var-201908-0840
Vulnerability from variot
A vulnerability in the implementation of the Simple Network Management Protocol (SNMP) Access Control List (ACL) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to perform SNMP polling of an affected device, even if it is configured to deny SNMP traffic. The vulnerability is due to an incorrect length check when the configured ACL name is the maximum length, which is 32 ASCII characters. An attacker could exploit this vulnerability by performing SNMP polling of an affected device. A successful exploit could allow the attacker to perform SNMP polling that should have been denied. The attacker has no control of the configuration of the SNMP ACL name. Cisco NX-OS The software contains vulnerabilities related to authorization, permissions, and access control.Information may be tampered with. Cisco NX-OS Software is a data center-level operating system software used by a set of switches of Cisco. The following products and versions are affected: Cisco Nexus 3000 Series Switches; Nexus 3500 Platform Switches; Nexus 3600 Platform Switches; Nexus 9000 Series Switches (standalone NX-OS mode); Nexus 9500 R-Series Switching Platform
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201908-0840", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "nx-os", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "7.0\\(3\\)i7\\(3\\)" }, { "model": "nx-os", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "7.0\\(3\\)f" }, { "model": "nx-os", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "9.2\\(2\\)" }, { "model": "nx-os", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "9.2" }, { "model": "nx-os", "scope": null, "trust": 0.8, "vendor": "cisco", "version": null } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-008864" }, { "db": "NVD", "id": "CVE-2019-1969" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:nx-os:9.2\\(2\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(3\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:cisco:nx-os:9.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:cisco:nx-os:9.2\\(2\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2019-1969" } ] }, "cve": "CVE-2019-1969", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "impactScore": 2.9, "integrityImpact": "PARTIAL", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "None", "baseScore": 5.0, "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2019-1969", "impactScore": null, "integrityImpact": "Partial", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Medium", "trust": 0.9, "userInteractionRequired": null, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "VHN-152161", "impactScore": 2.9, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:N", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "NVD", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "exploitabilityScore": 3.9, "impactScore": 1.4, "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" }, { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "ykramarz@cisco.com", "availabilityImpact": "NONE", "baseScore": 5.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "exploitabilityScore": 3.9, "impactScore": 1.4, "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N", "version": "3.0" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "NVD", "availabilityImpact": "None", "baseScore": 5.3, "baseSeverity": "Medium", "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2019-1969", "impactScore": null, "integrityImpact": "Low", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2019-1969", "trust": 1.8, "value": "MEDIUM" }, { "author": "ykramarz@cisco.com", "id": "CVE-2019-1969", "trust": 1.0, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-201908-2143", "trust": 0.6, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-152161", "trust": 0.1, "value": "MEDIUM" }, { "author": "VULMON", "id": "CVE-2019-1969", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "VULHUB", "id": "VHN-152161" }, { "db": "VULMON", "id": "CVE-2019-1969" }, { "db": "JVNDB", "id": "JVNDB-2019-008864" }, { "db": "NVD", "id": "CVE-2019-1969" }, { "db": "NVD", "id": "CVE-2019-1969" }, { "db": "CNNVD", "id": "CNNVD-201908-2143" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability in the implementation of the Simple Network Management Protocol (SNMP) Access Control List (ACL) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to perform SNMP polling of an affected device, even if it is configured to deny SNMP traffic. The vulnerability is due to an incorrect length check when the configured ACL name is the maximum length, which is 32 ASCII characters. An attacker could exploit this vulnerability by performing SNMP polling of an affected device. A successful exploit could allow the attacker to perform SNMP polling that should have been denied. The attacker has no control of the configuration of the SNMP ACL name. Cisco NX-OS The software contains vulnerabilities related to authorization, permissions, and access control.Information may be tampered with. Cisco NX-OS Software is a data center-level operating system software used by a set of switches of Cisco. The following products and versions are affected: Cisco Nexus 3000 Series Switches; Nexus 3500 Platform Switches; Nexus 3600 Platform Switches; Nexus 9000 Series Switches (standalone NX-OS mode); Nexus 9500 R-Series Switching Platform", "sources": [ { "db": "NVD", "id": "CVE-2019-1969" }, { "db": "JVNDB", "id": "JVNDB-2019-008864" }, { "db": "VULHUB", "id": "VHN-152161" }, { "db": "VULMON", "id": "CVE-2019-1969" } ], "trust": 1.8 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2019-1969", "trust": 2.6 }, { "db": "JVNDB", "id": "JVNDB-2019-008864", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-201908-2143", "trust": 0.7 }, { "db": "AUSCERT", "id": "ESB-2019.3276.2", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2019.3276", "trust": 0.6 }, { "db": "VULHUB", "id": "VHN-152161", "trust": 0.1 }, { "db": "VULMON", "id": "CVE-2019-1969", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-152161" }, { "db": "VULMON", "id": "CVE-2019-1969" }, { "db": "JVNDB", "id": "JVNDB-2019-008864" }, { "db": "NVD", "id": "CVE-2019-1969" }, { "db": "CNNVD", "id": "CNNVD-201908-2143" } ] }, "id": "VAR-201908-0840", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-152161" } ], "trust": 0.01 }, "last_update_date": "2023-12-18T12:28:00.214000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "cisco-sa-20190828-nxos-snmp-bypass", "trust": 0.8, "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190828-nxos-snmp-bypass" }, { "title": "Cisco\u00a0NX-OS Software Fixes for permissions and access control issues vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=97631" }, { "title": "Cisco: Cisco NX-OS Software SNMP Access Control List Configuration Name Bypass Vulnerability", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20190828-nxos-snmp-bypass" } ], "sources": [ { "db": "VULMON", "id": "CVE-2019-1969" }, { "db": "JVNDB", "id": "JVNDB-2019-008864" }, { "db": "CNNVD", "id": "CNNVD-201908-2143" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-20", "trust": 1.1 }, { "problemtype": "CWE-264", "trust": 0.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-152161" }, { "db": "JVNDB", "id": "JVNDB-2019-008864" }, { "db": "NVD", "id": "CVE-2019-1969" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.9, "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190828-nxos-snmp-bypass" }, { "trust": 1.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-1969" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1969" }, { "trust": 0.6, "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190828-nxos-memleak-dos" }, { "trust": 0.6, "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190828-nxos-ntp-dos" }, { "trust": 0.6, "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190828-nxos-api-dos" }, { "trust": 0.6, "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190828-nxos-ipv6-dos" }, { "trust": 0.6, "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190828-nxos-fsip-dos" }, { "trust": 0.6, "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190828-fxnxos-snmp-dos" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2019.3276.2/" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/cisco-nx-os-information-disclosure-via-snmp-acl-bypass-30192" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2019.3276/" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/20.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" } ], "sources": [ { "db": "VULHUB", "id": "VHN-152161" }, { "db": "VULMON", "id": "CVE-2019-1969" }, { "db": "JVNDB", "id": "JVNDB-2019-008864" }, { "db": "NVD", "id": "CVE-2019-1969" }, { "db": "CNNVD", "id": "CNNVD-201908-2143" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULHUB", "id": "VHN-152161" }, { "db": "VULMON", "id": "CVE-2019-1969" }, { "db": "JVNDB", "id": "JVNDB-2019-008864" }, { "db": "NVD", "id": "CVE-2019-1969" }, { "db": "CNNVD", "id": "CNNVD-201908-2143" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-08-30T00:00:00", "db": "VULHUB", "id": "VHN-152161" }, { "date": "2019-08-30T00:00:00", "db": "VULMON", "id": "CVE-2019-1969" }, { "date": "2019-09-06T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-008864" }, { "date": "2019-08-30T09:15:20.443000", "db": "NVD", "id": "CVE-2019-1969" }, { "date": "2019-08-28T00:00:00", "db": "CNNVD", "id": "CNNVD-201908-2143" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2020-10-16T00:00:00", "db": "VULHUB", "id": "VHN-152161" }, { "date": "2020-10-16T00:00:00", "db": "VULMON", "id": "CVE-2019-1969" }, { "date": "2019-09-06T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-008864" }, { "date": "2020-10-16T14:11:35.303000", "db": "NVD", "id": "CVE-2019-1969" }, { "date": "2020-10-21T00:00:00", "db": "CNNVD", "id": "CNNVD-201908-2143" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201908-2143" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Cisco NX-OS Vulnerability related to authorization, authority, and access control in software", "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-008864" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "input validation error", "sources": [ { "db": "CNNVD", "id": "CNNVD-201908-2143" } ], "trust": 0.6 } }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.