ID

VAR-201908-0840


CVE

CVE-2019-1969


TITLE

Cisco NX-OS Vulnerability related to authorization, authority, and access control in software

Trust: 0.8

sources: JVNDB: JVNDB-2019-008864

DESCRIPTION

A vulnerability in the implementation of the Simple Network Management Protocol (SNMP) Access Control List (ACL) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to perform SNMP polling of an affected device, even if it is configured to deny SNMP traffic. The vulnerability is due to an incorrect length check when the configured ACL name is the maximum length, which is 32 ASCII characters. An attacker could exploit this vulnerability by performing SNMP polling of an affected device. A successful exploit could allow the attacker to perform SNMP polling that should have been denied. The attacker has no control of the configuration of the SNMP ACL name. Cisco NX-OS The software contains vulnerabilities related to authorization, permissions, and access control.Information may be tampered with. Cisco NX-OS Software is a data center-level operating system software used by a set of switches of Cisco. The following products and versions are affected: Cisco Nexus 3000 Series Switches; Nexus 3500 Platform Switches; Nexus 3600 Platform Switches; Nexus 9000 Series Switches (standalone NX-OS mode); Nexus 9500 R-Series Switching Platform

Trust: 1.8

sources: NVD: CVE-2019-1969 // JVNDB: JVNDB-2019-008864 // VULHUB: VHN-152161 // VULMON: CVE-2019-1969

AFFECTED PRODUCTS

vendor:ciscomodel:nx-osscope:eqversion:9.2\(2\)

Trust: 1.0

vendor:ciscomodel:nx-osscope:eqversion:9.2

Trust: 1.0

vendor:ciscomodel:nx-osscope:eqversion:7.0\(3\)f

Trust: 1.0

vendor:ciscomodel:nx-osscope:eqversion:7.0\(3\)i7\(3\)

Trust: 1.0

vendor:ciscomodel:nx-osscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2019-008864 // NVD: CVE-2019-1969

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-1969
value: MEDIUM

Trust: 1.0

ykramarz@cisco.com: CVE-2019-1969
value: MEDIUM

Trust: 1.0

NVD: CVE-2019-1969
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201908-2143
value: MEDIUM

Trust: 0.6

VULHUB: VHN-152161
value: MEDIUM

Trust: 0.1

VULMON: CVE-2019-1969
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2019-1969
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-152161
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-1969
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.1

Trust: 1.0

ykramarz@cisco.com: CVE-2019-1969
baseSeverity: MEDIUM
baseScore: 5.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.0

Trust: 1.0

NVD: CVE-2019-1969
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-152161 // VULMON: CVE-2019-1969 // JVNDB: JVNDB-2019-008864 // CNNVD: CNNVD-201908-2143 // NVD: CVE-2019-1969 // NVD: CVE-2019-1969

PROBLEMTYPE DATA

problemtype:CWE-264

Trust: 1.9

problemtype:CWE-20

Trust: 1.1

sources: VULHUB: VHN-152161 // JVNDB: JVNDB-2019-008864 // NVD: CVE-2019-1969

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201908-2143

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201908-2143

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-008864

PATCH

title:cisco-sa-20190828-nxos-snmp-bypassurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-snmp-bypass

Trust: 0.8

title:Cisco NX-OS Software Fixes for permissions and access control issues vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=97631

Trust: 0.6

title:Cisco: Cisco NX-OS Software SNMP Access Control List Configuration Name Bypass Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20190828-nxos-snmp-bypass

Trust: 0.1

sources: VULMON: CVE-2019-1969 // JVNDB: JVNDB-2019-008864 // CNNVD: CNNVD-201908-2143

EXTERNAL IDS

db:NVDid:CVE-2019-1969

Trust: 2.6

db:JVNDBid:JVNDB-2019-008864

Trust: 0.8

db:CNNVDid:CNNVD-201908-2143

Trust: 0.7

db:AUSCERTid:ESB-2019.3276.2

Trust: 0.6

db:AUSCERTid:ESB-2019.3276

Trust: 0.6

db:VULHUBid:VHN-152161

Trust: 0.1

db:VULMONid:CVE-2019-1969

Trust: 0.1

sources: VULHUB: VHN-152161 // VULMON: CVE-2019-1969 // JVNDB: JVNDB-2019-008864 // CNNVD: CNNVD-201908-2143 // NVD: CVE-2019-1969

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190828-nxos-snmp-bypass

Trust: 1.9

url:https://nvd.nist.gov/vuln/detail/cve-2019-1969

Trust: 1.4

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1969

Trust: 0.8

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190828-nxos-memleak-dos

Trust: 0.6

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190828-nxos-ntp-dos

Trust: 0.6

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190828-nxos-api-dos

Trust: 0.6

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190828-nxos-ipv6-dos

Trust: 0.6

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190828-nxos-fsip-dos

Trust: 0.6

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190828-fxnxos-snmp-dos

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2019.3276.2/

Trust: 0.6

url:https://vigilance.fr/vulnerability/cisco-nx-os-information-disclosure-via-snmp-acl-bypass-30192

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2019.3276/

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/20.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: VULHUB: VHN-152161 // VULMON: CVE-2019-1969 // JVNDB: JVNDB-2019-008864 // CNNVD: CNNVD-201908-2143 // NVD: CVE-2019-1969

SOURCES

db:VULHUBid:VHN-152161
db:VULMONid:CVE-2019-1969
db:JVNDBid:JVNDB-2019-008864
db:CNNVDid:CNNVD-201908-2143
db:NVDid:CVE-2019-1969

LAST UPDATE DATE

2024-08-14T13:44:47.709000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-152161date:2020-10-16T00:00:00
db:VULMONid:CVE-2019-1969date:2020-10-16T00:00:00
db:JVNDBid:JVNDB-2019-008864date:2019-09-06T00:00:00
db:CNNVDid:CNNVD-201908-2143date:2020-10-21T00:00:00
db:NVDid:CVE-2019-1969date:2020-10-16T14:11:35.303

SOURCES RELEASE DATE

db:VULHUBid:VHN-152161date:2019-08-30T00:00:00
db:VULMONid:CVE-2019-1969date:2019-08-30T00:00:00
db:JVNDBid:JVNDB-2019-008864date:2019-09-06T00:00:00
db:CNNVDid:CNNVD-201908-2143date:2019-08-28T00:00:00
db:NVDid:CVE-2019-1969date:2019-08-30T09:15:20.443