CVE-2019-1729
Cisco NX-OS Software Arbitrary File Overwrite Vulnerability
Severity Score
6.0
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A vulnerability in the CLI implementation of a specific command used for image maintenance for Cisco NX-OS Software could allow an authenticated, local attacker to overwrite any file on the file system including system files. These file overwrites by the attacker are accomplished at the root privilege level. The vulnerability occurs because there is no verification of user-input parameters and or digital-signature verification for image files when using a specific CLI command. An attacker could exploit this vulnerability by authenticating to the device and issuing a command at the CLI. Because an exploit could allow the attacker to overwrite any file on the disk, including system files, a denial of service (DoS) condition could occur. The attacker must have valid administrator credentials for the affected device to exploit this vulnerability.
Una vulnerabilidad en la implementación de la CLI de un comando específico utilizado para el mantenimiento de imágenes del programa NX-OS de Cisco podría permitir que un atacante local identificado sobrescribiera cualquier archivo en el sistema de archivos, incluidos los archivos del sistema. Estos archivos sobrescritos por el atacante se realizan en el nivel de privilegio de tipo root. La vulnerabilidad se produce porque no hay comprobación de los parámetros de entrada del usuario ni comprobación de firma digital para los archivos de imagen cuando se usa un comando CLI específico. Un atacante podría explotar esta vulnerabilidad al identificarse en el dispositivo y emitir un comando en la CLI. Debido a que una vulnerabilidad podría permitir al atacante sobrescribir cualquier archivo en el disco, incluidos los archivos del sistema, podría ocurrir una condición de Denegación de Servicio (DoS). El atacante deber contar con credenciales de administrador válidas para que el dispositivo afectado ataque esta vulnerabilidad.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2018-12-06 CVE Reserved
- 2019-05-15 CVE Published
- 2023-03-08 EPSS Updated
- 2024-09-17 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
- CWE-347: Improper Verification of Cryptographic Signature
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/108378 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 7.0\(3\)i4\(9\) Search vendor "Cisco" for product "Nx-os" and version " < 7.0\(3\)i4\(9\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3000 Search vendor "Cisco" for product "Nexus 3000" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 7.0\(3\)i4\(9\) Search vendor "Cisco" for product "Nx-os" and version " < 7.0\(3\)i4\(9\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3100 Search vendor "Cisco" for product "Nexus 3100" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 7.0\(3\)i4\(9\) Search vendor "Cisco" for product "Nx-os" and version " < 7.0\(3\)i4\(9\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3100-z Search vendor "Cisco" for product "Nexus 3100-z" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 7.0\(3\)i4\(9\) Search vendor "Cisco" for product "Nx-os" and version " < 7.0\(3\)i4\(9\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3100v Search vendor "Cisco" for product "Nexus 3100v" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 7.0\(3\)i4\(9\) Search vendor "Cisco" for product "Nx-os" and version " < 7.0\(3\)i4\(9\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3200 Search vendor "Cisco" for product "Nexus 3200" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 7.0\(3\)i4\(9\) Search vendor "Cisco" for product "Nx-os" and version " < 7.0\(3\)i4\(9\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3400 Search vendor "Cisco" for product "Nexus 3400" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 7.0\(3\)i4\(9\) Search vendor "Cisco" for product "Nx-os" and version " < 7.0\(3\)i4\(9\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3500 Search vendor "Cisco" for product "Nexus 3500" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 7.0\(3\)i4\(9\) Search vendor "Cisco" for product "Nx-os" and version " < 7.0\(3\)i4\(9\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3524-x Search vendor "Cisco" for product "Nexus 3524-x" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 7.0\(3\)i4\(9\) Search vendor "Cisco" for product "Nx-os" and version " < 7.0\(3\)i4\(9\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3524-xl Search vendor "Cisco" for product "Nexus 3524-xl" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 7.0\(3\)i4\(9\) Search vendor "Cisco" for product "Nx-os" and version " < 7.0\(3\)i4\(9\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3548-x Search vendor "Cisco" for product "Nexus 3548-x" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 7.0\(3\)i4\(9\) Search vendor "Cisco" for product "Nx-os" and version " < 7.0\(3\)i4\(9\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3548-xl Search vendor "Cisco" for product "Nexus 3548-xl" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 7.0\(3\)i4\(9\) Search vendor "Cisco" for product "Nx-os" and version " < 7.0\(3\)i4\(9\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9000 Search vendor "Cisco" for product "Nexus 9000" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 7.0\(3\)i4\(9\) Search vendor "Cisco" for product "Nx-os" and version " < 7.0\(3\)i4\(9\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9200 Search vendor "Cisco" for product "Nexus 9200" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 7.0\(3\)i4\(9\) Search vendor "Cisco" for product "Nx-os" and version " < 7.0\(3\)i4\(9\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9300 Search vendor "Cisco" for product "Nexus 9300" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\)i7 < 7.0\(3\)i7\(4\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i7 < 7.0\(3\)i7\(4\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3000 Search vendor "Cisco" for product "Nexus 3000" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\)i7 < 7.0\(3\)i7\(4\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i7 < 7.0\(3\)i7\(4\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3100 Search vendor "Cisco" for product "Nexus 3100" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\)i7 < 7.0\(3\)i7\(4\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i7 < 7.0\(3\)i7\(4\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3100-z Search vendor "Cisco" for product "Nexus 3100-z" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\)i7 < 7.0\(3\)i7\(4\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i7 < 7.0\(3\)i7\(4\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3100v Search vendor "Cisco" for product "Nexus 3100v" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\)i7 < 7.0\(3\)i7\(4\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i7 < 7.0\(3\)i7\(4\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3200 Search vendor "Cisco" for product "Nexus 3200" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\)i7 < 7.0\(3\)i7\(4\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i7 < 7.0\(3\)i7\(4\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3400 Search vendor "Cisco" for product "Nexus 3400" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\)i7 < 7.0\(3\)i7\(4\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i7 < 7.0\(3\)i7\(4\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3500 Search vendor "Cisco" for product "Nexus 3500" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\)i7 < 7.0\(3\)i7\(4\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i7 < 7.0\(3\)i7\(4\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3524-x Search vendor "Cisco" for product "Nexus 3524-x" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\)i7 < 7.0\(3\)i7\(4\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i7 < 7.0\(3\)i7\(4\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3524-xl Search vendor "Cisco" for product "Nexus 3524-xl" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\)i7 < 7.0\(3\)i7\(4\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i7 < 7.0\(3\)i7\(4\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3548-x Search vendor "Cisco" for product "Nexus 3548-x" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\)i7 < 7.0\(3\)i7\(4\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i7 < 7.0\(3\)i7\(4\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3548-xl Search vendor "Cisco" for product "Nexus 3548-xl" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\)i7 < 7.0\(3\)i7\(4\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i7 < 7.0\(3\)i7\(4\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9000 Search vendor "Cisco" for product "Nexus 9000" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\)i7 < 7.0\(3\)i7\(4\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i7 < 7.0\(3\)i7\(4\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9200 Search vendor "Cisco" for product "Nexus 9200" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\)i7 < 7.0\(3\)i7\(4\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i7 < 7.0\(3\)i7\(4\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9300 Search vendor "Cisco" for product "Nexus 9300" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\) < 7.0\(3\)f3\(5\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\) < 7.0\(3\)f3\(5\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 36180yc-r Search vendor "Cisco" for product "Nexus 36180yc-r" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\) < 7.0\(3\)f3\(5\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\) < 7.0\(3\)f3\(5\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3636c-r Search vendor "Cisco" for product "Nexus 3636c-r" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\) < 7.0\(3\)f3\(5\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\) < 7.0\(3\)f3\(5\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9504 Search vendor "Cisco" for product "Nexus 9504" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\) < 7.0\(3\)f3\(5\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\) < 7.0\(3\)f3\(5\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9508 Search vendor "Cisco" for product "Nexus 9508" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.0\(3\) < 7.0\(3\)f3\(5\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\) < 7.0\(3\)f3\(5\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9516 Search vendor "Cisco" for product "Nexus 9516" | - | - |
Safe
|