Details of VAR-201905-0526

ID

VAR-201905-0526

CVE

CVE-2019-1803

TITLE

Cisco Nexus 9000 Series Application Centric Infrastructure Mode Switch Vulnerability related to authorization, authority, and access control in software

Trust: 0.8

sources: JVNDB: JVNDB-2019-004453

DESCRIPTION

A vulnerability in the filesystem management for the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an authenticated, local attacker with administrator rights to gain elevated privileges as the root user on an affected device. The vulnerability is due to overly permissive file permissions of specific system files. An attacker could exploit this vulnerability by authenticating to an affected device, creating a crafted command string, and writing this crafted string to a specific file location. A successful exploit could allow the attacker to execute arbitrary operating system commands as root on an affected device. The attacker would need to have valid administrator credentials for the device. Cisco Nexus 9000 Series Fabric Switches are prone to an local privilege-escalation vulnerability. This issue is being tracked by Cisco Bug ID CSCvo72253. The vulnerability stems from the lack of effective permissions and access control measures in network systems or products

Trust: 1.98

sources: NVD: CVE-2019-1803 // JVNDB: JVNDB-2019-004453 // BID: 108136 // VULHUB: VHN-150335

AFFECTED PRODUCTS

vendor:	cisco	model:	nexus series switches 7.0 i7	scope:	eq	version:	9000	Trust: 1.5
vendor:	cisco	model:	nexus series switches 13.2	scope:	eq	version:	9000	Trust: 1.5
vendor:	cisco	model:	nexus 9000 series application centric infrastructure	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	nexus 9000 series aci mode switch software	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus series switches 7.0 i6	scope:	eq	version:	9000	Trust: 0.6
vendor:	cisco	model:	nexus series switches 7.0 i4	scope:	eq	version:	9000	Trust: 0.6
vendor:	cisco	model:	nexus series switches 4.2	scope:	eq	version:	9000	Trust: 0.6
vendor:	cisco	model:	nexus series switches 6.2 ia	scope:	eq	version:	9000	Trust: 0.3
vendor:	cisco	model:	nexus series switches 4.1	scope:	eq	version:	9000	Trust: 0.3
vendor:	cisco	model:	nexus series switches 14.0	scope:	eq	version:	9000	Trust: 0.3
vendor:	cisco	model:	nexus series switches	scope:	eq	version:	900014.0(0.89)	Trust: 0.3
vendor:	cisco	model:	nexus series switches	scope:	eq	version:	900014.0(0.88)	Trust: 0.3
vendor:	cisco	model:	nexus series switches	scope:	eq	version:	900014.0(0.58)	Trust: 0.3
vendor:	cisco	model:	nexus series switches	scope:	eq	version:	900013.2(2.149)	Trust: 0.3
vendor:	cisco	model:	nexus series switches	scope:	eq	version:	900013.2(1.143)	Trust: 0.3
vendor:	cisco	model:	nexus series switches	scope:	eq	version:	900013.2(0.3)	Trust: 0.3
vendor:	cisco	model:	nexus series switches 12.3	scope:	eq	version:	9000	Trust: 0.3
vendor:	cisco	model:	nexus series switches 14.1	scope:	ne	version:	9000	Trust: 0.3

sources: BID: 108136 // JVNDB: JVNDB-2019-004453 // NVD: CVE-2019-1803

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-1803
value:	MEDIUM
Trust: 1.0
ykramarz@cisco.com:	CVE-2019-1803
value:	HIGH
Trust: 1.0
NVD:	CVE-2019-1803
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201905-014
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-150335
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2019-1803
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-150335
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2019-1803
baseSeverity:	MEDIUM
baseScore:	6.7
vectorString:	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	0.8
impactScore:	5.9
version:	3.1
Trust: 1.0
ykramarz@cisco.com:	CVE-2019-1803
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.0
Trust: 1.0
NVD:	CVE-2019-1803
baseSeverity:	MEDIUM
baseScore:	6.7
vectorString:	CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-150335 // JVNDB: JVNDB-2019-004453 // CNNVD: CNNVD-201905-014 // NVD: CVE-2019-1803 // NVD: CVE-2019-1803

PROBLEMTYPE DATA

problemtype:	CWE-264	Trust: 1.9
problemtype:	CWE-732	Trust: 1.1

sources: VULHUB: VHN-150335 // JVNDB: JVNDB-2019-004453 // NVD: CVE-2019-1803

THREAT TYPE

local

Trust: 0.9

sources: BID: 108136 // CNNVD: CNNVD-201905-014

TYPE

permissions and access control issues

Trust: 0.6

sources: CNNVD: CNNVD-201905-014

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-004453

PATCH

title:	cisco-sa-20190501-nexus9k-rpe	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-nexus9k-rpe	Trust: 0.8
title:	Cisco Nexus 9000 Series Application Centric Infrastructure Mode Switch Software Fixes for permissions and access control issues vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92165	Trust: 0.6

sources: JVNDB: JVNDB-2019-004453 // CNNVD: CNNVD-201905-014

EXTERNAL IDS

db:	NVD	id:	CVE-2019-1803	Trust: 2.8
db:	BID	id:	108136	Trust: 1.0
db:	JVNDB	id:	JVNDB-2019-004453	Trust: 0.8
db:	CNNVD	id:	CNNVD-201905-014	Trust: 0.7
db:	AUSCERT	id:	ESB-2019.1508.4	Trust: 0.6
db:	VULHUB	id:	VHN-150335	Trust: 0.1

sources: VULHUB: VHN-150335 // BID: 108136 // JVNDB: JVNDB-2019-004453 // CNNVD: CNNVD-201905-014 // NVD: CVE-2019-1803

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190501-nexus9k-rpe	Trust: 2.0
url:	https://nvd.nist.gov/vuln/detail/cve-2019-1803	Trust: 1.4
url:	http://www.cisco.com/	Trust: 0.9
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1803	Trust: 0.8
url:	https://vigilance.fr/vulnerability/cisco-nexus-9000-aci-privilege-escalation-via-permissive-file-permissions-29184	Trust: 0.6
url:	https://www.securityfocus.com/bid/108136	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/80070	Trust: 0.6

sources: VULHUB: VHN-150335 // BID: 108136 // JVNDB: JVNDB-2019-004453 // CNNVD: CNNVD-201905-014 // NVD: CVE-2019-1803

CREDITS

Oliver Matula from ERNW Enno Rey Netzwerke GmbH in cooperation with ERNW Research GmbH.

Trust: 0.9

sources: BID: 108136 // CNNVD: CNNVD-201905-014

SOURCES

db:	VULHUB	id:	VHN-150335
db:	BID	id:	108136
db:	JVNDB	id:	JVNDB-2019-004453
db:	CNNVD	id:	CNNVD-201905-014
db:	NVD	id:	CVE-2019-1803

LAST UPDATE DATE

2024-11-23T19:33:15.059000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-150335	date:	2020-10-13T00:00:00
db:	BID	id:	108136	date:	2019-05-01T00:00:00
db:	JVNDB	id:	JVNDB-2019-004453	date:	2019-06-03T00:00:00
db:	CNNVD	id:	CNNVD-201905-014	date:	2020-10-21T00:00:00
db:	NVD	id:	CVE-2019-1803	date:	2024-11-21T04:37:24.733

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-150335	date:	2019-05-03T00:00:00
db:	BID	id:	108136	date:	2019-05-01T00:00:00
db:	JVNDB	id:	JVNDB-2019-004453	date:	2019-06-03T00:00:00
db:	CNNVD	id:	CNNVD-201905-014	date:	2019-05-01T00:00:00
db:	NVD	id:	CVE-2019-1803	date:	2019-05-03T17:29:00.737