Sign-up

ID

VAR-201905-0590


CVE

CVE-2019-1836


TITLE

Cisco Nexus 9000 Series Fabric Switch Path traversal vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-003881

DESCRIPTION

A vulnerability in the system shell for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, local attacker to use symbolic links to overwrite system files. These system files may be sensitive and should not be overwritable by non-root users. The attacker would need valid device credentials. The vulnerability is due to incorrect symbolic link verification of directory paths when they are used in the system shell. An attacker could exploit this vulnerability by authenticating to the device and providing crafted user input to specific symbolic link CLI commands. Successful exploitation could allow the attacker to overwrite system files that should be restricted. This vulnerability has been fixed in software version 14.1(1i). Cisco Nexus 9000 Series Fabric Switch Contains a path traversal vulnerability.Information may be tampered with. This may aid in further attacks. This issue is tracked by Cisco Bug ID CSCvo80695. The vulnerability stems from a network system or product that fails to properly filter resources or special elements in file paths. An attacker could exploit this vulnerability to access locations outside of restricted directories

Trust: 1.98

sources: NVD: CVE-2019-1836 // JVNDB: JVNDB-2019-003881 // BID: 108150 // VULHUB: VHN-150698

AFFECTED PRODUCTS

vendor:ciscomodel:nx-osscope:eqversion:14.0\(3d\)

Trust: 1.0

vendor:ciscomodel:nx-osscope: - version: -

Trust: 0.8

vendor:ciscomodel:nx-os softwarescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:nexus series switches 14.0scope:eqversion:9000

Trust: 0.3

vendor:ciscomodel:nexus series fabric switches aci modescope:eqversion:9000-0

Trust: 0.3

sources: BID: 108150 // JVNDB: JVNDB-2019-003881 // NVD: CVE-2019-1836

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-1836
value: HIGH

Trust: 1.0

ykramarz@cisco.com: CVE-2019-1836
value: MEDIUM

Trust: 1.0

NVD: CVE-2019-1836
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201905-035
value: HIGH

Trust: 0.6

VULHUB: VHN-150698
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2019-1836
severity: MEDIUM
baseScore: 6.6
vectorString: AV:L/AC:L/AU:N/C:N/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 9.2
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-150698
severity: MEDIUM
baseScore: 6.6
vectorString: AV:L/AC:L/AU:N/C:N/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 9.2
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

ykramarz@cisco.com: CVE-2019-1836
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 1.8
impactScore: 3.6
version: 3.0

Trust: 1.8

nvd@nist.gov: CVE-2019-1836
baseSeverity: HIGH
baseScore: 7.1
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.2
version: 3.1

Trust: 1.0

sources: VULHUB: VHN-150698 // JVNDB: JVNDB-2019-003881 // CNNVD: CNNVD-201905-035 // NVD: CVE-2019-1836 // NVD: CVE-2019-1836

PROBLEMTYPE DATA

problemtype:CWE-22

Trust: 1.9

problemtype:CWE-59

Trust: 1.1

sources: VULHUB: VHN-150698 // JVNDB: JVNDB-2019-003881 // NVD: CVE-2019-1836

THREAT TYPE

local

Trust: 0.9

sources: BID: 108150 // CNNVD: CNNVD-201905-035

TYPE

post link

Trust: 0.6

sources: CNNVD: CNNVD-201905-035

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2019-003881

PATCH
title:cisco-sa-20190501-fabric-traversalurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-fabric-traversal
Trust: 0.8
title:Cisco Nexus 9000 Series Fabric Switches Repair measures for path traversal vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92185
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2019-003881 // 
            
            
            
            CNNVD: CNNVD-201905-035

EXTERNAL IDS
db:NVDid:CVE-2019-1836
Trust: 2.8
db:BIDid:108150
Trust: 2.0
db:JVNDBid:JVNDB-2019-003881
Trust: 0.8
db:CNNVDid:CNNVD-201905-035
Trust: 0.7
db:AUSCERTid:ESB-2019.1508.4
Trust: 0.6
db:VULHUBid:VHN-150698
Trust: 0.1
sources:
            
            
            VULHUB: VHN-150698 // 
            
            
            
            BID: 108150 // 
            
            
            
            JVNDB: JVNDB-2019-003881 // 
            
            
            
            CNNVD: CNNVD-201905-035 // 
            
            
            
            NVD: CVE-2019-1836

REFERENCES
url:http://www.securityfocus.com/bid/108150
Trust: 2.3
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190501-fabric-traversal
Trust: 2.0
url:https://nvd.nist.gov/vuln/detail/cve-2019-1836
Trust: 1.4
url:http://www.cisco.com/
Trust: 0.9
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1836
Trust: 0.8
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190501-nexus9k-rpe
Trust: 0.6
url:https://vigilance.fr/vulnerability/cisco-nexus-9000-aci-privilege-escalation-via-symbolic-link-path-traversal-29185
Trust: 0.6
url:https://www.auscert.org.au/bulletins/80070
Trust: 0.6
sources:
            
            
            VULHUB: VHN-150698 // 
            
            
            
            BID: 108150 // 
            
            
            
            JVNDB: JVNDB-2019-003881 // 
            
            
            
            CNNVD: CNNVD-201905-035 // 
            
            
            
            NVD: CVE-2019-1836

CREDITS
in cooperation with ERNW Research GmbH,Oliver Matula of ERNW Enno Rey Netzwerke GmbH, .
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201905-035

SOURCES
db:VULHUBid:VHN-150698
db:BIDid:108150
db:JVNDBid:JVNDB-2019-003881
db:CNNVDid:CNNVD-201905-035
db:NVDid:CVE-2019-1836

LAST UPDATE DATE
2024-11-23T19:42:33.400000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-150698date:2020-10-13T00:00:00
db:BIDid:108150date:2019-05-01T00:00:00
db:JVNDBid:JVNDB-2019-003881date:2019-05-23T00:00:00
db:CNNVDid:CNNVD-201905-035date:2021-08-16T00:00:00
db:NVDid:CVE-2019-1836date:2024-11-21T04:37:30.010

SOURCES RELEASE DATE
db:VULHUBid:VHN-150698date:2019-05-03T00:00:00
db:BIDid:108150date:2019-05-01T00:00:00
db:JVNDBid:JVNDB-2019-003881date:2019-05-23T00:00:00
db:CNNVDid:CNNVD-201905-035date:2019-05-01T00:00:00
db:NVDid:CVE-2019-1836date:2019-05-03T17:29:01.047