D92-90C8-D3A6495547BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_supervisor_2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7453E0FA-B05D-4888-AFB0-8FE8B8040DFC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7000_supervisor_2e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "108DB6B5-CB29-477F-84FC-52116F295878",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_supervisor_2e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FBB9435-1CD4-469E-BF16-AD98ADC99AAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:nexus_7700_supervisor_3e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42ABB93D-2C3A-4029-B545-B638B6C7788E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la CLI del programa NX-OS de Cisco podr\u00eda permitir a un atacante local autenticado realizar comandos arbitrarios sobre el sistema operativo Linux subyacente con el nivel de privilegio de ra\u00edz. La vulnerabilidad es debido a una insuficiente validaci\u00f3n de los argumentos pasados ??a un comando CLI espec\u00edfico en el dispositivo afectado. Un atacante podr\u00eda aprovechar esta vulnerabilidad al incluir una entrada maliciosa como el argumento de un comando afectado. Un aprovechamiento exitoso podr\u00eda permitir al atacante realizar comandos arbitrarios sobre el sistema operativo Linux subyacente con elevados privilegios . Un atacante necesitar\u00eda credenciales de administrador v\u00e1lidas para aprovechar esta vulnerabilidad."
}
],
"id": "CVE-2019-1770",
"lastModified": "2024-11-21T04:37:20.330",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"exploitabilityScore": 0.8,
"impactScore": 3.4,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-05-15T20:29:00.820",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108376"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1770"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108376"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1770"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2019-1890
Vulnerability from cvelistv5
Published
2019-07-04 20:00
Modified
2024-11-21 19:20
Severity ?
EPSS score ?
Summary
A vulnerability in the fabric infrastructure VLAN connection establishment of the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, adjacent attacker to bypass security validations and connect an unauthorized server to the infrastructure VLAN. The vulnerability is due to insufficient security requirements during the Link Layer Discovery Protocol (LLDP) setup phase of the infrastructure VLAN. An attacker could exploit this vulnerability by sending a malicious LLDP packet on the adjacent subnet to the Cisco Nexus 9000 Series Switch in ACI mode. A successful exploit could allow the attacker to connect an unauthorized server to the infrastructure VLAN, which is highly privileged. With a connection to the infrastructure VLAN, the attacker can make unauthorized connections to Cisco Application Policy Infrastructure Controller (APIC) services or join other host endpoints.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-n9kaci-bypass | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/109052 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS System Software in ACI Mode 11.0.1b |
Version: unspecified < 14.1(2g) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:35:51.949Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190703 Cisco Nexus 9000 Series Fabric Switches ACI Mode Fabric Infrastructure VLAN Unauthorized Access Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-n9kaci-bypass"
},
{
"name": "109052",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/109052"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1890",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-21T18:57:57.191653Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T19:20:08.670Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS System Software in ACI Mode 11.0.1b",
"vendor": "Cisco",
"versions": [
{
"lessThan": "14.1(2g)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-07-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the fabric infrastructure VLAN connection establishment of the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, adjacent attacker to bypass security validations and connect an unauthorized server to the infrastructure VLAN. The vulnerability is due to insufficient security requirements during the Link Layer Discovery Protocol (LLDP) setup phase of the infrastructure VLAN. An attacker could exploit this vulnerability by sending a malicious LLDP packet on the adjacent subnet to the Cisco Nexus 9000 Series Switch in ACI mode. A successful exploit could allow the attacker to connect an unauthorized server to the infrastructure VLAN, which is highly privileged. With a connection to the infrastructure VLAN, the attacker can make unauthorized connections to Cisco Application Policy Infrastructure Controller (APIC) services or join other host endpoints."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-07-05T13:06:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190703 Cisco Nexus 9000 Series Fabric Switches ACI Mode Fabric Infrastructure VLAN Unauthorized Access Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-n9kaci-bypass"
},
{
"name": "109052",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/109052"
}
],
"source": {
"advisory": "cisco-sa-20190703-n9kaci-bypass",
"defect": [
[
"CSCvp64280"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Nexus 9000 Series Fabric Switches ACI Mode Fabric Infrastructure VLAN Unauthorized Access Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-07-03T16:00:00-0700",
"ID": "CVE-2019-1890",
"STATE": "PUBLIC",
"TITLE": "Cisco Nexus 9000 Series Fabric Switches ACI Mode Fabric Infrastructure VLAN Unauthorized Access Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS System Software in ACI Mode 11.0.1b",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "14.1(2g)"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the fabric infrastructure VLAN connection establishment of the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, adjacent attacker to bypass security validations and connect an unauthorized server to the infrastructure VLAN. The vulnerability is due to insufficient security requirements during the Link Layer Discovery Protocol (LLDP) setup phase of the infrastructure VLAN. An attacker could exploit this vulnerability by sending a malicious LLDP packet on the adjacent subnet to the Cisco Nexus 9000 Series Switch in ACI mode. A successful exploit could allow the attacker to connect an unauthorized server to the infrastructure VLAN, which is highly privileged. With a connection to the infrastructure VLAN, the attacker can make unauthorized connections to Cisco Application Policy Infrastructure Controller (APIC) services or join other host endpoints."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "7.4",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190703 Cisco Nexus 9000 Series Fabric Switches ACI Mode Fabric Infrastructure VLAN Unauthorized Access Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-n9kaci-bypass"
},
{
"name": "109052",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/109052"
}
]
},
"source": {
"advisory": "cisco-sa-20190703-n9kaci-bypass",
"defect": [
[
"CSCvp64280"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1890",
"datePublished": "2019-07-04T20:00:28.607785Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-21T19:20:08.670Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1775
Vulnerability from cvelistv5
Published
2019-05-15 19:30
Modified
2024-11-20 17:21
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1774-1775 | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/108371 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS Software |
Version: unspecified < 8.3(1) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:28:42.804Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190515 Cisco NX-OS Software Command Injection Vulnerabilities (CVE-2019-1774, CVE-2019-1775)",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1774-1775"
},
{
"name": "108371",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/108371"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1775",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-20T16:54:50.369148Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-20T17:21:23.923Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS Software",
"vendor": "Cisco",
"versions": [
{
"lessThan": "8.3(1)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-05-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-17T16:06:13",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190515 Cisco NX-OS Software Command Injection Vulnerabilities (CVE-2019-1774, CVE-2019-1775)",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1774-1775"
},
{
"name": "108371",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/108371"
}
],
"source": {
"advisory": "cisco-sa-20190515-nxos-cmdinj-1774-1775",
"defect": [
[
"CSCvh75895",
"CSCvh75909",
"CSCvh75968",
"CSCvh75976",
"CSCvi92256",
"CSCvi92258",
"CSCvi92260",
"CSCvi99195",
"CSCvi99197",
"CSCvi99198"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco NX-OS Software Command Injection Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-05-15T16:00:00-0700",
"ID": "CVE-2019-1775",
"STATE": "PUBLIC",
"TITLE": "Cisco NX-OS Software Command Injection Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS Software",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "8.3(1)"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.7",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-78"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190515 Cisco NX-OS Software Command Injection Vulnerabilities (CVE-2019-1774, CVE-2019-1775)",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1774-1775"
},
{
"name": "108371",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/108371"
}
]
},
"source": {
"advisory": "cisco-sa-20190515-nxos-cmdinj-1774-1775",
"defect": [
[
"CSCvh75895",
"CSCvh75909",
"CSCvh75968",
"CSCvh75976",
"CSCvi92256",
"CSCvi92258",
"CSCvi92260",
"CSCvi99195",
"CSCvi99197",
"CSCvi99198"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1775",
"datePublished": "2019-05-15T19:30:33.009046Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-20T17:21:23.923Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1790
Vulnerability from cvelistv5
Published
2019-05-15 20:05
Modified
2024-11-20 17:20
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with valid administrator credentials to execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1790 | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/108383 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS Software |
Version: unspecified < 8.3(1) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:28:42.802Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190515 Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1790)",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1790"
},
{
"name": "108383",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/108383"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1790",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-20T16:54:42.195367Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-20T17:20:35.731Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS Software",
"vendor": "Cisco",
"versions": [
{
"lessThan": "8.3(1)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-05-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with valid administrator credentials to execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-20T14:06:09",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190515 Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1790)",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1790"
},
{
"name": "108383",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/108383"
}
],
"source": {
"advisory": "cisco-sa-20190515-nxos-cmdinj-1790",
"defect": [
[
"CSCvh20096",
"CSCvh20112",
"CSCvi96504",
"CSCvi96509",
"CSCvi96510"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco NX-OS Software Command Injection Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-05-15T16:00:00-0700",
"ID": "CVE-2019-1790",
"STATE": "PUBLIC",
"TITLE": "Cisco NX-OS Software Command Injection Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS Software",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "8.3(1)"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with valid administrator credentials to execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.7",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-77"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190515 Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1790)",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1790"
},
{
"name": "108383",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/108383"
}
]
},
"source": {
"advisory": "cisco-sa-20190515-nxos-cmdinj-1790",
"defect": [
[
"CSCvh20096",
"CSCvh20112",
"CSCvi96504",
"CSCvi96509",
"CSCvi96510"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1790",
"datePublished": "2019-05-15T20:05:14.522885Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-20T17:20:35.731Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1791
Vulnerability from cvelistv5
Published
2019-05-15 20:15
Modified
2024-11-20 17:19
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1791 | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/108390 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS Software |
Version: unspecified < 8.3(1) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:28:42.852Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190515 Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1791)",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1791"
},
{
"name": "108390",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/108390"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1791",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-20T16:54:36.029423Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-20T17:19:55.964Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS Software",
"vendor": "Cisco",
"versions": [
{
"lessThan": "8.3(1)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-05-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-21T09:06:02",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190515 Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1791)",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1791"
},
{
"name": "108390",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/108390"
}
],
"source": {
"advisory": "cisco-sa-20190515-nxos-cmdinj-1791",
"defect": [
[
"CSCvj63270",
"CSCvj63667",
"CSCvk50873",
"CSCvk50876",
"CSCvk50889"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco NX-OS Software Command Injection Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-05-15T16:00:00-0700",
"ID": "CVE-2019-1791",
"STATE": "PUBLIC",
"TITLE": "Cisco NX-OS Software Command Injection Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS Software",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "8.3(1)"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.7",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-77"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190515 Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1791)",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1791"
},
{
"name": "108390",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/108390"
}
]
},
"source": {
"advisory": "cisco-sa-20190515-nxos-cmdinj-1791",
"defect": [
[
"CSCvj63270",
"CSCvj63667",
"CSCvk50873",
"CSCvk50876",
"CSCvk50889"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1791",
"datePublished": "2019-05-15T20:15:27.487532Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-20T17:19:55.964Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1812
Vulnerability from cvelistv5
Published
2019-05-15 22:20
Modified
2024-11-20 17:19
Severity ?
EPSS score ?
Summary
A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability exists because software digital signatures are not properly verified during CLI command execution. An attacker could exploit this vulnerability to install an unsigned software image on an affected device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-sisv2 | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/108425 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS Software |
Version: unspecified < 8.3(1) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:28:42.875Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190515 Cisco NX-OS CLI Command Software Image Signature Verification Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-sisv2"
},
{
"name": "108425",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/108425"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1812",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-20T16:54:27.484714Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-20T17:19:07.317Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS Software",
"vendor": "Cisco",
"versions": [
{
"lessThan": "8.3(1)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-05-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability exists because software digital signatures are not properly verified during CLI command execution. An attacker could exploit this vulnerability to install an unsigned software image on an affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-23T08:06:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190515 Cisco NX-OS CLI Command Software Image Signature Verification Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-sisv2"
},
{
"name": "108425",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/108425"
}
],
"source": {
"advisory": "cisco-sa-20190515-nxos-sisv2",
"defect": [
[
"CSCvj14093",
"CSCvj14106",
"CSCvj14182",
"CSCvk53125",
"CSCvk53227",
"CSCvk53256"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco NX-OS CLI Command Software Image Signature Verification Vulnerabilities",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-05-15T16:00:00-0700",
"ID": "CVE-2019-1812",
"STATE": "PUBLIC",
"TITLE": "Cisco NX-OS CLI Command Software Image Signature Verification Vulnerabilities"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS Software",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "8.3(1)"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability exists because software digital signatures are not properly verified during CLI command execution. An attacker could exploit this vulnerability to install an unsigned software image on an affected device."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.7",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-347"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190515 Cisco NX-OS CLI Command Software Image Signature Verification Vulnerabilities",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-sisv2"
},
{
"name": "108425",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/108425"
}
]
},
"source": {
"advisory": "cisco-sa-20190515-nxos-sisv2",
"defect": [
[
"CSCvj14093",
"CSCvj14106",
"CSCvj14182",
"CSCvk53125",
"CSCvk53227",
"CSCvk53256"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1812",
"datePublished": "2019-05-15T22:20:26.162102Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-20T17:19:07.317Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1776
Vulnerability from cvelistv5
Published
2019-05-15 19:30
Modified
2024-11-20 17:21
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with a privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1776 | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/108377 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS Software |
Version: unspecified < 8.3(1) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:28:42.791Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190515 Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1776)",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1776"
},
{
"name": "108377",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/108377"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1776",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-20T16:54:52.088982Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-20T17:21:33.454Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS Software",
"vendor": "Cisco",
"versions": [
{
"lessThan": "8.3(1)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-05-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with a privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-20T14:06:09",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190515 Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1776)",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1776"
},
{
"name": "108377",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/108377"
}
],
"source": {
"advisory": "cisco-sa-20190515-nxos-cmdinj-1776",
"defect": [
[
"CSCvh20076",
"CSCvh20081",
"CSCvi96429",
"CSCvi96431",
"CSCvi96432",
"CSCvi96433"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco NX-OS Software Command Injection Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-05-15T16:00:00-0700",
"ID": "CVE-2019-1776",
"STATE": "PUBLIC",
"TITLE": "Cisco NX-OS Software Command Injection Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS Software",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "8.3(1)"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with a privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.7",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-78"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190515 Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1776)",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1776"
},
{
"name": "108377",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/108377"
}
]
},
"source": {
"advisory": "cisco-sa-20190515-nxos-cmdinj-1776",
"defect": [
[
"CSCvh20076",
"CSCvh20081",
"CSCvi96429",
"CSCvi96431",
"CSCvi96432",
"CSCvi96433"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1776",
"datePublished": "2019-05-15T19:30:23.065020Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-20T17:21:33.454Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1774
Vulnerability from cvelistv5
Published
2019-05-15 19:30
Modified
2024-11-20 17:21
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1774-1775 | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/108371 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS Software |
Version: unspecified < 8.3(1) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:28:42.695Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190515 Cisco NX-OS Software Command Injection Vulnerabilities (CVE-2019-1774, CVE-2019-1775)",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1774-1775"
},
{
"name": "108371",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/108371"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1774",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-20T16:54:48.896170Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-20T17:21:13.499Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS Software",
"vendor": "Cisco",
"versions": [
{
"lessThan": "8.3(1)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-05-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-17T16:06:13",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190515 Cisco NX-OS Software Command Injection Vulnerabilities (CVE-2019-1774, CVE-2019-1775)",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1774-1775"
},
{
"name": "108371",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/108371"
}
],
"source": {
"advisory": "cisco-sa-20190515-nxos-cmdinj-1774-1775",
"defect": [
[
"CSCvh75895",
"CSCvh75909",
"CSCvh75968",
"CSCvh75976",
"CSCvi92256",
"CSCvi92258",
"CSCvi92260",
"CSCvi99195",
"CSCvi99197",
"CSCvi99198"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco NX-OS Software Command Injection Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-05-15T16:00:00-0700",
"ID": "CVE-2019-1774",
"STATE": "PUBLIC",
"TITLE": "Cisco NX-OS Software Command Injection Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS Software",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "8.3(1)"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.7",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-78"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190515 Cisco NX-OS Software Command Injection Vulnerabilities (CVE-2019-1774, CVE-2019-1775)",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1774-1775"
},
{
"name": "108371",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/108371"
}
]
},
"source": {
"advisory": "cisco-sa-20190515-nxos-cmdinj-1774-1775",
"defect": [
[
"CSCvh75895",
"CSCvh75909",
"CSCvh75968",
"CSCvh75976",
"CSCvi92256",
"CSCvi92258",
"CSCvi92260",
"CSCvi99195",
"CSCvi99197",
"CSCvi99198"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1774",
"datePublished": "2019-05-15T19:30:40.907687Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-20T17:21:13.499Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1770
Vulnerability from cvelistv5
Published
2019-05-15 19:20
Modified
2024-11-21 19:26
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1770 | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/108376 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS Software |
Version: unspecified < n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:28:42.721Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190515 Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1770)",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1770"
},
{
"name": "108376",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/108376"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1770",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-21T18:58:35.875706Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T19:26:34.128Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS Software",
"vendor": "Cisco",
"versions": [
{
"lessThan": "n/a",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-05-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-20T15:06:02",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190515 Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1770)",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1770"
},
{
"name": "108376",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/108376"
}
],
"source": {
"advisory": "cisco-sa-20190515-nxos-cmdinj-1770",
"defect": [
[
"CSCvh75867",
"CSCvh75958",
"CSCvi92239",
"CSCvi92240",
"CSCvi92242",
"CSCvi92243",
"CSCvk36294"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco NX-OS Software Command Injection Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-05-15T16:00:00-0700",
"ID": "CVE-2019-1770",
"STATE": "PUBLIC",
"TITLE": "Cisco NX-OS Software Command Injection Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS Software",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "4.2",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-78"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190515 Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1770)",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1770"
},
{
"name": "108376",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/108376"
}
]
},
"source": {
"advisory": "cisco-sa-20190515-nxos-cmdinj-1770",
"defect": [
[
"CSCvh75867",
"CSCvh75958",
"CSCvi92239",
"CSCvi92240",
"CSCvi92242",
"CSCvi92243",
"CSCvk36294"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1770",
"datePublished": "2019-05-15T19:20:25.203583Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-21T19:26:34.128Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1811
Vulnerability from cvelistv5
Published
2019-05-15 22:20
Modified
2024-11-20 17:18
Severity ?
EPSS score ?
Summary
A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability exists because software digital signatures are not properly verified during CLI command execution. An attacker could exploit this vulnerability to install an unsigned software image on an affected device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-sisv2 | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/108425 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS Software |
Version: unspecified < 8.3(1) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:28:42.875Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190515 Cisco NX-OS CLI Command Software Image Signature Verification Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-sisv2"
},
{
"name": "108425",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/108425"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1811",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-20T16:54:25.912653Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-20T17:18:58.154Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS Software",
"vendor": "Cisco",
"versions": [
{
"lessThan": "8.3(1)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-05-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability exists because software digital signatures are not properly verified during CLI command execution. An attacker could exploit this vulnerability to install an unsigned software image on an affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-23T08:06:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190515 Cisco NX-OS CLI Command Software Image Signature Verification Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-sisv2"
},
{
"name": "108425",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/108425"
}
],
"source": {
"advisory": "cisco-sa-20190515-nxos-sisv2",
"defect": [
[
"CSCvj14093",
"CSCvj14106",
"CSCvj14182",
"CSCvk53125",
"CSCvk53227",
"CSCvk53256"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco NX-OS CLI Command Software Image Signature Verification Vulnerabilities",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-05-15T16:00:00-0700",
"ID": "CVE-2019-1811",
"STATE": "PUBLIC",
"TITLE": "Cisco NX-OS CLI Command Software Image Signature Verification Vulnerabilities"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS Software",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "8.3(1)"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability exists because software digital signatures are not properly verified during CLI command execution. An attacker could exploit this vulnerability to install an unsigned software image on an affected device."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.7",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-347"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190515 Cisco NX-OS CLI Command Software Image Signature Verification Vulnerabilities",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-sisv2"
},
{
"name": "108425",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/108425"
}
]
},
"source": {
"advisory": "cisco-sa-20190515-nxos-sisv2",
"defect": [
[
"CSCvj14093",
"CSCvj14106",
"CSCvj14182",
"CSCvk53125",
"CSCvk53227",
"CSCvk53256"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1811",
"datePublished": "2019-05-15T22:20:32.758700Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-20T17:18:58.154Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1615
Vulnerability from cvelistv5
Published
2019-03-11 22:00
Modified
2024-11-20 17:25
Severity ?
EPSS score ?
Summary
A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability is due to improper verification of digital signatures for software images. An attacker could exploit this vulnerability by loading an unsigned software image on an affected device. A successful exploit could allow the attacker to boot a malicious software image. Note: The fix for this vulnerability requires a BIOS upgrade as part of the software upgrade. For additional information, see the Details section of this advisory. Nexus 3000 Series Switches are affected running software versions prior to 7.0(3)I7(5). Nexus 9000 Series Fabric Switches in ACI Mode are affected running software versions prior to 13.2(1l). Nexus 9000 Series Switches in Standalone NX-OS Mode are affected running software versions prior to 7.0(3)I7(5). Nexus 9500 R-Series Line Cards and Fabric Modules are affected running software versions prior to 7.0(3)F3(5).
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-sig-verif | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/107397 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Cisco | Nexus 3000 Series Switches |
Version: unspecified < 7.0(3)I7(5) |
||||||||||||
|
|||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:20:28.347Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190306 Cisco NX-OS Software Image Signature Verification Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-sig-verif"
},
{
"name": "107397",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/107397"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1615",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-20T16:55:34.892785Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-20T17:25:47.025Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Nexus 3000 Series Switches",
"vendor": "Cisco",
"versions": [
{
"lessThan": "7.0(3)I7(5)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Nexus 9000 Series Fabric Switches in ACI Mode",
"vendor": "Cisco",
"versions": [
{
"lessThan": "13.2(1l)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Nexus 9000 Series Switches in Standalone NX-OS Mode",
"vendor": "Cisco",
"versions": [
{
"lessThan": "7.0(3)I7(5)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Nexus 9500 R-Series Line Cards and Fabric Modules",
"vendor": "Cisco",
"versions": [
{
"lessThan": "7.0(3)F3(5)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-03-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability is due to improper verification of digital signatures for software images. An attacker could exploit this vulnerability by loading an unsigned software image on an affected device. A successful exploit could allow the attacker to boot a malicious software image. Note: The fix for this vulnerability requires a BIOS upgrade as part of the software upgrade. For additional information, see the Details section of this advisory. Nexus 3000 Series Switches are affected running software versions prior to 7.0(3)I7(5). Nexus 9000 Series Fabric Switches in ACI Mode are affected running software versions prior to 13.2(1l). Nexus 9000 Series Switches in Standalone NX-OS Mode are affected running software versions prior to 7.0(3)I7(5). Nexus 9500 R-Series Line Cards and Fabric Modules are affected running software versions prior to 7.0(3)F3(5)."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-15T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190306 Cisco NX-OS Software Image Signature Verification Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-sig-verif"
},
{
"name": "107397",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/107397"
}
],
"source": {
"advisory": "cisco-sa-20190306-nxos-sig-verif",
"defect": [
[
"CSCvj14135",
"CSCvk70903",
"CSCvk70905"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco NX-OS Software Image Signature Verification Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-03-06T16:00:00-0800",
"ID": "CVE-2019-1615",
"STATE": "PUBLIC",
"TITLE": "Cisco NX-OS Software Image Signature Verification Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Nexus 3000 Series Switches",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "7.0(3)I7(5)"
}
]
}
},
{
"product_name": "Nexus 9000 Series Fabric Switches in ACI Mode",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "13.2(1l)"
}
]
}
},
{
"product_name": "Nexus 9000 Series Switches in Standalone NX-OS Mode",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "7.0(3)I7(5)"
}
]
}
},
{
"product_name": "Nexus 9500 R-Series Line Cards and Fabric Modules",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "7.0(3)F3(5)"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability is due to improper verification of digital signatures for software images. An attacker could exploit this vulnerability by loading an unsigned software image on an affected device. A successful exploit could allow the attacker to boot a malicious software image. Note: The fix for this vulnerability requires a BIOS upgrade as part of the software upgrade. For additional information, see the Details section of this advisory. Nexus 3000 Series Switches are affected running software versions prior to 7.0(3)I7(5). Nexus 9000 Series Fabric Switches in ACI Mode are affected running software versions prior to 13.2(1l). Nexus 9000 Series Switches in Standalone NX-OS Mode are affected running software versions prior to 7.0(3)I7(5). Nexus 9500 R-Series Line Cards and Fabric Modules are affected running software versions prior to 7.0(3)F3(5)."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.7",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-347"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190306 Cisco NX-OS Software Image Signature Verification Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-sig-verif"
},
{
"name": "107397",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107397"
}
]
},
"source": {
"advisory": "cisco-sa-20190306-nxos-sig-verif",
"defect": [
[
"CSCvj14135",
"CSCvk70903",
"CSCvk70905"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1615",
"datePublished": "2019-03-11T22:00:00Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-20T17:25:47.025Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1795
Vulnerability from cvelistv5
Published
2019-05-15 20:15
Modified
2024-11-20 17:20
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1795 | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/108479 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS Software |
Version: unspecified < 8.3(1) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:28:42.777Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190515 Cisco FXOS and NX-OS Software Command Injection Vulnerability (CVE-2019-1795)",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1795"
},
{
"name": "108479",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/108479"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1795",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-20T16:54:37.609624Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-20T17:20:05.520Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS Software",
"vendor": "Cisco",
"versions": [
{
"lessThan": "8.3(1)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-05-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-28T16:06:05",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190515 Cisco FXOS and NX-OS Software Command Injection Vulnerability (CVE-2019-1795)",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1795"
},
{
"name": "108479",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/108479"
}
],
"source": {
"advisory": "cisco-sa-20190515-nxos-cmdinj-1795",
"defect": [
[
"CSCvh20029",
"CSCvh20359",
"CSCvh66202",
"CSCvh66214",
"CSCvh66219",
"CSCvh66243",
"CSCvh66257",
"CSCvh66259",
"CSCvk30761"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco FXOS and NX-OS Software Command Injection Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-05-15T16:00:00-0700",
"ID": "CVE-2019-1795",
"STATE": "PUBLIC",
"TITLE": "Cisco FXOS and NX-OS Software Command Injection Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS Software",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "8.3(1)"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.7",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-77"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190515 Cisco FXOS and NX-OS Software Command Injection Vulnerability (CVE-2019-1795)",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1795"
},
{
"name": "108479",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/108479"
}
]
},
"source": {
"advisory": "cisco-sa-20190515-nxos-cmdinj-1795",
"defect": [
[
"CSCvh20029",
"CSCvh20359",
"CSCvh66202",
"CSCvh66214",
"CSCvh66219",
"CSCvh66243",
"CSCvh66257",
"CSCvh66259",
"CSCvk30761"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1795",
"datePublished": "2019-05-15T20:15:17.287630Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-20T17:20:05.520Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1963
Vulnerability from cvelistv5
Published
2019-08-28 18:50
Modified
2024-11-21 19:15
Severity ?
EPSS score ?
Summary
A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application on an affected device to restart unexpectedly. The vulnerability is due to improper validation of Abstract Syntax Notation One (ASN.1)-encoded variables in SNMP packets. An attacker could exploit this vulnerability by sending a crafted SNMP packet to the SNMP daemon on the affected device. A successful exploit could allow the attacker to cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service (DoS) condition.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-fxnxos-snmp-dos | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Unified Computing System (Managed) |
Version: unspecified < 8.4(1) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:35:51.823Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190828 Cisco FXOS and NX-OS Software Authenticated Simple Network Management Protocol Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-fxnxos-snmp-dos"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1963",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-21T18:57:11.615078Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T19:15:22.318Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Unified Computing System (Managed)",
"vendor": "Cisco",
"versions": [
{
"lessThan": "8.4(1)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-08-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application on an affected device to restart unexpectedly. The vulnerability is due to improper validation of Abstract Syntax Notation One (ASN.1)-encoded variables in SNMP packets. An attacker could exploit this vulnerability by sending a crafted SNMP packet to the SNMP daemon on the affected device. A successful exploit could allow the attacker to cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service (DoS) condition."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-28T18:50:15",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190828 Cisco FXOS and NX-OS Software Authenticated Simple Network Management Protocol Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-fxnxos-snmp-dos"
}
],
"source": {
"advisory": "cisco-sa-20190828-fxnxos-snmp-dos",
"defect": [
[
"CSCvn13270",
"CSCvn23529",
"CSCvn23531",
"CSCvn23532",
"CSCvn23534",
"CSCvn23535",
"CSCvn23536",
"CSCvn23537",
"CSCvn23538"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco FXOS and NX-OS Software Authenticated Simple Network Management Protocol Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-08-28T16:00:00-0700",
"ID": "CVE-2019-1963",
"STATE": "PUBLIC",
"TITLE": "Cisco FXOS and NX-OS Software Authenticated Simple Network Management Protocol Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Unified Computing System (Managed)",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "8.4(1)"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application on an affected device to restart unexpectedly. The vulnerability is due to improper validation of Abstract Syntax Notation One (ASN.1)-encoded variables in SNMP packets. An attacker could exploit this vulnerability by sending a crafted SNMP packet to the SNMP daemon on the affected device. A successful exploit could allow the attacker to cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service (DoS) condition."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "7.7",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190828 Cisco FXOS and NX-OS Software Authenticated Simple Network Management Protocol Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-fxnxos-snmp-dos"
}
]
},
"source": {
"advisory": "cisco-sa-20190828-fxnxos-snmp-dos",
"defect": [
[
"CSCvn13270",
"CSCvn23529",
"CSCvn23531",
"CSCvn23532",
"CSCvn23534",
"CSCvn23535",
"CSCvn23536",
"CSCvn23537",
"CSCvn23538"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1963",
"datePublished": "2019-08-28T18:50:15.502235Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-21T19:15:22.318Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1858
Vulnerability from cvelistv5
Published
2019-05-16 01:20
Modified
2024-11-19 19:07
Severity ?
EPSS score ?
Summary
A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause the SNMP application to leak system memory, which could cause an affected device to restart unexpectedly. The vulnerability is due to improper error handling when processing inbound SNMP packets. An attacker could exploit this vulnerability by sending multiple crafted SNMP packets to an affected device. A successful exploit could allow the attacker to cause the SNMP application to leak system memory because of an improperly handled error condition during packet processing. Over time, this memory leak could cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service (DoS) condition.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-snmp-dos | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/108358 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Firepower Extensible Operating System (FXOS) |
Version: unspecified < n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:28:42.870Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190515 Cisco FXOS and NX-OS Software Simple Network Management Protocol Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-snmp-dos"
},
{
"name": "108358",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/108358"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1858",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-19T17:24:11.424585Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-19T19:07:01.018Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Firepower Extensible Operating System (FXOS)",
"vendor": "Cisco",
"versions": [
{
"lessThan": "n/a",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-05-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause the SNMP application to leak system memory, which could cause an affected device to restart unexpectedly. The vulnerability is due to improper error handling when processing inbound SNMP packets. An attacker could exploit this vulnerability by sending multiple crafted SNMP packets to an affected device. A successful exploit could allow the attacker to cause the SNMP application to leak system memory because of an improperly handled error condition during packet processing. Over time, this memory leak could cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service (DoS) condition."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-17T07:06:02",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190515 Cisco FXOS and NX-OS Software Simple Network Management Protocol Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-snmp-dos"
},
{
"name": "108358",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/108358"
}
],
"source": {
"advisory": "cisco-sa-20190515-nxos-snmp-dos",
"defect": [
[
"CSCvc58707",
"CSCvd45657",
"CSCvn19457",
"CSCvn19463",
"CSCvn19464",
"CSCvn19465",
"CSCvn19468",
"CSCvn19483"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco FXOS and NX-OS Software Simple Network Management Protocol Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-05-15T16:00:00-0700",
"ID": "CVE-2019-1858",
"STATE": "PUBLIC",
"TITLE": "Cisco FXOS and NX-OS Software Simple Network Management Protocol Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Firepower Extensible Operating System (FXOS)",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause the SNMP application to leak system memory, which could cause an affected device to restart unexpectedly. The vulnerability is due to improper error handling when processing inbound SNMP packets. An attacker could exploit this vulnerability by sending multiple crafted SNMP packets to an affected device. A successful exploit could allow the attacker to cause the SNMP application to leak system memory because of an improperly handled error condition during packet processing. Over time, this memory leak could cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service (DoS) condition."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.6",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190515 Cisco FXOS and NX-OS Software Simple Network Management Protocol Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-snmp-dos"
},
{
"name": "108358",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/108358"
}
]
},
"source": {
"advisory": "cisco-sa-20190515-nxos-snmp-dos",
"defect": [
[
"CSCvc58707",
"CSCvd45657",
"CSCvn19457",
"CSCvn19463",
"CSCvn19464",
"CSCvn19465",
"CSCvn19468",
"CSCvn19483"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1858",
"datePublished": "2019-05-16T01:20:22.764484Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-19T19:07:01.018Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1613
Vulnerability from cvelistv5
Published
2019-03-11 22:00
Modified
2024-11-21 19:42
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability. MDS 9000 Series Multilayer Switches are affected running software versions prior to 6.2(27) and 8.2(3). Nexus 3000 Series Switches are affected running software versions prior to 7.0(3)I4(9) and 7.0(3)I7(6). Nexus 3500 Platform Switches are affected running software versions prior to 6.0(2)A8(11) and 7.0(3)I7(6). Nexus 3600 Platform Switches are affected running software versions prior to 7.0(3)F3(5). Nexus 9000 Series Switches in Standalone NX-OS Mode are affected running software versions prior to 7.0(3)I4(9), 7.0(3)I7(6). Nexus 9500 R-Series Line Cards and Fabric Modules are affected running software versions prior to 7.0(3)F3(5). Nexus 7000 and 7700 Series Switches are affected running software versions prior to 6.2(22) and 8.2(3).
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-cmdinj-1613 | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/107392 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Cisco | MDS 9000 Series Multilayer Switches |
Version: unspecified < 6.2(27) Version: unspecified < 8.2(3) |
||||||||||||||||||||||||
|
|||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:20:28.285Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190306 Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1613)",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-cmdinj-1613"
},
{
"name": "107392",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/107392"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1613",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-21T19:00:04.816227Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T19:42:56.484Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MDS 9000 Series Multilayer Switches",
"vendor": "Cisco",
"versions": [
{
"lessThan": "6.2(27)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "8.2(3)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Nexus 3000 Series Switches",
"vendor": "Cisco",
"versions": [
{
"lessThan": "7.0(3)I4(9)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "7.0(3)I7(6)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Nexus 3500 Platform Switches",
"vendor": "Cisco",
"versions": [
{
"lessThan": "6.0(2)A8(11)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "7.0(3)I7(6)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Nexus 3600 Platform Switches",
"vendor": "Cisco",
"versions": [
{
"lessThan": "7.0(3)F3(5)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Nexus 9000 Series Switches in Standalone NX-OS Mode",
"vendor": "Cisco",
"versions": [
{
"lessThan": "7.0(3)I4(9)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "7.0(3)I7(6)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Nexus 9500 R-Series Line Cards and Fabric Modules",
"vendor": "Cisco",
"versions": [
{
"lessThan": "7.0(3)F3(5)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Nexus 7000 and 7700 Series Switches",
"vendor": "Cisco",
"versions": [
{
"lessThan": "6.2(22)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "8.2(3)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-03-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability. MDS 9000 Series Multilayer Switches are affected running software versions prior to 6.2(27) and 8.2(3). Nexus 3000 Series Switches are affected running software versions prior to 7.0(3)I4(9) and 7.0(3)I7(6). Nexus 3500 Platform Switches are affected running software versions prior to 6.0(2)A8(11) and 7.0(3)I7(6). Nexus 3600 Platform Switches are affected running software versions prior to 7.0(3)F3(5). Nexus 9000 Series Switches in Standalone NX-OS Mode are affected running software versions prior to 7.0(3)I4(9), 7.0(3)I7(6). Nexus 9500 R-Series Line Cards and Fabric Modules are affected running software versions prior to 7.0(3)F3(5). Nexus 7000 and 7700 Series Switches are affected running software versions prior to 6.2(22) and 8.2(3)."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-14T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190306 Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1613)",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-cmdinj-1613"
},
{
"name": "107392",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/107392"
}
],
"source": {
"advisory": "cisco-sa-20190306-nxos-cmdinj-1613",
"defect": [
[
"CSCvj63807",
"CSCvj65654",
"CSCvk50903",
"CSCvk50906"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1613)",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-03-06T16:00:00-0800",
"ID": "CVE-2019-1613",
"STATE": "PUBLIC",
"TITLE": "Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1613)"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MDS 9000 Series Multilayer Switches",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "6.2(27)"
},
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "8.2(3)"
}
]
}
},
{
"product_name": "Nexus 3000 Series Switches",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "7.0(3)I4(9)"
},
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "7.0(3)I7(6)"
}
]
}
},
{
"product_name": "Nexus 3500 Platform Switches",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "6.0(2)A8(11)"
},
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "7.0(3)I7(6)"
}
]
}
},
{
"product_name": "Nexus 3600 Platform Switches",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "7.0(3)F3(5)"
}
]
}
},
{
"product_name": "Nexus 9000 Series Switches in Standalone NX-OS Mode",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "7.0(3)I4(9)"
},
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "7.0(3)I7(6)"
}
]
}
},
{
"product_name": "Nexus 9500 R-Series Line Cards and Fabric Modules",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "7.0(3)F3(5)"
}
]
}
},
{
"product_name": "Nexus 7000 and 7700 Series Switches",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "6.2(22)"
},
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "8.2(3)"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability. MDS 9000 Series Multilayer Switches are affected running software versions prior to 6.2(27) and 8.2(3). Nexus 3000 Series Switches are affected running software versions prior to 7.0(3)I4(9) and 7.0(3)I7(6). Nexus 3500 Platform Switches are affected running software versions prior to 6.0(2)A8(11) and 7.0(3)I7(6). Nexus 3600 Platform Switches are affected running software versions prior to 7.0(3)F3(5). Nexus 9000 Series Switches in Standalone NX-OS Mode are affected running software versions prior to 7.0(3)I4(9), 7.0(3)I7(6). Nexus 9500 R-Series Line Cards and Fabric Modules are affected running software versions prior to 7.0(3)F3(5). Nexus 7000 and 7700 Series Switches are affected running software versions prior to 6.2(22) and 8.2(3)."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "4.2",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-77"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190306 Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1613)",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-cmdinj-1613"
},
{
"name": "107392",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107392"
}
]
},
"source": {
"advisory": "cisco-sa-20190306-nxos-cmdinj-1613",
"defect": [
[
"CSCvj63807",
"CSCvj65654",
"CSCvk50903",
"CSCvk50906"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1613",
"datePublished": "2019-03-11T22:00:00Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-21T19:42:56.484Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1813
Vulnerability from cvelistv5
Published
2019-05-15 22:20
Modified
2024-11-20 17:19
Severity ?
EPSS score ?
Summary
A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability exists because software digital signatures are not properly verified during CLI command execution. An attacker could exploit this vulnerability to install an unsigned software image on an affected device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-sisv2 | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/108425 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco NX-OS Software |
Version: unspecified < 8.3(1) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:28:42.901Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190515 Cisco NX-OS CLI Command Software Image Signature Verification Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-sisv2"
},
{
"name": "108425",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/108425"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1813",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-20T16:54:29.095234Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-20T17:19:18.285Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS Software",
"vendor": "Cisco",
"versions": [
{
"lessThan": "8.3(1)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-05-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability exists because software digital signatures are not properly verified during CLI command execution. An attacker could exploit this vulnerability to install an unsigned software image on an affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-23T08:06:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190515 Cisco NX-OS CLI Command Software Image Signature Verification Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-sisv2"
},
{
"name": "108425",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/108425"
}
],
"source": {
"advisory": "cisco-sa-20190515-nxos-sisv2",
"defect": [
[
"CSCvj14093",
"CSCvj14106",
"CSCvj14182",
"CSCvk53125",
"CSCvk53227",
"CSCvk53256"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco NX-OS CLI Command Software Image Signature Verification Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-05-15T16:00:00-0700",
"ID": "CVE-2019-1813",
"STATE": "PUBLIC",
"TITLE": "Cisco NX-OS CLI Command Software Image Signature Verification Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS Software",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "8.3(1)"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability exists because software digital signatures are not properly verified during CLI command execution. An attacker could exploit this vulnerability to install an unsigned software image on an affected device."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.7",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-347"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190515 Cisco NX-OS CLI Command Software Image Signature Verification Vulnerabilities",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-sisv2"
},
{
"name": "108425",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/108425"
}
]
},
"source": {
"advisory": "cisco-sa-20190515-nxos-sisv2",
"defect": [
[
"CSCvj14093",
"CSCvj14106",
"CSCvj14182",
"CSCvk53125",
"CSCvk53227",
"CSCvk53256"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1813",
"datePublished": "2019-05-15T22:20:16.342103Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-20T17:19:18.285Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}