CVE-2019-1585
Cisco Nexus 9000 Series Fabric Switches Application-Centric Infrastructure Mode Privilege Escalation Vulnerability
Severity Score
7.8
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
Track*
*SSVC
Descriptions
A vulnerability in the controller authorization functionality of Cisco Nexus 9000 Series ACI Mode Switch Software could allow an authenticated, local attacker to escalate standard users with root privilege on an affected device. The vulnerability is due to a misconfiguration of certain sudoers files for the bashroot component on an affected device. An attacker could exploit this vulnerability by authenticating to the affected device with a crafted user ID, which may allow temporary administrative access to escalate privileges. A successful exploit could allow the attacker to escalate privileges on an affected device. This Vulnerability has been fixed in version 4.0(1h)
Una vulnerabilidad en la funcionalidad de autorización de Cisco Nexus 9000 Series ACI Mode Switch Software puede permitir a un atacante local autenticado escalar usuarios estándares con privilegios root en un dispositivo afectado. La vulnerabilidad se debe a una mala configuración de determinados archivos sudoers para el componente bashroot en un dispositivo afectado. Un atacante podría explotar esta vulnerabilidad autenticándose en el dispositivo afectado con un ID de usuario manipulado, el cual podría permitir el acceso del administrador temporal para escalar privilegios. Un exploit exitoso podría permitir que el atacante escale sus privilegios en el dispositivo afectado. Esta vulnerabilidad se ha solucionado en la versión 4.0(1h).
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Track*
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2018-12-06 CVE Reserved
- 2019-03-06 CVE Published
- 2023-03-08 EPSS Updated
- 2024-11-20 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-16: Configuration
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/107312 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 8.3\(0\)sk\(0.39\) Search vendor "Cisco" for product "Nx-os" and version "8.3\(0\)sk\(0.39\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 92160yc-x Search vendor "Cisco" for product "Nexus 92160yc-x" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 8.3\(0\)sk\(0.39\) Search vendor "Cisco" for product "Nx-os" and version "8.3\(0\)sk\(0.39\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 92304qc Search vendor "Cisco" for product "Nexus 92304qc" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 8.3\(0\)sk\(0.39\) Search vendor "Cisco" for product "Nx-os" and version "8.3\(0\)sk\(0.39\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9236c Search vendor "Cisco" for product "Nexus 9236c" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 8.3\(0\)sk\(0.39\) Search vendor "Cisco" for product "Nx-os" and version "8.3\(0\)sk\(0.39\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9272q Search vendor "Cisco" for product "Nexus 9272q" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 8.3\(0\)sk\(0.39\) Search vendor "Cisco" for product "Nx-os" and version "8.3\(0\)sk\(0.39\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 93108tc-ex Search vendor "Cisco" for product "Nexus 93108tc-ex" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 8.3\(0\)sk\(0.39\) Search vendor "Cisco" for product "Nx-os" and version "8.3\(0\)sk\(0.39\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 93120tx Search vendor "Cisco" for product "Nexus 93120tx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 8.3\(0\)sk\(0.39\) Search vendor "Cisco" for product "Nx-os" and version "8.3\(0\)sk\(0.39\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 93128tx Search vendor "Cisco" for product "Nexus 93128tx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 8.3\(0\)sk\(0.39\) Search vendor "Cisco" for product "Nx-os" and version "8.3\(0\)sk\(0.39\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 93180yc-ex Search vendor "Cisco" for product "Nexus 93180yc-ex" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 8.3\(0\)sk\(0.39\) Search vendor "Cisco" for product "Nx-os" and version "8.3\(0\)sk\(0.39\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9332pq Search vendor "Cisco" for product "Nexus 9332pq" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 8.3\(0\)sk\(0.39\) Search vendor "Cisco" for product "Nx-os" and version "8.3\(0\)sk\(0.39\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9336pq Aci Spine Search vendor "Cisco" for product "Nexus 9336pq Aci Spine" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 8.3\(0\)sk\(0.39\) Search vendor "Cisco" for product "Nx-os" and version "8.3\(0\)sk\(0.39\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9372px Search vendor "Cisco" for product "Nexus 9372px" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 8.3\(0\)sk\(0.39\) Search vendor "Cisco" for product "Nx-os" and version "8.3\(0\)sk\(0.39\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9372tx Search vendor "Cisco" for product "Nexus 9372tx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 8.3\(0\)sk\(0.39\) Search vendor "Cisco" for product "Nx-os" and version "8.3\(0\)sk\(0.39\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9396px Search vendor "Cisco" for product "Nexus 9396px" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 8.3\(0\)sk\(0.39\) Search vendor "Cisco" for product "Nx-os" and version "8.3\(0\)sk\(0.39\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9396tx Search vendor "Cisco" for product "Nexus 9396tx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 8.3\(0\)sk\(0.39\) Search vendor "Cisco" for product "Nx-os" and version "8.3\(0\)sk\(0.39\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9500 Search vendor "Cisco" for product "Nexus 9500" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 8.3\(0\)sk\(0.39\) Search vendor "Cisco" for product "Nx-os" and version "8.3\(0\)sk\(0.39\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9504 Search vendor "Cisco" for product "Nexus 9504" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 8.3\(0\)sk\(0.39\) Search vendor "Cisco" for product "Nx-os" and version "8.3\(0\)sk\(0.39\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9508 Search vendor "Cisco" for product "Nexus 9508" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 8.3\(0\)sk\(0.39\) Search vendor "Cisco" for product "Nx-os" and version "8.3\(0\)sk\(0.39\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9516 Search vendor "Cisco" for product "Nexus 9516" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Application Policy Infrastructure Controller Software Search vendor "Cisco" for product "Application Policy Infrastructure Controller Software" | <= 4.0\(1h\) Search vendor "Cisco" for product "Application Policy Infrastructure Controller Software" and version " <= 4.0\(1h\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 92160yc-x Search vendor "Cisco" for product "Nexus 92160yc-x" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Application Policy Infrastructure Controller Software Search vendor "Cisco" for product "Application Policy Infrastructure Controller Software" | <= 4.0\(1h\) Search vendor "Cisco" for product "Application Policy Infrastructure Controller Software" and version " <= 4.0\(1h\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 92304qc Search vendor "Cisco" for product "Nexus 92304qc" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Application Policy Infrastructure Controller Software Search vendor "Cisco" for product "Application Policy Infrastructure Controller Software" | <= 4.0\(1h\) Search vendor "Cisco" for product "Application Policy Infrastructure Controller Software" and version " <= 4.0\(1h\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9236c Search vendor "Cisco" for product "Nexus 9236c" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Application Policy Infrastructure Controller Software Search vendor "Cisco" for product "Application Policy Infrastructure Controller Software" | <= 4.0\(1h\) Search vendor "Cisco" for product "Application Policy Infrastructure Controller Software" and version " <= 4.0\(1h\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9272q Search vendor "Cisco" for product "Nexus 9272q" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Application Policy Infrastructure Controller Software Search vendor "Cisco" for product "Application Policy Infrastructure Controller Software" | <= 4.0\(1h\) Search vendor "Cisco" for product "Application Policy Infrastructure Controller Software" and version " <= 4.0\(1h\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 93108tc-ex Search vendor "Cisco" for product "Nexus 93108tc-ex" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Application Policy Infrastructure Controller Software Search vendor "Cisco" for product "Application Policy Infrastructure Controller Software" | <= 4.0\(1h\) Search vendor "Cisco" for product "Application Policy Infrastructure Controller Software" and version " <= 4.0\(1h\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 93120tx Search vendor "Cisco" for product "Nexus 93120tx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Application Policy Infrastructure Controller Software Search vendor "Cisco" for product "Application Policy Infrastructure Controller Software" | <= 4.0\(1h\) Search vendor "Cisco" for product "Application Policy Infrastructure Controller Software" and version " <= 4.0\(1h\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 93128tx Search vendor "Cisco" for product "Nexus 93128tx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Application Policy Infrastructure Controller Software Search vendor "Cisco" for product "Application Policy Infrastructure Controller Software" | <= 4.0\(1h\) Search vendor "Cisco" for product "Application Policy Infrastructure Controller Software" and version " <= 4.0\(1h\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 93180yc-ex Search vendor "Cisco" for product "Nexus 93180yc-ex" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Application Policy Infrastructure Controller Software Search vendor "Cisco" for product "Application Policy Infrastructure Controller Software" | <= 4.0\(1h\) Search vendor "Cisco" for product "Application Policy Infrastructure Controller Software" and version " <= 4.0\(1h\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9332pq Search vendor "Cisco" for product "Nexus 9332pq" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Application Policy Infrastructure Controller Software Search vendor "Cisco" for product "Application Policy Infrastructure Controller Software" | <= 4.0\(1h\) Search vendor "Cisco" for product "Application Policy Infrastructure Controller Software" and version " <= 4.0\(1h\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9336pq Aci Spine Search vendor "Cisco" for product "Nexus 9336pq Aci Spine" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Application Policy Infrastructure Controller Software Search vendor "Cisco" for product "Application Policy Infrastructure Controller Software" | <= 4.0\(1h\) Search vendor "Cisco" for product "Application Policy Infrastructure Controller Software" and version " <= 4.0\(1h\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9372px Search vendor "Cisco" for product "Nexus 9372px" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Application Policy Infrastructure Controller Software Search vendor "Cisco" for product "Application Policy Infrastructure Controller Software" | <= 4.0\(1h\) Search vendor "Cisco" for product "Application Policy Infrastructure Controller Software" and version " <= 4.0\(1h\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9372tx Search vendor "Cisco" for product "Nexus 9372tx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Application Policy Infrastructure Controller Software Search vendor "Cisco" for product "Application Policy Infrastructure Controller Software" | <= 4.0\(1h\) Search vendor "Cisco" for product "Application Policy Infrastructure Controller Software" and version " <= 4.0\(1h\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9396px Search vendor "Cisco" for product "Nexus 9396px" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Application Policy Infrastructure Controller Software Search vendor "Cisco" for product "Application Policy Infrastructure Controller Software" | <= 4.0\(1h\) Search vendor "Cisco" for product "Application Policy Infrastructure Controller Software" and version " <= 4.0\(1h\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9396tx Search vendor "Cisco" for product "Nexus 9396tx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Application Policy Infrastructure Controller Software Search vendor "Cisco" for product "Application Policy Infrastructure Controller Software" | <= 4.0\(1h\) Search vendor "Cisco" for product "Application Policy Infrastructure Controller Software" and version " <= 4.0\(1h\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9500 Search vendor "Cisco" for product "Nexus 9500" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Application Policy Infrastructure Controller Software Search vendor "Cisco" for product "Application Policy Infrastructure Controller Software" | <= 4.0\(1h\) Search vendor "Cisco" for product "Application Policy Infrastructure Controller Software" and version " <= 4.0\(1h\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9504 Search vendor "Cisco" for product "Nexus 9504" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Application Policy Infrastructure Controller Software Search vendor "Cisco" for product "Application Policy Infrastructure Controller Software" | <= 4.0\(1h\) Search vendor "Cisco" for product "Application Policy Infrastructure Controller Software" and version " <= 4.0\(1h\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9508 Search vendor "Cisco" for product "Nexus 9508" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Application Policy Infrastructure Controller Software Search vendor "Cisco" for product "Application Policy Infrastructure Controller Software" | <= 4.0\(1h\) Search vendor "Cisco" for product "Application Policy Infrastructure Controller Software" and version " <= 4.0\(1h\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9516 Search vendor "Cisco" for product "Nexus 9516" | - | - |
Safe
|