CVE-2019-1605 : A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an aut

A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary code as root. The vulnerability is due to incorrect input validation in the NX-API feature. An attacker could exploit this vulnerability by sending a crafted HTTP or HTTPS request to an internal service on an affected device that has the NX-API feature enabled. A successful exploit could allow the attacker to cause a buffer overflow and execute arbitrary code as root. Note: The NX-API feature is disabled by default. MDS 9000 Series Multilayer Switches are affected in versions prior to 8.1(1). Nexus 3000 Series Switches are affected in versions prior to 7.0(3)I4(8) and 7.0(3)I7(1). Nexus 3500 Platform Switches are affected in versions prior to 6.0(2)A8(8). Nexus 3600 Platform Switches are affected in versions prior to 7.0(3)F3(5). Nexus 2000, 5500, 5600, and 6000 Series Switches are affected in versions prior to 7.3(2)N1(1). Nexus 7000 and 7700 Series Switches are affected in versions prior to 7.3(3)D1(1). Nexus 9000 Series Switches in Standalone NX-OS Mode are affected in versions prior to 7.0(3)I4(8) and 7.0(3)I7(1). Nexus 9500 R-Series Line Cards and Fabric Modules are affected in versions prior to 7.0(3)F3(5).

Published 2019-03-08 20:29:00

Updated 2020-10-05 19:48:46

Source Cisco Systems, Inc.

View at NVD, CVE.org

Vulnerability category: OverflowInput validationExecute code

Products affected by CVE-2019-1605

Cisco » Nx-os
Versions from including (>=) 7.2 and before (<) 7.3\(3\)d1\(1\)
cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*
Matching versions
When used together with: Cisco » Nexus 7000 » Version: N/A
When used together with: Cisco » Nexus 7700 » Version: N/A
Cisco » Nx-os
Versions from including (>=) 7.3 and before (<) 7.3\(2\)n1\(1\)
cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*
Matching versions
When used together with: Cisco » Nexus 2000 » Version: N/A
When used together with: Cisco » Nexus 5500 » Version: N/A
When used together with: Cisco » Nexus 5600 » Version: N/A
When used together with: Cisco » Nexus 6000 » Version: N/A
Cisco » Nx-os
Versions before (<) 7.0\(3\)i4\(8\)
cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*
Matching versions
When used together with: Cisco » Nexus 9000 » Version: N/A
Cisco » Nx-os
Versions from including (>=) 7.0\(3\)f1 and before (<) 7.0\(3\)f3\(5\)
cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*
Matching versions
When used together with: Cisco » Nexus 9500 » Version: N/A
Cisco » Nx-os
Versions from including (>=) 7.0\(3\)f3 and before (<) 7.0\(3\)f3\(5\)
cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*
Matching versions
When used together with: Cisco » Nexus 3600 » Version: N/A
Cisco » Nx-os
Versions before (<) 6.0\(2\)a8\(8\)
cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*
Matching versions
When used together with: Cisco » Nexus 3500 » Version: N/A
Cisco » Nx-os
Versions from including (>=) 7.0\(3\)i5 and before (<) 7.0\(3\)i7\(1\)
cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*
Matching versions
When used together with: Cisco » Nexus 3000 » Version: N/A
Cisco » Nx-os
Versions from including (>=) 7.3 and before (<) 8.1\(1\)
cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*
Matching versions
When used together with: Cisco » Mds 9000 » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2019-1605

EPSS FAQ

0.19%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 39 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2019-1605

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.2	HIGH	AV:L/AC:L/Au:N/C:C/I:C/A:C	3.9	10.0	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete
7.8	HIGH	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	1.8	5.9	Cisco Systems, Inc.
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High
7.8	HIGH	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	1.8	5.9	NIST
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2019-1605

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Assigned by: ykramarz@cisco.com (Secondary)
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2019-1605

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-api-ex

Cisco NX-OS Software NX-API Arbitrary Code Execution Vulnerability
Patch;Vendor Advisory
http://www.securityfocus.com/bid/107313

Cisco NX-OS Software CVE-2019-1605 'NX-API' Arbitrary Code Execution Vulnerability
Third Party Advisory;VDB Entry

Jump to

Vulnerability Details : CVE-2019-1605

Products affected by CVE-2019-1605

Exploit prediction scoring system (EPSS) score for CVE-2019-1605

CVSS scores for CVE-2019-1605

CWE ids for CVE-2019-1605

References for CVE-2019-1605