CVE-2019-1614
Cisco NX-OS Software NX-API Command Injection Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an authenticated, remote attacker to execute arbitrary commands with root privileges. The vulnerability is due to incorrect input validation of user-supplied data by the NX-API subsystem. An attacker could exploit this vulnerability by sending malicious HTTP or HTTPS packets to the management interface of an affected system that has the NX-API feature enabled. A successful exploit could allow the attacker to perform a command-injection attack and execute arbitrary commands with root privileges. Note: NX-API is disabled by default. MDS 9000 Series Multilayer Switches are affected running software versions prior to 8.1(1b) and 8.2(3). Nexus 3000 Series Switches are affected running software versions prior to 7.0(3)I4(9) and 7.0(3)I7(4). Nexus 3500 Platform Switches are affected running software versions prior to 7.0(3)I7(4). Nexus 2000, 5500, 5600, and 6000 Series Switches are affected running software versions prior to 7.3(4)N1(1). Nexus 9000 Series Switches in Standalone NX-OS Mode are affected running software versions prior to 7.0(3)I4(9) and 7.0(3)I7(4). Nexus 7000 and 7700 Series Switches are affected running software versions prior to 7.3(3)D1(1) and 8.2(3).
Una vulnerabilidad en la funcionalidad NX-API del software NX-OS de Cisco podría permitir a un atacante remoto autenticado ejecutar comandos arbitrarios con privilegios root. Esta vulnerabilidad se debe a la validación incorrecta de entradas del datos proporcionados por el usuario por el subsistema NX-API. Un atacante podría explotar esta vulnerabilidad enviando un paquete HTTP o HTTPS malicioso a la interfaz de gestión de un sistema afectado que tenga la característica NX-API habilitada. Un exploit con éxito podría permitir que el atacante realice un ataque de inyección de comandos y ejecute comandos arbitrarios con privilegios root. Nota: NX-API está deshabilitado por defecto. Los switches de Nexus 9000 Series se ven afectados en versiones de software anteriores a las 8.1(1b) y 8.2(3). Los switches de Nexus 3000 Series se ven afectados en versiones de software anteriores a las 7.0(3)I4(9) y 7.0(3)I7(4). Los switches de Nexus 3500 Platform se ven afectados en versiones de software anteriores a la 7.0(3)I7(4). Los switches de Nexus, en sus series 2000, 5500, 5600 y 6000, se ven afectados en versiones anteriores a las 7.3(4)N1(1). Los switches de Nexus 9000 en modo Standalone NX-OS se ven afectados en versiones de software anteriores a las 7.0(3)I4(9) y 7.0(3)I7(4). Los switches de Nexus, en sus series 7000 y 7700, se ven afectados en versiones anteriores a las 7.3(3)D1(1) y 8.2(3).
CVSS Scores
SSVC
- Decision:Track*
Timeline
- 2018-12-06 CVE Reserved
- 2019-03-11 CVE Published
- 2023-03-08 EPSS Updated
- 2024-11-20 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')
- CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/107339 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 8.2 < 8.3\(2\) Search vendor "Cisco" for product "Nx-os" and version " >= 8.2 < 8.3\(2\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Mds 9000 Search vendor "Cisco" for product "Mds 9000" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.3 < 8.1\(1b\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.3 < 8.1\(1b\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Mds 9000 Search vendor "Cisco" for product "Mds 9000" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\)i5 < 7.0\(3\)i7\(4\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i5 < 7.0\(3\)i7\(4\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3000 Search vendor "Cisco" for product "Nexus 3000" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 7.0\(3\)i4\(9\) Search vendor "Cisco" for product "Nx-os" and version " < 7.0\(3\)i4\(9\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3000 Search vendor "Cisco" for product "Nexus 3000" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\) < 7.0\(3\)i7\(4\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\) < 7.0\(3\)i7\(4\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3500 Search vendor "Cisco" for product "Nexus 3500" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.3 < 7.3\(4\)n1\(1\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.3 < 7.3\(4\)n1\(1\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 2000 Search vendor "Cisco" for product "Nexus 2000" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.3 < 7.3\(4\)n1\(1\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.3 < 7.3\(4\)n1\(1\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 5500 Search vendor "Cisco" for product "Nexus 5500" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.3 < 7.3\(4\)n1\(1\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.3 < 7.3\(4\)n1\(1\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 5600 Search vendor "Cisco" for product "Nexus 5600" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.3 < 7.3\(4\)n1\(1\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.3 < 7.3\(4\)n1\(1\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 6000 Search vendor "Cisco" for product "Nexus 6000" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 8.3 < 8.3\(2\) Search vendor "Cisco" for product "Nx-os" and version " >= 8.3 < 8.3\(2\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 7000 Search vendor "Cisco" for product "Nexus 7000" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 8.3 < 8.3\(2\) Search vendor "Cisco" for product "Nx-os" and version " >= 8.3 < 8.3\(2\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 7700 Search vendor "Cisco" for product "Nexus 7700" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 8.0 < 8.2\(3\) Search vendor "Cisco" for product "Nx-os" and version " >= 8.0 < 8.2\(3\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 7000 Search vendor "Cisco" for product "Nexus 7000" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 8.0 < 8.2\(3\) Search vendor "Cisco" for product "Nx-os" and version " >= 8.0 < 8.2\(3\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 7700 Search vendor "Cisco" for product "Nexus 7700" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.2 < 7.3\(3\)d1\(1\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.2 < 7.3\(3\)d1\(1\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 7000 Search vendor "Cisco" for product "Nexus 7000" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.2 < 7.3\(3\)d1\(1\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.2 < 7.3\(3\)d1\(1\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 7700 Search vendor "Cisco" for product "Nexus 7700" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 7.3\(3\)i4\(9\) Search vendor "Cisco" for product "Nx-os" and version " < 7.3\(3\)i4\(9\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9000 Search vendor "Cisco" for product "Nexus 9000" | - | - |
Safe
|