Details of VAR-201903-0543

ID

VAR-201903-0543

CVE

CVE-2019-1605

TITLE

Cisco NX-OS Software input validation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-002419

DESCRIPTION

A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary code as root. The vulnerability is due to incorrect input validation in the NX-API feature. An attacker could exploit this vulnerability by sending a crafted HTTP or HTTPS request to an internal service on an affected device that has the NX-API feature enabled. A successful exploit could allow the attacker to cause a buffer overflow and execute arbitrary code as root. Note: The NX-API feature is disabled by default. MDS 9000 Series Multilayer Switches are affected in versions prior to 8.1(1). Nexus 3000 Series Switches are affected in versions prior to 7.0(3)I4(8) and 7.0(3)I7(1). Nexus 3500 Platform Switches are affected in versions prior to 6.0(2)A8(8). Nexus 3600 Platform Switches are affected in versions prior to 7.0(3)F3(5). Nexus 2000, 5500, 5600, and 6000 Series Switches are affected in versions prior to 7.3(2)N1(1). Nexus 7000 and 7700 Series Switches are affected in versions prior to 7.3(3)D1(1). Nexus 9000 Series Switches in Standalone NX-OS Mode are affected in versions prior to 7.0(3)I4(8) and 7.0(3)I7(1). Nexus 9500 R-Series Line Cards and Fabric Modules are affected in versions prior to 7.0(3)F3(5). Cisco NX-OS The software contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This issue is being tracked by Cisco Bug IDs CSCvh77526, CSCvi99224, CSCvi99225, CSCvi99227 and CSCvi99228

Trust: 1.98

sources: NVD: CVE-2019-1605 // JVNDB: JVNDB-2019-002419 // BID: 107313 // VULHUB: VHN-148157

AFFECTED PRODUCTS

vendor:	cisco	model:	nx-os	scope:	lt	version:	8.1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	lt	version:	7.0\(3\)i4\(8\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	gte	version:	7.0\(3\)i5	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	lt	version:	7.0\(3\)i7\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	lt	version:	7.3\(2\)n1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	gte	version:	7.3	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	gte	version:	7.0\(3\)f3	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	gte	version:	7.2	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	gte	version:	7.0\(3\)f1	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	lt	version:	6.0\(2\)a8\(8\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	lt	version:	7.0\(3\)f3\(5\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	lt	version:	7.3\(3\)d1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os 7.0 i4	scope:	-	version:	-	Trust: 0.9
vendor:	cisco	model:	nx-os	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nx-os 7.0 i7	scope:	ne	version:	-	Trust: 0.6
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.3	Trust: 0.3
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.2	Trust: 0.3
vendor:	cisco	model:	nx-os 7.0 i6	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	nx-os 7.0 i5	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	nx-os 7.0 f1	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	nexus r-series line cards and fabric modules	scope:	eq	version:	95000	Trust: 0.3
vendor:	cisco	model:	nexus series switches standalone nx-os mode	scope:	eq	version:	9000-0	Trust: 0.3
vendor:	cisco	model:	nexus series switches 7.0 ihd8	scope:	eq	version:	9000	Trust: 0.3
vendor:	cisco	model:	nexus series switches	scope:	eq	version:	77000	Trust: 0.3
vendor:	cisco	model:	nexus series switches	scope:	eq	version:	70000	Trust: 0.3
vendor:	cisco	model:	nexus series switches	scope:	eq	version:	60000	Trust: 0.3
vendor:	cisco	model:	nexus platform switches	scope:	eq	version:	56000	Trust: 0.3
vendor:	cisco	model:	nexus platform switches	scope:	eq	version:	55000	Trust: 0.3
vendor:	cisco	model:	nexus platform switches	scope:	eq	version:	36000	Trust: 0.3
vendor:	cisco	model:	nexus platform switches	scope:	eq	version:	35000	Trust: 0.3
vendor:	cisco	model:	nexus series switches	scope:	eq	version:	30000	Trust: 0.3
vendor:	cisco	model:	nexus series fabric extenders	scope:	eq	version:	20000	Trust: 0.3
vendor:	cisco	model:	mds series multilayer switches	scope:	eq	version:	90000	Trust: 0.3
vendor:	cisco	model:	nx-os	scope:	ne	version:	9.2(1)	Trust: 0.3
vendor:	cisco	model:	nx-os 7.3 d1	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	nx-os 7.3 n1	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	nx-os 7.0 i4	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	nx-os 7.0 f3	scope:	ne	version:	-	Trust: 0.3

sources: BID: 107313 // JVNDB: JVNDB-2019-002419 // NVD: CVE-2019-1605

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-1605
value:	HIGH
Trust: 1.0
ykramarz@cisco.com:	CVE-2019-1605
value:	HIGH
Trust: 1.0
NVD:	CVE-2019-1605
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201903-172
value:	HIGH
Trust: 0.6
VULHUB:	VHN-148157
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2019-1605
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-148157
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

ykramarz@cisco.com:	CVE-2019-1605
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.0
Trust: 1.8
nvd@nist.gov:	CVE-2019-1605
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 1.0

sources: VULHUB: VHN-148157 // JVNDB: JVNDB-2019-002419 // CNNVD: CNNVD-201903-172 // NVD: CVE-2019-1605 // NVD: CVE-2019-1605

PROBLEMTYPE DATA

problemtype:	CWE-20	Trust: 1.9
problemtype:	CWE-119	Trust: 1.1

sources: VULHUB: VHN-148157 // JVNDB: JVNDB-2019-002419 // NVD: CVE-2019-1605

THREAT TYPE

local

Trust: 0.9

sources: BID: 107313 // CNNVD: CNNVD-201903-172

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201903-172

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-002419

PATCH

title:	cisco-sa-20190306-nx-os-api-ex	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-api-ex	Trust: 0.8
title:	Cisco NX-OS Software Enter the fix for the verification vulnerability	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=89845	Trust: 0.6

sources: JVNDB: JVNDB-2019-002419 // CNNVD: CNNVD-201903-172

EXTERNAL IDS

db:	NVD	id:	CVE-2019-1605	Trust: 2.8
db:	BID	id:	107313	Trust: 2.0
db:	JVNDB	id:	JVNDB-2019-002419	Trust: 0.8
db:	NSFOCUS	id:	42878	Trust: 0.6
db:	CNNVD	id:	CNNVD-201903-172	Trust: 0.6
db:	VULHUB	id:	VHN-148157	Trust: 0.1

sources: VULHUB: VHN-148157 // BID: 107313 // JVNDB: JVNDB-2019-002419 // CNNVD: CNNVD-201903-172 // NVD: CVE-2019-1605

REFERENCES

url:	http://www.securityfocus.com/bid/107313	Trust: 2.3
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190306-nxos-api-ex	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2019-1605	Trust: 1.4
url:	http://www.cisco.com/	Trust: 0.9
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190306-nx-os-api-ex#fs	Trust: 0.9
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1605	Trust: 0.8
url:	http://www.nsfocus.net/vulndb/42878	Trust: 0.6
url:	https://vigilance.fr/vulnerability/cisco-nx-os-nexus-multiple-vulnerabilities-28681	Trust: 0.6
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190306-nx-os-api-ex	Trust: 0.6

sources: VULHUB: VHN-148157 // BID: 107313 // JVNDB: JVNDB-2019-002419 // CNNVD: CNNVD-201903-172 // NVD: CVE-2019-1605

CREDITS

The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.,Cisco,vendor ?? ??

Trust: 0.6

sources: CNNVD: CNNVD-201903-172

SOURCES

db:	VULHUB	id:	VHN-148157
db:	BID	id:	107313
db:	JVNDB	id:	JVNDB-2019-002419
db:	CNNVD	id:	CNNVD-201903-172
db:	NVD	id:	CVE-2019-1605

LAST UPDATE DATE

2024-08-14T15:38:59.852000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-148157	date:	2020-10-05T00:00:00
db:	BID	id:	107313	date:	2019-03-06T00:00:00
db:	JVNDB	id:	JVNDB-2019-002419	date:	2019-04-09T00:00:00
db:	CNNVD	id:	CNNVD-201903-172	date:	2020-10-09T00:00:00
db:	NVD	id:	CVE-2019-1605	date:	2020-10-05T19:48:45.577

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-148157	date:	2019-03-08T00:00:00
db:	BID	id:	107313	date:	2019-03-06T00:00:00
db:	JVNDB	id:	JVNDB-2019-002419	date:	2019-04-09T00:00:00
db:	CNNVD	id:	CNNVD-201903-172	date:	2019-03-06T00:00:00
db:	NVD	id:	CVE-2019-1605	date:	2019-03-08T20:29:00.340