Sign-up

ID

VAR-201905-0249


CVE

CVE-2019-1730


TITLE

Cisco NX-OS Vulnerability related to authorization, authority, and access control in software

Trust: 0.8

sources: JVNDB: JVNDB-2019-004600

DESCRIPTION

A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to bypass the limited command set of the restricted Guest Shell and execute commands at the privilege level of a network-admin user outside of the Guest Shell. The attacker must authenticate with valid administrator device credentials. The vulnerability is due to the incorrect implementation of a CLI command that allows a Bash command to be incorrectly invoked on the Guest Shell CLI. An attacker could exploit this vulnerability by authenticating to the device and entering a crafted command at the Guest Shell prompt. A successful exploit could allow the attacker to issue commands that should be restricted by a Guest Shell account. Cisco NX-OS The software contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Cisco NX-OS System Software is prone to a local security-bypass vulnerability. This may aid in further attacks. This issue is being tracked by Cisco Bug IDs CSCvh76090, CSCvj01472, CSCvj01497 . The implementation of the Bash shell in Cisco NX-OS Software is vulnerable to permission and access control issues. The vulnerability stems from the lack of effective permissions and access control measures in network systems or products. The following products and versions are affected: Cisco Nexus 3000 Series Switches; Nexus 3500 Platform Switches; Nexus 3600 Platform Switches; Nexus 7000 Series Switches; Nexus 7700 Series Switches; Nexus 9000 Series Switches in standalone NX-OS mode; Platform

Trust: 1.98

sources: NVD: CVE-2019-1730 // JVNDB: JVNDB-2019-004600 // BID: 108397 // VULHUB: VHN-149532

AFFECTED PRODUCTS

vendor:ciscomodel:nx-osscope:ltversion:7.0\(3\)f3\(5\)

Trust: 1.0

vendor:ciscomodel:nx-osscope:ltversion:8.3\(1\)

Trust: 1.0

vendor:ciscomodel:nx-osscope:gteversion:7.0\(3\)i7

Trust: 1.0

vendor:ciscomodel:nx-osscope:gteversion:7.0\(3\)i4

Trust: 1.0

vendor:ciscomodel:nx-osscope:gteversion:7.0\(3\)

Trust: 1.0

vendor:ciscomodel:nx-osscope:ltversion:7.0\(3\)i7\(4\)

Trust: 1.0

vendor:ciscomodel:nx-osscope:gteversion:8.1

Trust: 1.0

vendor:ciscomodel:nx-osscope:ltversion:7.0\(3\)i4\(9\)

Trust: 1.0

vendor:ciscomodel:nx-osscope: - version: -

Trust: 0.8

vendor:ciscomodel:nx-osscope:eqversion:8.3

Trust: 0.3

vendor:ciscomodel:nx-osscope:eqversion:8.2

Trust: 0.3

vendor:ciscomodel:nx-osscope:eqversion:8.1

Trust: 0.3

vendor:ciscomodel:nx-os 7.0 i7scope: - version: -

Trust: 0.3

vendor:ciscomodel:nx-os 7.0 i4scope: - version: -

Trust: 0.3

vendor:ciscomodel:nx-osscope:eqversion:7.0(3)

Trust: 0.3

vendor:ciscomodel:nexus r-series switching platformscope:eqversion:95000

Trust: 0.3

vendor:ciscomodel:nexus series switches standalone nx-os modescope:eqversion:9000-0

Trust: 0.3

vendor:ciscomodel:nexus series switchesscope:eqversion:77000

Trust: 0.3

vendor:ciscomodel:nexus series switchesscope:eqversion:70000

Trust: 0.3

vendor:ciscomodel:nexus platform switchesscope:eqversion:36000

Trust: 0.3

vendor:ciscomodel:nexus platform switchesscope:eqversion:35000

Trust: 0.3

vendor:ciscomodel:nexus series switchesscope:eqversion:30000

Trust: 0.3

vendor:ciscomodel:nx-osscope:neversion:8.3(1)

Trust: 0.3

vendor:ciscomodel:nx-osscope:neversion:8.2(3)

Trust: 0.3

vendor:ciscomodel:nx-os 7.0 i7scope:neversion: -

Trust: 0.3

vendor:ciscomodel:nx-os 7.0 i4scope:neversion: -

Trust: 0.3

vendor:ciscomodel:nx-os 7.0 f3scope:neversion: -

Trust: 0.3

sources: BID: 108397 // JVNDB: JVNDB-2019-004600 // NVD: CVE-2019-1730

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-1730
value: MEDIUM

Trust: 1.0

ykramarz@cisco.com: CVE-2019-1730
value: MEDIUM

Trust: 1.0

NVD: CVE-2019-1730
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201905-644
value: MEDIUM

Trust: 0.6

VULHUB: VHN-149532
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2019-1730
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-149532
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-1730
baseSeverity: MEDIUM
baseScore: 6.7
vectorString: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 0.8
impactScore: 5.9
version: 3.1

Trust: 1.0

ykramarz@cisco.com: CVE-2019-1730
baseSeverity: MEDIUM
baseScore: 6.0
vectorString: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 0.8
impactScore: 5.2
version: 3.0

Trust: 1.0

NVD: CVE-2019-1730
baseSeverity: MEDIUM
baseScore: 6.7
vectorString: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-149532 // JVNDB: JVNDB-2019-004600 // CNNVD: CNNVD-201905-644 // NVD: CVE-2019-1730 // NVD: CVE-2019-1730

PROBLEMTYPE DATA

problemtype:CWE-264

Trust: 1.9

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: VULHUB: VHN-149532 // JVNDB: JVNDB-2019-004600 // NVD: CVE-2019-1730

THREAT TYPE

local

Trust: 0.9

sources: BID: 108397 // CNNVD: CNNVD-201905-644

TYPE

permissions and access control issues

Trust: 0.6

sources: CNNVD: CNNVD-201905-644

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2019-004600

PATCH
title:cisco-sa-20190515-nxos-bash-bypassurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-bash-bypass
Trust: 0.8
title:Cisco NX-OS Software Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92770
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2019-004600 // 
            
            
            
            CNNVD: CNNVD-201905-644

EXTERNAL IDS
db:NVDid:CVE-2019-1730
Trust: 2.8
db:BIDid:108397
Trust: 2.0
db:JVNDBid:JVNDB-2019-004600
Trust: 0.8
db:CNNVDid:CNNVD-201905-644
Trust: 0.7
db:AUSCERTid:ESB-2019.1756.3
Trust: 0.6
db:AUSCERTid:ESB-2019.1756.4
Trust: 0.6
db:VULHUBid:VHN-149532
Trust: 0.1
sources:
            
            
            VULHUB: VHN-149532 // 
            
            
            
            BID: 108397 // 
            
            
            
            JVNDB: JVNDB-2019-004600 // 
            
            
            
            CNNVD: CNNVD-201905-644 // 
            
            
            
            NVD: CVE-2019-1730

REFERENCES
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-bash-bypass
Trust: 2.6
url:http://www.securityfocus.com/bid/108397
Trust: 2.3
url:https://nvd.nist.gov/vuln/detail/cve-2019-1730
Trust: 1.4
url:http://www.cisco.com/
Trust: 0.9
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1730
Trust: 0.8
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-ssh-info
Trust: 0.6
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-rpm-injec
Trust: 0.6
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-pyth-escal
Trust: 0.6
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-psvb
Trust: 0.6
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-nxapi-xss
Trust: 0.6
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-linecardinj-1769
Trust: 0.6
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-cmdinj-1791
Trust: 0.6
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-cmdinj-1790
Trust: 0.6
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-cmd-inject-1784
Trust: 0.6
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-cmdinj-1783
Trust: 0.6
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-cmdinj-1778
Trust: 0.6
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-cmdinj-1776
Trust: 0.6
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-cmdinj-1770
Trust: 0.6
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-cmdinj-1735
Trust: 0.6
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-cmdinj-1774-1775
Trust: 0.6
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-cli-bypass
Trust: 0.6
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-overflow-inj
Trust: 0.6
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-file-write
Trust: 0.6
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-sisv2
Trust: 0.6
url:https://vigilance.fr/vulnerability/cisco-nx-os-privilege-escalation-via-a-restricted-bash-29329
Trust: 0.6
url:https://www.auscert.org.au/bulletins/esb-2019.1756.3/
Trust: 0.6
url:https://www.auscert.org.au/bulletins/81106
Trust: 0.6
sources:
            
            
            VULHUB: VHN-149532 // 
            
            
            
            BID: 108397 // 
            
            
            
            JVNDB: JVNDB-2019-004600 // 
            
            
            
            CNNVD: CNNVD-201905-644 // 
            
            
            
            NVD: CVE-2019-1730

CREDITS
The vendor reported this issue.
Trust: 0.3
sources:
            
            
            BID: 108397

SOURCES
db:VULHUBid:VHN-149532
db:BIDid:108397
db:JVNDBid:JVNDB-2019-004600
db:CNNVDid:CNNVD-201905-644
db:NVDid:CVE-2019-1730

LAST UPDATE DATE
2024-08-14T13:55:27.312000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-149532date:2020-10-09T00:00:00
db:BIDid:108397date:2019-05-15T00:00:00
db:JVNDBid:JVNDB-2019-004600date:2019-06-05T00:00:00
db:CNNVDid:CNNVD-201905-644date:2020-10-10T00:00:00
db:NVDid:CVE-2019-1730date:2020-10-09T17:12:52.817

SOURCES RELEASE DATE
db:VULHUBid:VHN-149532date:2019-05-15T00:00:00
db:BIDid:108397date:2019-05-15T00:00:00
db:JVNDBid:JVNDB-2019-004600date:2019-06-05T00:00:00
db:CNNVDid:CNNVD-201905-644date:2019-05-15T00:00:00
db:NVDid:CVE-2019-1730date:2019-05-15T17:29:01.717