CVE-2019-1784
Cisco NX-OS Software Command Injection Vulnerability
Severity Score
6.7
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability.
Una vulnerabilidad en la CLI del programa NX-OS de Cisco podría permitir a un atacante local autenticado realizar comandos arbitrarios sobre el sistema operativo Linux subyacente con el nivel de privilegio de raíz. La vulnerabilidad es debido a una insuficiente validación de los argumentos pasados ??a un comando CLI específico en el dispositivo afectado. Un atacante podría aprovechar esta vulnerabilidad al incluir una entrada maliciosa como el argumento de un comando afectado. Un aprovechamiento exitoso podría permitir al atacante realizar comandos arbitrarios sobre el sistema operativo Linux subyacente con elevados privilegios . Un atacante necesitaría credenciales de administrador válidas para aprovechar esta vulnerabilidad.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2018-12-06 CVE Reserved
- 2019-05-15 CVE Published
- 2023-03-08 EPSS Updated
- 2024-09-17 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')
- CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/108369 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 7.3\(5\)n1\(1\) Search vendor "Cisco" for product "Nx-os" and version " < 7.3\(5\)n1\(1\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 5548p Search vendor "Cisco" for product "Nexus 5548p" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 7.3\(5\)n1\(1\) Search vendor "Cisco" for product "Nx-os" and version " < 7.3\(5\)n1\(1\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 5548up Search vendor "Cisco" for product "Nexus 5548up" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 7.3\(5\)n1\(1\) Search vendor "Cisco" for product "Nx-os" and version " < 7.3\(5\)n1\(1\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 5596t Search vendor "Cisco" for product "Nexus 5596t" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 7.3\(5\)n1\(1\) Search vendor "Cisco" for product "Nx-os" and version " < 7.3\(5\)n1\(1\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 5596up Search vendor "Cisco" for product "Nexus 5596up" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 7.3\(5\)n1\(1\) Search vendor "Cisco" for product "Nx-os" and version " < 7.3\(5\)n1\(1\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 56128p Search vendor "Cisco" for product "Nexus 56128p" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 7.3\(5\)n1\(1\) Search vendor "Cisco" for product "Nx-os" and version " < 7.3\(5\)n1\(1\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 5624q Search vendor "Cisco" for product "Nexus 5624q" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 7.3\(5\)n1\(1\) Search vendor "Cisco" for product "Nx-os" and version " < 7.3\(5\)n1\(1\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 5648q Search vendor "Cisco" for product "Nexus 5648q" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 7.3\(5\)n1\(1\) Search vendor "Cisco" for product "Nx-os" and version " < 7.3\(5\)n1\(1\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 5672up Search vendor "Cisco" for product "Nexus 5672up" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 7.3\(5\)n1\(1\) Search vendor "Cisco" for product "Nx-os" and version " < 7.3\(5\)n1\(1\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 5696q Search vendor "Cisco" for product "Nexus 5696q" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 7.3\(5\)n1\(1\) Search vendor "Cisco" for product "Nx-os" and version " < 7.3\(5\)n1\(1\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 6001 Search vendor "Cisco" for product "Nexus 6001" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 7.3\(5\)n1\(1\) Search vendor "Cisco" for product "Nx-os" and version " < 7.3\(5\)n1\(1\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 6004 Search vendor "Cisco" for product "Nexus 6004" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.2 < 7.3\(3\)d1\(1\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.2 < 7.3\(3\)d1\(1\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | 7000 Search vendor "Cisco" for product "7000" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 7.2 < 7.3\(3\)d1\(1\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.2 < 7.3\(3\)d1\(1\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | 7700 Search vendor "Cisco" for product "7700" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 8.0 < 8.2\(3\) Search vendor "Cisco" for product "Nx-os" and version " >= 8.0 < 8.2\(3\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | 7000 Search vendor "Cisco" for product "7000" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 8.0 < 8.2\(3\) Search vendor "Cisco" for product "Nx-os" and version " >= 8.0 < 8.2\(3\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | 7700 Search vendor "Cisco" for product "7700" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 8.3 < 8.3\(1\) Search vendor "Cisco" for product "Nx-os" and version " >= 8.3 < 8.3\(1\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | 7000 Search vendor "Cisco" for product "7000" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | >= 8.3 < 8.3\(1\) Search vendor "Cisco" for product "Nx-os" and version " >= 8.3 < 8.3\(1\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | 7700 Search vendor "Cisco" for product "7700" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 4.0\(1a\) Search vendor "Cisco" for product "Nx-os" and version " < 4.0\(1a\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ucs 6248up Search vendor "Cisco" for product "Ucs 6248up" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 4.0\(1a\) Search vendor "Cisco" for product "Nx-os" and version " < 4.0\(1a\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ucs 6296up Search vendor "Cisco" for product "Ucs 6296up" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 4.0\(1a\) Search vendor "Cisco" for product "Nx-os" and version " < 4.0\(1a\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ucs 6324 Search vendor "Cisco" for product "Ucs 6324" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 4.0\(1a\) Search vendor "Cisco" for product "Nx-os" and version " < 4.0\(1a\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ucs 6332 Search vendor "Cisco" for product "Ucs 6332" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | < 4.0\(1a\) Search vendor "Cisco" for product "Nx-os" and version " < 4.0\(1a\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ucs 6332-16up Search vendor "Cisco" for product "Ucs 6332-16up" | - | - |
Safe
|