ID

VAR-201905-0241


CVE

CVE-2019-1727


TITLE

Cisco NX-OS Vulnerability related to authorization, authority, and access control in software

Trust: 0.8

sources: JVNDB: JVNDB-2019-004597

DESCRIPTION

A vulnerability in the Python scripting subsystem of Cisco NX-OS Software could allow an authenticated, local attacker to escape the Python parser and issue arbitrary commands to elevate the attacker's privilege level. The vulnerability is due to insufficient sanitization of user-supplied parameters that are passed to certain Python functions in the scripting sandbox of the affected device. An attacker could exploit this vulnerability to escape the scripting sandbox and execute arbitrary commands to elevate the attacker's privilege level. To exploit this vulnerability, the attacker must have local access and be authenticated to the targeted device with administrative or Python execution privileges. These requirements could limit the possibility of a successful exploit. Cisco NX-OS The software contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Cisco NX-OS Software for Nexus Series Switches is prone to a local privilege-escalation vulnerability. Local attackers may exploit this issue to gain elevated privileges. This issue is being tracked by Cisco Bug IDs CSCvh24788, CSCvi99282, CSCvi99284, CSCvi99288. Cisco MDS 9000 Series Multilayer Switches is a MDS 9000 series multilayer switch. The vulnerability stems from the lack of effective permissions and access control measures in network systems or products

Trust: 1.98

sources: NVD: CVE-2019-1727 // JVNDB: JVNDB-2019-004597 // BID: 108341 // VULHUB: VHN-149499

AFFECTED PRODUCTS

vendor:ciscomodel:nx-osscope:gteversion:8.0

Trust: 1.0

vendor:ciscomodel:nx-osscope:ltversion:7.0\(3\)i4\(8\)

Trust: 1.0

vendor:ciscomodel:nx-osscope:gteversion:7.0\(3\)i5

Trust: 1.0

vendor:ciscomodel:nx-osscope:ltversion:7.3\(4\)n1\(1\)

Trust: 1.0

vendor:ciscomodel:nx-osscope:gteversion:7.0\(3\)i4

Trust: 1.0

vendor:ciscomodel:nx-osscope:gteversion:7.3

Trust: 1.0

vendor:ciscomodel:nx-osscope:gteversion:6.2

Trust: 1.0

vendor:ciscomodel:nx-osscope:gteversion:5.2

Trust: 1.0

vendor:ciscomodel:nx-osscope:ltversion:7.0\(3\)i7\(3\)

Trust: 1.0

vendor:ciscomodel:nx-osscope:ltversion:8.3\(1\)

Trust: 1.0

vendor:ciscomodel:nx-osscope:ltversion:8.1\(1b\)

Trust: 1.0

vendor:ciscomodel:nx-osscope:gteversion:8.2

Trust: 1.0

vendor:ciscomodel:nx-osscope:ltversion:7.3\(3\)d1\(1\)

Trust: 1.0

vendor:ciscomodel:nx-osscope: - version: -

Trust: 0.8

vendor:ciscomodel:nx-osscope:eqversion:8.3

Trust: 0.3

vendor:ciscomodel:nx-osscope:eqversion:8.2

Trust: 0.3

vendor:ciscomodel:nx-osscope:eqversion:8.1

Trust: 0.3

vendor:ciscomodel:nx-osscope:eqversion:8.0

Trust: 0.3

vendor:ciscomodel:nx-osscope:eqversion:7.3

Trust: 0.3

vendor:ciscomodel:nx-osscope:eqversion:7.2

Trust: 0.3

vendor:ciscomodel:nx-osscope:eqversion:7.1

Trust: 0.3

vendor:ciscomodel:nx-os 7.0 i7scope: - version: -

Trust: 0.3

vendor:ciscomodel:nx-os 7.0 i6scope: - version: -

Trust: 0.3

vendor:ciscomodel:nx-os 7.0 i5scope: - version: -

Trust: 0.3

vendor:ciscomodel:nx-os 7.0 i4scope: - version: -

Trust: 0.3

vendor:ciscomodel:nx-osscope:eqversion:7.0(3)

Trust: 0.3

vendor:ciscomodel:nx-osscope:eqversion:7

Trust: 0.3

vendor:ciscomodel:nx-osscope:eqversion:6.2

Trust: 0.3

vendor:ciscomodel:nx-osscope:eqversion:5.2

Trust: 0.3

vendor:ciscomodel:nexus r-series switching platformscope:eqversion:95000

Trust: 0.3

vendor:ciscomodel:nexus series switches in standalone nx-os modescope:eqversion:90000

Trust: 0.3

vendor:ciscomodel:nexus series switchesscope:eqversion:77000

Trust: 0.3

vendor:ciscomodel:nexus series switchesscope:eqversion:70000

Trust: 0.3

vendor:ciscomodel:nexus series switchesscope:eqversion:60000

Trust: 0.3

vendor:ciscomodel:nexus platform switchesscope:eqversion:56000

Trust: 0.3

vendor:ciscomodel:nexus platform switchesscope:eqversion:55000

Trust: 0.3

vendor:ciscomodel:nexus platform switchesscope:eqversion:36000

Trust: 0.3

vendor:ciscomodel:nexus platform switchesscope:eqversion:35000

Trust: 0.3

vendor:ciscomodel:nexus series switchesscope:eqversion:30000

Trust: 0.3

vendor:ciscomodel:mds series multilayer switchesscope:eqversion:90000

Trust: 0.3

vendor:ciscomodel:nx-osscope:neversion:8.3(1)

Trust: 0.3

vendor:ciscomodel:nx-os 8.1scope:neversion: -

Trust: 0.3

vendor:ciscomodel:nx-os 7.3 n1scope:neversion: -

Trust: 0.3

vendor:ciscomodel:nx-os 7.3 d1scope:neversion: -

Trust: 0.3

vendor:ciscomodel:nx-os 7.0 i7scope:neversion: -

Trust: 0.3

vendor:ciscomodel:nx-os 7.0 i4scope:neversion: -

Trust: 0.3

vendor:ciscomodel:nx-os 7.0 f3scope:neversion: -

Trust: 0.3

sources: BID: 108341 // JVNDB: JVNDB-2019-004597 // NVD: CVE-2019-1727

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-1727
value: MEDIUM

Trust: 1.0

ykramarz@cisco.com: CVE-2019-1727
value: MEDIUM

Trust: 1.0

NVD: CVE-2019-1727
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201905-641
value: MEDIUM

Trust: 0.6

VULHUB: VHN-149499
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2019-1727
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-149499
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-1727
baseSeverity: MEDIUM
baseScore: 6.7
vectorString: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 0.8
impactScore: 5.9
version: 3.1

Trust: 1.0

ykramarz@cisco.com: CVE-2019-1727
baseSeverity: MEDIUM
baseScore: 4.2
vectorString: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: LOW
exploitabilityScore: 0.8
impactScore: 3.4
version: 3.0

Trust: 1.0

NVD: CVE-2019-1727
baseSeverity: MEDIUM
baseScore: 6.7
vectorString: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-149499 // JVNDB: JVNDB-2019-004597 // CNNVD: CNNVD-201905-641 // NVD: CVE-2019-1727 // NVD: CVE-2019-1727

PROBLEMTYPE DATA

problemtype:CWE-264

Trust: 1.9

problemtype:CWE-78

Trust: 1.1

sources: VULHUB: VHN-149499 // JVNDB: JVNDB-2019-004597 // NVD: CVE-2019-1727

THREAT TYPE

local

Trust: 0.9

sources: BID: 108341 // CNNVD: CNNVD-201905-641

TYPE

operating system commend injection

Trust: 0.6

sources: CNNVD: CNNVD-201905-641

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-004597

PATCH

title:cisco-sa-20190515-nxos-pyth-escalurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-pyth-escal

Trust: 0.8

title:Cisco NX-OS Software Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92767

Trust: 0.6

sources: JVNDB: JVNDB-2019-004597 // CNNVD: CNNVD-201905-641

EXTERNAL IDS

db:NVDid:CVE-2019-1727

Trust: 2.8

db:BIDid:108341

Trust: 2.0

db:JVNDBid:JVNDB-2019-004597

Trust: 0.8

db:CNNVDid:CNNVD-201905-641

Trust: 0.7

db:AUSCERTid:ESB-2019.1756.3

Trust: 0.6

db:AUSCERTid:ESB-2019.1756.4

Trust: 0.6

db:VULHUBid:VHN-149499

Trust: 0.1

sources: VULHUB: VHN-149499 // BID: 108341 // JVNDB: JVNDB-2019-004597 // CNNVD: CNNVD-201905-641 // NVD: CVE-2019-1727

REFERENCES

url:http://www.securityfocus.com/bid/108341

Trust: 2.3

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-pyth-escal

Trust: 2.0

url:https://nvd.nist.gov/vuln/detail/cve-2019-1727

Trust: 1.4

url:http://www.cisco.com/

Trust: 0.9

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1727

Trust: 0.8

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-ssh-info

Trust: 0.6

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-rpm-injec

Trust: 0.6

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-psvb

Trust: 0.6

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-nxapi-xss

Trust: 0.6

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-linecardinj-1769

Trust: 0.6

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-cmdinj-1791

Trust: 0.6

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-cmdinj-1790

Trust: 0.6

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-cmd-inject-1784

Trust: 0.6

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-cmdinj-1783

Trust: 0.6

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-cmdinj-1778

Trust: 0.6

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-cmdinj-1776

Trust: 0.6

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-cmdinj-1770

Trust: 0.6

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-cmdinj-1735

Trust: 0.6

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-cmdinj-1774-1775

Trust: 0.6

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-cli-bypass

Trust: 0.6

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-overflow-inj

Trust: 0.6

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-bash-bypass

Trust: 0.6

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-file-write

Trust: 0.6

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-sisv2

Trust: 0.6

url:https://vigilance.fr/vulnerability/cisco-nx-os-code-execution-via-python-29326

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2019.1756.3/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/81106

Trust: 0.6

sources: VULHUB: VHN-149499 // BID: 108341 // JVNDB: JVNDB-2019-004597 // CNNVD: CNNVD-201905-641 // NVD: CVE-2019-1727

CREDITS

Cisco

Trust: 0.9

sources: BID: 108341 // CNNVD: CNNVD-201905-641

SOURCES

db:VULHUBid:VHN-149499
db:BIDid:108341
db:JVNDBid:JVNDB-2019-004597
db:CNNVDid:CNNVD-201905-641
db:NVDid:CVE-2019-1727

LAST UPDATE DATE

2024-08-14T13:55:27.051000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-149499date:2020-10-16T00:00:00
db:BIDid:108341date:2019-05-15T00:00:00
db:JVNDBid:JVNDB-2019-004597date:2019-06-05T00:00:00
db:CNNVDid:CNNVD-201905-641date:2020-10-28T00:00:00
db:NVDid:CVE-2019-1727date:2020-10-16T13:09:58.793

SOURCES RELEASE DATE

db:VULHUBid:VHN-149499date:2019-05-15T00:00:00
db:BIDid:108341date:2019-05-15T00:00:00
db:JVNDBid:JVNDB-2019-004597date:2019-06-05T00:00:00
db:CNNVDid:CNNVD-201905-641date:2019-05-15T00:00:00
db:NVDid:CVE-2019-1727date:2019-05-15T17:29:01.530