CVE-2019-1589
Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Unmeasured Boot Vulnerability
Severity Score
4.6
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
Track
*SSVC
Descriptions
A vulnerability in the Trusted Platform Module (TPM) functionality of software for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, local attacker with physical access to view sensitive information on an affected device. The vulnerability is due to a lack of proper data-protection mechanisms for disk encryption keys that are used within the partitions on an affected device hard drive. An attacker could exploit this vulnerability by obtaining physical access to the affected device to view certain cleartext keys. A successful exploit could allow the attacker to execute a custom boot process or conduct further attacks on an affected device.
Una vulnerabilidad en la funcionalidad de Trusted Platform Module (TPM) del software para Nexus 9000 Series Fabric Switches de Cisco en modo Application Centric Infrastructure (ACI), podría permitir que un atacante local no autenticado con acceso físico pueda ver información confidencial en un dispositivo afectado. La vulnerabilidad se genera por la falta de mecanismos adecuados de protección de datos para las claves de cifrado de disco que se usan dentro de las particiones en el disco duro de un dispositivo afectado. Un atacante podría explotar esta vulnerabilidad al conseguir acceso físico al dispositivo afectado para visualizar ciertas claves de texto claro. Una explotación con éxito podría permitir al atacante ejecutar un proceso de arranque personalizado o realizar más ataques en un dispositivo afectado.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Track
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2018-12-06 CVE Reserved
- 2019-05-03 CVE Published
- 2024-09-23 EPSS Updated
- 2024-11-21 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
- CWE-311: Missing Encryption of Sensitive Data
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/108175 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 8.3\(0\)sk\(0.39\) Search vendor "Cisco" for product "Nx-os" and version "8.3\(0\)sk\(0.39\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9000 Search vendor "Cisco" for product "Nexus 9000" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 8.3\(0\)sk\(0.39\) Search vendor "Cisco" for product "Nx-os" and version "8.3\(0\)sk\(0.39\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 92160yc-x Search vendor "Cisco" for product "Nexus 92160yc-x" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 8.3\(0\)sk\(0.39\) Search vendor "Cisco" for product "Nx-os" and version "8.3\(0\)sk\(0.39\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 92300yc Search vendor "Cisco" for product "Nexus 92300yc" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 8.3\(0\)sk\(0.39\) Search vendor "Cisco" for product "Nx-os" and version "8.3\(0\)sk\(0.39\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 92304qc Search vendor "Cisco" for product "Nexus 92304qc" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 8.3\(0\)sk\(0.39\) Search vendor "Cisco" for product "Nx-os" and version "8.3\(0\)sk\(0.39\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9236c Search vendor "Cisco" for product "Nexus 9236c" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 8.3\(0\)sk\(0.39\) Search vendor "Cisco" for product "Nx-os" and version "8.3\(0\)sk\(0.39\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9272q Search vendor "Cisco" for product "Nexus 9272q" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 8.3\(0\)sk\(0.39\) Search vendor "Cisco" for product "Nx-os" and version "8.3\(0\)sk\(0.39\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 93108tc-ex Search vendor "Cisco" for product "Nexus 93108tc-ex" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 8.3\(0\)sk\(0.39\) Search vendor "Cisco" for product "Nx-os" and version "8.3\(0\)sk\(0.39\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 93108tc-fx Search vendor "Cisco" for product "Nexus 93108tc-fx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 8.3\(0\)sk\(0.39\) Search vendor "Cisco" for product "Nx-os" and version "8.3\(0\)sk\(0.39\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 93120tx Search vendor "Cisco" for product "Nexus 93120tx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 8.3\(0\)sk\(0.39\) Search vendor "Cisco" for product "Nx-os" and version "8.3\(0\)sk\(0.39\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 93128tx Search vendor "Cisco" for product "Nexus 93128tx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 8.3\(0\)sk\(0.39\) Search vendor "Cisco" for product "Nx-os" and version "8.3\(0\)sk\(0.39\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 93180lc-ex Search vendor "Cisco" for product "Nexus 93180lc-ex" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 8.3\(0\)sk\(0.39\) Search vendor "Cisco" for product "Nx-os" and version "8.3\(0\)sk\(0.39\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 93180yc-ex Search vendor "Cisco" for product "Nexus 93180yc-ex" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 8.3\(0\)sk\(0.39\) Search vendor "Cisco" for product "Nx-os" and version "8.3\(0\)sk\(0.39\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 93180yc-fx Search vendor "Cisco" for product "Nexus 93180yc-fx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 8.3\(0\)sk\(0.39\) Search vendor "Cisco" for product "Nx-os" and version "8.3\(0\)sk\(0.39\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 93240yc-fx2 Search vendor "Cisco" for product "Nexus 93240yc-fx2" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 8.3\(0\)sk\(0.39\) Search vendor "Cisco" for product "Nx-os" and version "8.3\(0\)sk\(0.39\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9332c Search vendor "Cisco" for product "Nexus 9332c" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 8.3\(0\)sk\(0.39\) Search vendor "Cisco" for product "Nx-os" and version "8.3\(0\)sk\(0.39\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9332pq Search vendor "Cisco" for product "Nexus 9332pq" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 8.3\(0\)sk\(0.39\) Search vendor "Cisco" for product "Nx-os" and version "8.3\(0\)sk\(0.39\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9336c-fx2 Search vendor "Cisco" for product "Nexus 9336c-fx2" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 8.3\(0\)sk\(0.39\) Search vendor "Cisco" for product "Nx-os" and version "8.3\(0\)sk\(0.39\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9336pq Search vendor "Cisco" for product "Nexus 9336pq" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 8.3\(0\)sk\(0.39\) Search vendor "Cisco" for product "Nx-os" and version "8.3\(0\)sk\(0.39\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9348gc-fxp Search vendor "Cisco" for product "Nexus 9348gc-fxp" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 8.3\(0\)sk\(0.39\) Search vendor "Cisco" for product "Nx-os" and version "8.3\(0\)sk\(0.39\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9364c Search vendor "Cisco" for product "Nexus 9364c" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 8.3\(0\)sk\(0.39\) Search vendor "Cisco" for product "Nx-os" and version "8.3\(0\)sk\(0.39\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9372px Search vendor "Cisco" for product "Nexus 9372px" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 8.3\(0\)sk\(0.39\) Search vendor "Cisco" for product "Nx-os" and version "8.3\(0\)sk\(0.39\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9372px-e Search vendor "Cisco" for product "Nexus 9372px-e" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 8.3\(0\)sk\(0.39\) Search vendor "Cisco" for product "Nx-os" and version "8.3\(0\)sk\(0.39\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9372tx Search vendor "Cisco" for product "Nexus 9372tx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 8.3\(0\)sk\(0.39\) Search vendor "Cisco" for product "Nx-os" and version "8.3\(0\)sk\(0.39\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9372tx-e Search vendor "Cisco" for product "Nexus 9372tx-e" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 8.3\(0\)sk\(0.39\) Search vendor "Cisco" for product "Nx-os" and version "8.3\(0\)sk\(0.39\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9396px Search vendor "Cisco" for product "Nexus 9396px" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 8.3\(0\)sk\(0.39\) Search vendor "Cisco" for product "Nx-os" and version "8.3\(0\)sk\(0.39\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9396tx Search vendor "Cisco" for product "Nexus 9396tx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 8.3\(0\)sk\(0.39\) Search vendor "Cisco" for product "Nx-os" and version "8.3\(0\)sk\(0.39\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9508 Search vendor "Cisco" for product "Nexus 9508" | - | - |
Safe
|