CVE-2019-1810

Cisco Nexus 3000 Series and 9000 Series Switches in NX-OS Mode CLI Command Software Image Signature Verification Vulnerability

Severity Score

6.7

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

A vulnerability in the Image Signature Verification feature used in an NX-OS CLI command in Cisco Nexus 3000 Series and 9000 Series Switches could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability exists because software digital signatures are not properly verified during CLI command execution. An attacker could exploit this vulnerability to install an unsigned software image on an affected device. Note: If the device has not been patched for the vulnerability previously disclosed in the Cisco Security Advisory cisco-sa-20190306-nxos-sig-verif, a successful exploit could allow the attacker to boot a malicious software image.

Una vulnerabilidad en la función Image Signature Verification utilizada en un comando CLI de NX-OS en los switches de las series Nexus 3000 y 9000 de Cisco podría permitir a un atacante local autenticado con credenciales de administrador para instalar una imagen de programa malicioso en un dispositivo afectado. La vulnerabilidad se debe a que las firmas digitales del programa no se verifican correctamente durante la ejecución del comando CLI. Un atacante podría aprovechar esta vulnerabilidad para instalar una imagen de programa sin firmar en un dispositivo afectado. Nota: Si el dispositivo no ha sido parchado para la vulnerabilidad descrita anteriormente en el Aviso de seguridad de Cisco cisco-sa-20190306-nxos-sig-verif, un ataque exitoso podría permitir al atacante iniciar una imagen de programa malicioso.

*Credits: N/A

Attack Vector

Local

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2018-12-06 CVE Reserved
2019-05-15 CVE Published
2023-03-08 EPSS Updated
2024-09-16 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-347: Improper Verification of Cryptographic Signature

CAPEC

References (2)

URL	Tag	Source
http://www.securityfocus.com/bid/108431	Broken Link

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-sisv	2023-03-24

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Cisco Search vendor "Cisco"	Nx-os Search vendor "Cisco" for product "Nx-os"	>= 6.1\(2\)i3\(4\) < 7.0\(3\)i7\(5\) Search vendor "Cisco" for product "Nx-os" and version " >= 6.1\(2\)i3\(4\) < 7.0\(3\)i7\(5\)"	-	Affected	in	Cisco Search vendor "Cisco"	N3k-c3164q Search vendor "Cisco" for product "N3k-c3164q"	-	-	Safe
Cisco Search vendor "Cisco"	Nx-os Search vendor "Cisco" for product "Nx-os"	>= 7.0\(3\)i7\(5a\) < 9.2\(2\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i7\(5a\) < 9.2\(2\)"	-	Affected	in	Cisco Search vendor "Cisco"	N3k-c3164q Search vendor "Cisco" for product "N3k-c3164q"	-	-	Safe
Cisco Search vendor "Cisco"	Nx-os Search vendor "Cisco" for product "Nx-os"	>= 7.0\(3\)i3\(1\) < 7.0\(3\)i7\(1\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i3\(1\) < 7.0\(3\)i7\(1\)"	-	Affected	in	Cisco Search vendor "Cisco"	N3k-c3232c Search vendor "Cisco" for product "N3k-c3232c"	-	-	Safe
Cisco Search vendor "Cisco"	Nx-os Search vendor "Cisco" for product "Nx-os"	>= 7.0\(3\)i7\(2\) < 9.2\(1\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i7\(2\) < 9.2\(1\)"	-	Affected	in	Cisco Search vendor "Cisco"	N3k-c3232c Search vendor "Cisco" for product "N3k-c3232c"	-	-	Safe
Cisco Search vendor "Cisco"	Nx-os Search vendor "Cisco" for product "Nx-os"	>= 7.0\(3\)i4\(1\) < 7.0\(3\)i7\(5\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i4\(1\) < 7.0\(3\)i7\(5\)"	-	Affected	in	Cisco Search vendor "Cisco"	N9k-c92304qc Search vendor "Cisco" for product "N9k-c92304qc"	-	-	Safe
Cisco Search vendor "Cisco"	Nx-os Search vendor "Cisco" for product "Nx-os"	>= 7.0\(3\)i7\(5a\) < 9.2\(2\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i7\(5a\) < 9.2\(2\)"	-	Affected	in	Cisco Search vendor "Cisco"	N9k-c92304qc Search vendor "Cisco" for product "N9k-c92304qc"	-	-	Safe
Cisco Search vendor "Cisco"	Nx-os Search vendor "Cisco" for product "Nx-os"	>= 7.0\(3\)i4\(2\) < 7.0\(3\)i7\(5\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i4\(2\) < 7.0\(3\)i7\(5\)"	-	Affected	in	Cisco Search vendor "Cisco"	N9k-c9232c Search vendor "Cisco" for product "N9k-c9232c"	-	-	Safe
Cisco Search vendor "Cisco"	Nx-os Search vendor "Cisco" for product "Nx-os"	>= 7.0\(3\)i7\(5a\) < 9.2\(2\) Search vendor "Cisco" for product "Nx-os" and version " >= 7.0\(3\)i7\(5a\) < 9.2\(2\)"	-	Affected	in	Cisco Search vendor "Cisco"	N9k-c9232c Search vendor "Cisco" for product "N9k-c9232c"	-	-	Safe