Details of VAR-201903-0588

ID

VAR-201903-0588

CVE

CVE-2019-1585

TITLE

Cisco Nexus 9000 series ACI Mode Switch Software configuration vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-002416

DESCRIPTION

A vulnerability in the controller authorization functionality of Cisco Nexus 9000 Series ACI Mode Switch Software could allow an authenticated, local attacker to escalate standard users with root privilege on an affected device. The vulnerability is due to a misconfiguration of certain sudoers files for the bashroot component on an affected device. An attacker could exploit this vulnerability by authenticating to the affected device with a crafted user ID, which may allow temporary administrative access to escalate privileges. A successful exploit could allow the attacker to escalate privileges on an affected device. This Vulnerability has been fixed in version 4.0(1h). The Cisco Nexus 9000 Series Switches are modular and fixed-port network switches designed for data centers. This issue is tracked by Cisco Bug ID CSCvn09838

Trust: 2.52

sources: NVD: CVE-2019-1585 // JVNDB: JVNDB-2019-002416 // CNVD: CNVD-2019-06596 // BID: 107312 // VULHUB: VHN-147937

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2019-06596

AFFECTED PRODUCTS

vendor:	cisco	model:	nx-os	scope:	eq	version:	8.3\(0\)sk\(0.39\)	Trust: 1.0
vendor:	cisco	model:	application policy infrastructure controller software	scope:	lte	version:	4.0\(1h\)	Trust: 1.0
vendor:	cisco	model:	application policy infrastructure controller software	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nx-os	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus none	scope:	eq	version:	9000	Trust: 0.6
vendor:	cisco	model:	nexus series switches 8.3 sk	scope:	eq	version:	9000	Trust: 0.3
vendor:	cisco	model:	nexus series switches 4.0	scope:	ne	version:	9000	Trust: 0.3

sources: CNVD: CNVD-2019-06596 // BID: 107312 // JVNDB: JVNDB-2019-002416 // NVD: CVE-2019-1585

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-1585
value:	HIGH
Trust: 1.0
ykramarz@cisco.com:	CVE-2019-1585
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2019-1585
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2019-06596
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201903-167
value:	HIGH
Trust: 0.6
VULHUB:	VHN-147937
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2019-1585
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2019-06596
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-147937
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2019-1585
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.0
Trust: 1.8
ykramarz@cisco.com:	CVE-2019-1585
baseSeverity:	MEDIUM
baseScore:	6.7
vectorString:	CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	0.8
impactScore:	5.9
version:	3.0
Trust: 1.0

sources: CNVD: CNVD-2019-06596 // VULHUB: VHN-147937 // JVNDB: JVNDB-2019-002416 // CNNVD: CNNVD-201903-167 // NVD: CVE-2019-1585 // NVD: CVE-2019-1585

PROBLEMTYPE DATA

problemtype:

CWE-16

Trust: 1.9

sources: VULHUB: VHN-147937 // JVNDB: JVNDB-2019-002416 // NVD: CVE-2019-1585

THREAT TYPE

local

Trust: 0.9

sources: BID: 107312 // CNNVD: CNNVD-201903-167

TYPE

configuration error

Trust: 0.6

sources: CNNVD: CNNVD-201903-167

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-002416

PATCH

title:	cisco-sa-20190306-aci-controller-privsec	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-aci-controller-privsec	Trust: 0.8
title:	Patch for Cisco Nexus 9000 ACI Mode Privilege Escalation Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/155557	Trust: 0.6
title:	Cisco Nexus 9000 Series ACI Mode Switch Software Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=89842	Trust: 0.6

sources: CNVD: CNVD-2019-06596 // JVNDB: JVNDB-2019-002416 // CNNVD: CNNVD-201903-167

EXTERNAL IDS

db:	NVD	id:	CVE-2019-1585	Trust: 3.4
db:	BID	id:	107312	Trust: 2.0
db:	JVNDB	id:	JVNDB-2019-002416	Trust: 0.8
db:	CNNVD	id:	CNNVD-201903-167	Trust: 0.7
db:	CNVD	id:	CNVD-2019-06596	Trust: 0.6
db:	AUSCERT	id:	ESB-2019.0715	Trust: 0.6
db:	VULHUB	id:	VHN-147937	Trust: 0.1

sources: CNVD: CNVD-2019-06596 // VULHUB: VHN-147937 // BID: 107312 // JVNDB: JVNDB-2019-002416 // CNNVD: CNNVD-201903-167 // NVD: CVE-2019-1585

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190306-aci-controller-privsec	Trust: 2.6
url:	http://www.securityfocus.com/bid/107312	Trust: 2.3
url:	https://nvd.nist.gov/vuln/detail/cve-2019-1585	Trust: 1.4
url:	http://www.cisco.com	Trust: 0.9
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1585	Trust: 0.8
url:	https://vigilance.fr/vulnerability/cisco-nx-os-nexus-multiple-vulnerabilities-28681	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/76638	Trust: 0.6

sources: CNVD: CNVD-2019-06596 // VULHUB: VHN-147937 // BID: 107312 // JVNDB: JVNDB-2019-002416 // CNNVD: CNNVD-201903-167 // NVD: CVE-2019-1585

CREDITS

Octav Opaschi with DETACK GmbH .

Trust: 0.6

sources: CNNVD: CNNVD-201903-167

SOURCES

db:	CNVD	id:	CNVD-2019-06596
db:	VULHUB	id:	VHN-147937
db:	BID	id:	107312
db:	JVNDB	id:	JVNDB-2019-002416
db:	CNNVD	id:	CNNVD-201903-167
db:	NVD	id:	CVE-2019-1585

LAST UPDATE DATE

2024-11-23T23:04:49.612000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2019-06596	date:	2019-03-08T00:00:00
db:	VULHUB	id:	VHN-147937	date:	2019-10-09T00:00:00
db:	BID	id:	107312	date:	2019-03-06T00:00:00
db:	JVNDB	id:	JVNDB-2019-002416	date:	2019-04-09T00:00:00
db:	CNNVD	id:	CNNVD-201903-167	date:	2019-04-01T00:00:00
db:	NVD	id:	CVE-2019-1585	date:	2024-11-21T04:36:51.620

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2019-06596	date:	2019-03-06T00:00:00
db:	VULHUB	id:	VHN-147937	date:	2019-03-06T00:00:00
db:	BID	id:	107312	date:	2019-03-06T00:00:00
db:	JVNDB	id:	JVNDB-2019-002416	date:	2019-04-09T00:00:00
db:	CNNVD	id:	CNNVD-201903-167	date:	2019-03-06T00:00:00
db:	NVD	id:	CVE-2019-1585	date:	2019-03-06T21:29:00.323