Details of VAR-201905-0250

ID

VAR-201905-0250

CVE

CVE-2019-1731

TITLE

Cisco NX-OS Information disclosure vulnerabilities in software

Trust: 0.8

sources: JVNDB: JVNDB-2019-004526

DESCRIPTION

A vulnerability in the SSH CLI key management functionality of Cisco NX-OS Software could allow an authenticated, local attacker to expose a user's private SSH key to all authenticated users on the targeted device. The attacker must authenticate with valid administrator device credentials. The vulnerability is due to incomplete error handling if a specific error type occurs during the SSH key export. An attacker could exploit this vulnerability by authenticating to the device and entering a crafted command at the CLI. A successful exploit could allow the attacker to expose a user's private SSH key. In addition, a similar type of error in the SSH key import could cause the passphrase-protected private SSH key to be imported unintentionally. Cisco NX-OS The software contains an information disclosure vulnerability.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. Cisco NX-OS Software is prone to local information-disclosure vulnerability. An attacker can exploit this issue to obtain sensitive information that may aid in further attacks. This issue is being tracked by Cisco bug IDs CSCvh76123, CSCvh76123, CSCvj01385, CSCvj01386, CSCvj01393

Trust: 1.98

sources: NVD: CVE-2019-1731 // JVNDB: JVNDB-2019-004526 // BID: 108353 // VULHUB: VHN-149543

AFFECTED PRODUCTS

vendor:	cisco	model:	nx-os	scope:	lt	version:	6.0\(2\)a8\(10\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	lt	version:	7.3\(4\)n1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	gte	version:	7.0\(3\)i7	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	gte	version:	7.0\(3\)i4	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	gte	version:	7.0\(3\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	lt	version:	7.0\(3\)i7\(4\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	lt	version:	7.0\(3\)f3\(5\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	lt	version:	7.0\(3\)i4\(9\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.3	Trust: 0.3
vendor:	cisco	model:	nx-os 7.0 i7	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	nx-os 7.0 i4	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.0(3)	Trust: 0.3
vendor:	cisco	model:	nx-os 6.0 a8	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	nexus r-series switching platform	scope:	eq	version:	95000	Trust: 0.3
vendor:	cisco	model:	nexus series switches in standalone nx-os mode	scope:	eq	version:	90000	Trust: 0.3
vendor:	cisco	model:	nexus series switches	scope:	eq	version:	60000	Trust: 0.3
vendor:	cisco	model:	nexus platform switches	scope:	eq	version:	56000	Trust: 0.3
vendor:	cisco	model:	nexus platform switches	scope:	eq	version:	55000	Trust: 0.3
vendor:	cisco	model:	nexus platform switches	scope:	eq	version:	36000	Trust: 0.3
vendor:	cisco	model:	nexus platform switches	scope:	eq	version:	35000	Trust: 0.3
vendor:	cisco	model:	nexus series switches	scope:	eq	version:	30000	Trust: 0.3
vendor:	cisco	model:	nx-os 7.3 n1	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	nx-os 7.0 i7	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	nx-os 7.0 i4	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	nx-os 7.0 f3	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	nx-os 6.0 a8	scope:	ne	version:	-	Trust: 0.3

sources: BID: 108353 // JVNDB: JVNDB-2019-004526 // NVD: CVE-2019-1731

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-1731
value:	MEDIUM
Trust: 1.0
ykramarz@cisco.com:	CVE-2019-1731
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2019-1731
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201905-645
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-149543
value:	LOW
Trust: 0.1

nvd@nist.gov:	CVE-2019-1731
severity:	LOW
baseScore:	2.1
vectorString:	AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-149543
severity:	LOW
baseScore:	2.1
vectorString:	AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2019-1731
baseSeverity:	MEDIUM
baseScore:	4.4
vectorString:	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	0.8
impactScore:	3.6
version:	3.1
Trust: 1.0
ykramarz@cisco.com:	CVE-2019-1731
baseSeverity:	MEDIUM
baseScore:	5.1
vectorString:	CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	0.8
impactScore:	4.2
version:	3.0
Trust: 1.0
NVD:	CVE-2019-1731
baseSeverity:	MEDIUM
baseScore:	6.7
vectorString:	CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-149543 // JVNDB: JVNDB-2019-004526 // CNNVD: CNNVD-201905-645 // NVD: CVE-2019-1731 // NVD: CVE-2019-1731

PROBLEMTYPE DATA

problemtype:	CWE-200	Trust: 1.9
problemtype:	CWE-755	Trust: 1.1

sources: VULHUB: VHN-149543 // JVNDB: JVNDB-2019-004526 // NVD: CVE-2019-1731

THREAT TYPE

local

Trust: 0.9

sources: BID: 108353 // CNNVD: CNNVD-201905-645

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201905-645

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-004526

PATCH

title:	cisco-sa-20190515-nxos-ssh-info	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-ssh-info	Trust: 0.8
title:	Cisco NX-OS Software Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92771	Trust: 0.6

sources: JVNDB: JVNDB-2019-004526 // CNNVD: CNNVD-201905-645

EXTERNAL IDS

db:	NVD	id:	CVE-2019-1731	Trust: 2.8
db:	BID	id:	108353	Trust: 2.0
db:	JVNDB	id:	JVNDB-2019-004526	Trust: 0.8
db:	CNNVD	id:	CNNVD-201905-645	Trust: 0.7
db:	AUSCERT	id:	ESB-2019.1756.4	Trust: 0.6
db:	AUSCERT	id:	ESB-2019.1756.3	Trust: 0.6
db:	VULHUB	id:	VHN-149543	Trust: 0.1

sources: VULHUB: VHN-149543 // BID: 108353 // JVNDB: JVNDB-2019-004526 // CNNVD: CNNVD-201905-645 // NVD: CVE-2019-1731

REFERENCES

url:	http://www.securityfocus.com/bid/108353	Trust: 2.3
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-ssh-info	Trust: 2.0
url:	https://nvd.nist.gov/vuln/detail/cve-2019-1731	Trust: 1.4
url:	http://www.cisco.com/	Trust: 0.9
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1731	Trust: 0.8
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-rpm-injec	Trust: 0.6
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-pyth-escal	Trust: 0.6
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-psvb	Trust: 0.6
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-nxapi-xss	Trust: 0.6
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-linecardinj-1769	Trust: 0.6
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-cmdinj-1791	Trust: 0.6
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-cmdinj-1790	Trust: 0.6
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-cmd-inject-1784	Trust: 0.6
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-cmdinj-1783	Trust: 0.6
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-cmdinj-1778	Trust: 0.6
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-cmdinj-1776	Trust: 0.6
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-cmdinj-1770	Trust: 0.6
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-cmdinj-1735	Trust: 0.6
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-cmdinj-1774-1775	Trust: 0.6
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-cli-bypass	Trust: 0.6
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-overflow-inj	Trust: 0.6
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-bash-bypass	Trust: 0.6
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-file-write	Trust: 0.6
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-nxos-sisv2	Trust: 0.6
url:	https://vigilance.fr/vulnerability/cisco-nx-os-ssh-private-key-disclosure-29330	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2019.1756.3/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/81106	Trust: 0.6

sources: VULHUB: VHN-149543 // BID: 108353 // JVNDB: JVNDB-2019-004526 // CNNVD: CNNVD-201905-645 // NVD: CVE-2019-1731

CREDITS

Cisco

Trust: 0.9

sources: BID: 108353 // CNNVD: CNNVD-201905-645

SOURCES

db:	VULHUB	id:	VHN-149543
db:	BID	id:	108353
db:	JVNDB	id:	JVNDB-2019-004526
db:	CNNVD	id:	CNNVD-201905-645
db:	NVD	id:	CVE-2019-1731

LAST UPDATE DATE

2024-08-14T13:55:27.152000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-149543	date:	2020-10-09T00:00:00
db:	BID	id:	108353	date:	2019-05-15T00:00:00
db:	JVNDB	id:	JVNDB-2019-004526	date:	2019-06-04T00:00:00
db:	CNNVD	id:	CNNVD-201905-645	date:	2020-10-10T00:00:00
db:	NVD	id:	CVE-2019-1731	date:	2020-10-09T17:14:10.087

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-149543	date:	2019-05-15T00:00:00
db:	BID	id:	108353	date:	2019-05-15T00:00:00
db:	JVNDB	id:	JVNDB-2019-004526	date:	2019-06-04T00:00:00
db:	CNNVD	id:	CNNVD-201905-645	date:	2019-05-15T00:00:00
db:	NVD	id:	CVE-2019-1731	date:	2019-05-15T17:29:01.780