CVE-2019-1726
Cisco NX-OS Software CLI Bypass to Internal Service Vulnerability
Severity Score
7.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to access internal services that should be restricted on an affected device, such as the NX-API. The vulnerability is due to insufficient validation of arguments passed to a certain CLI command. An attacker could exploit this vulnerability by including malicious input as the argument to the affected command. A successful exploit could allow the attacker to bypass intended restrictions and access internal services of the device. An attacker would need valid device credentials to exploit this vulnerability.
Una vulnerabilidad en la CLI del programa NX-OS de Cisco, podría permitir a un atacante local autenticado ingresar a servicios internos que deberían estar restringidos en un dispositivo afectado, como la API NX. La vulnerabilidad se debe a una comprobación insuficiente de los argumentos pasados ??a un ciertos comando CLI. Un atacante podría explotar esta vulnerabilidad si inserta una entrada maliciosa como argumento para el comando afectado. Una explotación exitosa podría permitir al atacante omitir las restricciones previstas y acceder a los servicios internos del dispositivo. Un atacante requeriría credenciales de dispositivo válidas para atacar esta vulnerabilidad.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2018-12-06 CVE Reserved
- 2019-05-15 CVE Published
- 2023-03-08 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
- CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/108409 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 5.2 < 6.2\(25\) Search vendor "Cisco" for product "Nx-os" and version " >= 5.2 < 6.2\(25\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Mds 9000 Search vendor "Cisco" for product "Mds 9000" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 5.2 < 6.2\(25\) Search vendor "Cisco" for product "Nx-os" and version " >= 5.2 < 6.2\(25\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Mds 9100 Search vendor "Cisco" for product "Mds 9100" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 5.2 < 6.2\(25\) Search vendor "Cisco" for product "Nx-os" and version " >= 5.2 < 6.2\(25\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Mds 9200 Search vendor "Cisco" for product "Mds 9200" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 5.2 < 6.2\(25\) Search vendor "Cisco" for product "Nx-os" and version " >= 5.2 < 6.2\(25\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Mds 9500 Search vendor "Cisco" for product "Mds 9500" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 5.2 < 6.2\(25\) Search vendor "Cisco" for product "Nx-os" and version " >= 5.2 < 6.2\(25\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Mds 9700 Search vendor "Cisco" for product "Mds 9700" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.3 < 8.3\(2\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.3 < 8.3\(2\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Mds 9000 Search vendor "Cisco" for product "Mds 9000" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.3 < 8.3\(2\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.3 < 8.3\(2\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Mds 9100 Search vendor "Cisco" for product "Mds 9100" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.3 < 8.3\(2\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.3 < 8.3\(2\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Mds 9200 Search vendor "Cisco" for product "Mds 9200" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.3 < 8.3\(2\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.3 < 8.3\(2\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Mds 9500 Search vendor "Cisco" for product "Mds 9500" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.3 < 8.3\(2\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.3 < 8.3\(2\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Mds 9700 Search vendor "Cisco" for product "Mds 9700" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\)i7 < 7.0\(3\)i7\(3\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i7 < 7.0\(3\)i7\(3\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3000 Search vendor "Cisco" for product "Nexus 3000" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\)i7 < 7.0\(3\)i7\(3\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i7 < 7.0\(3\)i7\(3\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3100 Search vendor "Cisco" for product "Nexus 3100" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\)i7 < 7.0\(3\)i7\(3\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i7 < 7.0\(3\)i7\(3\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3100-z Search vendor "Cisco" for product "Nexus 3100-z" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\)i7 < 7.0\(3\)i7\(3\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i7 < 7.0\(3\)i7\(3\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3100v Search vendor "Cisco" for product "Nexus 3100v" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\)i7 < 7.0\(3\)i7\(3\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i7 < 7.0\(3\)i7\(3\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3200 Search vendor "Cisco" for product "Nexus 3200" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\)i7 < 7.0\(3\)i7\(3\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i7 < 7.0\(3\)i7\(3\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3400 Search vendor "Cisco" for product "Nexus 3400" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\)i7 < 7.0\(3\)i7\(3\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i7 < 7.0\(3\)i7\(3\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3500 Search vendor "Cisco" for product "Nexus 3500" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\)i7 < 7.0\(3\)i7\(3\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i7 < 7.0\(3\)i7\(3\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3600 Search vendor "Cisco" for product "Nexus 3600" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\)i7 < 7.0\(3\)i7\(3\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i7 < 7.0\(3\)i7\(3\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9000 Search vendor "Cisco" for product "Nexus 9000" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\)i7 < 7.0\(3\)i7\(3\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i7 < 7.0\(3\)i7\(3\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9200 Search vendor "Cisco" for product "Nexus 9200" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\)i7 < 7.0\(3\)i7\(3\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i7 < 7.0\(3\)i7\(3\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9300 Search vendor "Cisco" for product "Nexus 9300" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\)i7 < 7.0\(3\)i7\(3\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i7 < 7.0\(3\)i7\(3\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9500 Search vendor "Cisco" for product "Nexus 9500" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 6.0\(2\)a8\(11\) Search vendor "Cisco" for product "Nx-os" and version " < 6.0\(2\)a8\(11\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3524-x Search vendor "Cisco" for product "Nexus 3524-x" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 6.0\(2\)a8\(11\) Search vendor "Cisco" for product "Nx-os" and version " < 6.0\(2\)a8\(11\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3524-xl Search vendor "Cisco" for product "Nexus 3524-xl" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 6.0\(2\)a8\(11\) Search vendor "Cisco" for product "Nx-os" and version " < 6.0\(2\)a8\(11\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3548-x Search vendor "Cisco" for product "Nexus 3548-x" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 6.0\(2\)a8\(11\) Search vendor "Cisco" for product "Nx-os" and version " < 6.0\(2\)a8\(11\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3548-xl Search vendor "Cisco" for product "Nexus 3548-xl" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\) < 7.0\(3\)i7\(3\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\) < 7.0\(3\)i7\(3\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3524-x Search vendor "Cisco" for product "Nexus 3524-x" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\) < 7.0\(3\)i7\(3\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\) < 7.0\(3\)i7\(3\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3524-xl Search vendor "Cisco" for product "Nexus 3524-xl" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\) < 7.0\(3\)i7\(3\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\) < 7.0\(3\)i7\(3\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3548-x Search vendor "Cisco" for product "Nexus 3548-x" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\) < 7.0\(3\)i7\(3\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\) < 7.0\(3\)i7\(3\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3548-xl Search vendor "Cisco" for product "Nexus 3548-xl" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 7.3\(4\)n1\(1\) Search vendor "Cisco" for product "Nx-os" and version " < 7.3\(4\)n1\(1\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 5500 Search vendor "Cisco" for product "Nexus 5500" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 7.3\(4\)n1\(1\) Search vendor "Cisco" for product "Nx-os" and version " < 7.3\(4\)n1\(1\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 5600 Search vendor "Cisco" for product "Nexus 5600" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 7.3\(4\)n1\(1\) Search vendor "Cisco" for product "Nx-os" and version " < 7.3\(4\)n1\(1\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 6000 Search vendor "Cisco" for product "Nexus 6000" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 6.2\(22\) Search vendor "Cisco" for product "Nx-os" and version " < 6.2\(22\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 7000 Search vendor "Cisco" for product "Nexus 7000" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 6.2\(22\) Search vendor "Cisco" for product "Nx-os" and version " < 6.2\(22\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 7700 Search vendor "Cisco" for product "Nexus 7700" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.2 < 7.3\(3\)d1\(1\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.2 < 7.3\(3\)d1\(1\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 7000 Search vendor "Cisco" for product "Nexus 7000" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.2 < 7.3\(3\)d1\(1\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.2 < 7.3\(3\)d1\(1\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 7700 Search vendor "Cisco" for product "Nexus 7700" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 8.0 < 8.3\(2\) Search vendor "Cisco" for product "Nx-os" and version " >= 8.0 < 8.3\(2\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 7000 Search vendor "Cisco" for product "Nexus 7000" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 8.0 < 8.3\(2\) Search vendor "Cisco" for product "Nx-os" and version " >= 8.0 < 8.3\(2\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 7700 Search vendor "Cisco" for product "Nexus 7700" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 4.0\(1d\) Search vendor "Cisco" for product "Nx-os" and version " < 4.0\(1d\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ucs 6248up Search vendor "Cisco" for product "Ucs 6248up" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 4.0\(1d\) Search vendor "Cisco" for product "Nx-os" and version " < 4.0\(1d\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ucs 6296up Search vendor "Cisco" for product "Ucs 6296up" | - | - |
Safe
|