Details of VAR-201903-0540

ID

VAR-201903-0540

CVE

CVE-2019-1602

TITLE

Cisco NX-OS Vulnerability related to authorization, authority, and access control in software

Trust: 0.8

sources: JVNDB: JVNDB-2019-002466

DESCRIPTION

A vulnerability in the filesystem permissions of Cisco NX-OS Software could allow an authenticated, local attacker to access sensitive data that could be used to elevate their privileges to administrator. The vulnerability is due to improper implementation of filesystem permissions. An attacker could exploit this vulnerability by logging in to the CLI of an affected device, accessing a specific file, and leveraging this information to authenticate to the NX-API server. A successful exploit could allow an attacker to make configuration changes as administrator. Note: NX-API is disabled by default. Nexus 3000 Series Switches are affected in versions prior to 7.0(3)I7(4). Nexus 3500 Platform Switches are affected in versions prior to 7.0(3)I7(4). Nexus 3600 Platform Switches are affected in versions prior to 7.0(3)F3(5). Nexus 9000 Series Switches-Standalone are affected in versions prior to 7.0(3)I7(4). Nexus 9500 R-Series Line Cards and Fabric Modules are affected in versions prior to 7.0(3)F3(5). Cisco NX-OS The software contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Cisco NX-OS Software is prone to local insecure file-permissions vulnerability. A local attacker can exploit this issue to gain elevated privileges on an affected system. This issue is being tracked by Cisco bug ID CSCvj59009 and CSCvk70659

Trust: 1.98

sources: NVD: CVE-2019-1602 // JVNDB: JVNDB-2019-002466 // BID: 107332 // VULHUB: VHN-148124

AFFECTED PRODUCTS

vendor:	cisco	model:	nx-os	scope:	gte	version:	7.0\(3\)f1	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	gte	version:	7.0\(3\)i5	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	lt	version:	7.0\(3\)i7\(4\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	gte	version:	7.0\(3\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	gte	version:	7.0\(3\)f3	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	lt	version:	7.0\(3\)f3\(5\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nx-os	scope:	eq	version:	9.2(1)	Trust: 0.3
vendor:	cisco	model:	nx-os	scope:	eq	version:	9.2	Trust: 0.3
vendor:	cisco	model:	nx-os 7.0 i7	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	nx-os 7.0 i6	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	nx-os 7.0 i5	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	nx-os 7.0 i4	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	nx-os 7.0 f3	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	nx-os 7.0 f2	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	nx-os 7.0 f1	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0	Trust: 0.3
vendor:	cisco	model:	nexus r-series line cards and fabric modules	scope:	eq	version:	95000	Trust: 0.3
vendor:	cisco	model:	nexus series switches in standalone nx-os mode	scope:	eq	version:	90000	Trust: 0.3
vendor:	cisco	model:	nexus platform switches	scope:	eq	version:	36000	Trust: 0.3
vendor:	cisco	model:	nexus platform switches	scope:	eq	version:	35000	Trust: 0.3
vendor:	cisco	model:	nexus series switches	scope:	eq	version:	30000	Trust: 0.3
vendor:	cisco	model:	nx-os	scope:	ne	version:	9.2(2)	Trust: 0.3
vendor:	cisco	model:	nx-os 7.0 i7	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	nx-os 7.0 f3	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	nx-os 6.0 a8	scope:	ne	version:	-	Trust: 0.3

sources: BID: 107332 // JVNDB: JVNDB-2019-002466 // NVD: CVE-2019-1602

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-1602
value:	HIGH
Trust: 1.0
ykramarz@cisco.com:	CVE-2019-1602
value:	HIGH
Trust: 1.0
NVD:	CVE-2019-1602
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201903-181
value:	HIGH
Trust: 0.6
VULHUB:	VHN-148124
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2019-1602
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-148124
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

ykramarz@cisco.com:	CVE-2019-1602
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.0
Trust: 1.8
nvd@nist.gov:	CVE-2019-1602
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 1.0

sources: VULHUB: VHN-148124 // JVNDB: JVNDB-2019-002466 // CNNVD: CNNVD-201903-181 // NVD: CVE-2019-1602 // NVD: CVE-2019-1602

PROBLEMTYPE DATA

problemtype:	CWE-264	Trust: 1.9
problemtype:	NVD-CWE-Other	Trust: 1.0

sources: VULHUB: VHN-148124 // JVNDB: JVNDB-2019-002466 // NVD: CVE-2019-1602

THREAT TYPE

local

Trust: 0.9

sources: BID: 107332 // CNNVD: CNNVD-201903-181

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-201903-181

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-002466

PATCH

title:	cisco-sa-20190306-nxos-escalation	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-escalation	Trust: 0.8
title:	Cisco NX-OS Software Fixes for permission permissions and access control vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=89853	Trust: 0.6

sources: JVNDB: JVNDB-2019-002466 // CNNVD: CNNVD-201903-181

EXTERNAL IDS

db:	NVD	id:	CVE-2019-1602	Trust: 2.8
db:	BID	id:	107332	Trust: 2.0
db:	JVNDB	id:	JVNDB-2019-002466	Trust: 0.8
db:	CNNVD	id:	CNNVD-201903-181	Trust: 0.7
db:	VULHUB	id:	VHN-148124	Trust: 0.1

sources: VULHUB: VHN-148124 // BID: 107332 // JVNDB: JVNDB-2019-002466 // CNNVD: CNNVD-201903-181 // NVD: CVE-2019-1602

REFERENCES

url:	http://www.securityfocus.com/bid/107332	Trust: 2.3
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190306-nxos-escalation	Trust: 2.0
url:	https://nvd.nist.gov/vuln/detail/cve-2019-1602	Trust: 1.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1602	Trust: 0.8
url:	https://vigilance.fr/vulnerability/cisco-nx-os-nexus-multiple-vulnerabilities-28681	Trust: 0.6
url:	http://www.cisco.com/	Trust: 0.3

sources: VULHUB: VHN-148124 // BID: 107332 // JVNDB: JVNDB-2019-002466 // CNNVD: CNNVD-201903-181 // NVD: CVE-2019-1602

CREDITS

The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.

Trust: 0.6

sources: CNNVD: CNNVD-201903-181

SOURCES

db:	VULHUB	id:	VHN-148124
db:	BID	id:	107332
db:	JVNDB	id:	JVNDB-2019-002466
db:	CNNVD	id:	CNNVD-201903-181
db:	NVD	id:	CVE-2019-1602

LAST UPDATE DATE

2024-08-14T15:18:06.381000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-148124	date:	2020-10-08T00:00:00
db:	BID	id:	107332	date:	2019-03-06T00:00:00
db:	JVNDB	id:	JVNDB-2019-002466	date:	2019-04-09T00:00:00
db:	CNNVD	id:	CNNVD-201903-181	date:	2020-10-09T00:00:00
db:	NVD	id:	CVE-2019-1602	date:	2020-10-08T19:44:28.257

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-148124	date:	2019-03-08T00:00:00
db:	BID	id:	107332	date:	2019-03-06T00:00:00
db:	JVNDB	id:	JVNDB-2019-002466	date:	2019-04-09T00:00:00
db:	CNNVD	id:	CNNVD-201903-181	date:	2019-03-06T00:00:00
db:	NVD	id:	CVE-2019-1602	date:	2019-03-08T19:29:00.327