CVE-2019-1768 : A vulnerability in the implementation of a specific CLI command for Cisco NX-OS

A vulnerability in the implementation of a specific CLI command for Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to cause a buffer overflow condition or perform command injection. This could allow the attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to a certain CLI command. An attacker could exploit this vulnerability by including malicious input as the argument of the affected CLI command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges. An attacker would need valid administrator credentials to exploit these vulnerabilities.

Published 2019-05-16 02:29:00

Updated 2020-10-16 15:31:09

Source Cisco Systems, Inc.

View at NVD, CVE.org

Vulnerability category: Overflow

Products affected by CVE-2019-1768

Cisco » Nx-os
Versions before (<) 8.3\(1\)
cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*
Matching versions
When used together with: Cisco » Nexus 3016 » Version: N/A
When used together with: Cisco » Nexus 3048 » Version: N/A
When used together with: Cisco » Nexus 3064 » Version: N/A
When used together with: Cisco » Nexus 3064-t » Version: N/A
When used together with: Cisco » Nexus 31108pc-v » Version: N/A
When used together with: Cisco » Nexus 31108tc-v » Version: N/A
When used together with: Cisco » Nexus 31128pq » Version: N/A
When used together with: Cisco » Nexus 3132c-z » Version: N/A
When used together with: Cisco » Nexus 3132q » Version: N/A
When used together with: Cisco » Nexus 3132q-v » Version: N/A
When used together with: Cisco » Nexus 3132q-xl » Version: N/A
When used together with: Cisco » Nexus 3164q » Version: N/A
When used together with: Cisco » Nexus 3172 » Version: N/A
When used together with: Cisco » Nexus 3172pq-xl » Version: N/A
When used together with: Cisco » Nexus 3172tq » Version: N/A
When used together with: Cisco » Nexus 3172tq-32t » Version: N/A
When used together with: Cisco » Nexus 3172tq-xl » Version: N/A
When used together with: Cisco » Nexus 3232c » Version: N/A
When used together with: Cisco » Nexus 3264c-e » Version: N/A
When used together with: Cisco » Nexus 3264q » Version: N/A
When used together with: Cisco » Nexus 3408-s » Version: N/A
When used together with: Cisco » Nexus 34180yc » Version: N/A
When used together with: Cisco » Nexus 3432d-s » Version: N/A
When used together with: Cisco » Nexus 3464c » Version: N/A
When used together with: Cisco » Nexus 3524 » Version: N/A
When used together with: Cisco » Nexus 3524-x » Version: N/A
When used together with: Cisco » Nexus 3524-xl » Version: N/A
When used together with: Cisco » Nexus 3548 » Version: N/A
When used together with: Cisco » Nexus 3548-x » Version: N/A
When used together with: Cisco » Nexus 3548-xl » Version: N/A
When used together with: Cisco » Nexus 36180yc-r » Version: N/A
When used together with: Cisco » Nexus 3636c-r » Version: N/A
When used together with: Cisco » Nexus 9000v » Version: N/A
When used together with: Cisco » Nexus 92160yc-x » Version: N/A
When used together with: Cisco » Nexus 92300yc » Version: N/A
When used together with: Cisco » Nexus 92304qc » Version: N/A
When used together with: Cisco » Nexus 92348gc-x » Version: N/A
When used together with: Cisco » Nexus 9236c » Version: N/A
When used together with: Cisco » Nexus 9272q » Version: N/A
When used together with: Cisco » Nexus 93108tc-ex » Version: N/A
When used together with: Cisco » Nexus 93108tc-fx » Version: N/A
When used together with: Cisco » Nexus 93120tx » Version: N/A
When used together with: Cisco » Nexus 93128tx » Version: N/A
When used together with: Cisco » Nexus 93180lc-ex » Version: N/A
When used together with: Cisco » Nexus 93180yc-ex » Version: N/A
When used together with: Cisco » Nexus 93180yc-fx » Version: N/A
When used together with: Cisco » Nexus 93216tc-fx2 » Version: N/A
When used together with: Cisco » Nexus 93240yc-fx2 » Version: N/A
When used together with: Cisco » Nexus 9332c » Version: N/A
When used together with: Cisco » Nexus 9332pq » Version: N/A
When used together with: Cisco » Nexus 93360yc-fx2 » Version: N/A
When used together with: Cisco » Nexus 9336c-fx2 » Version: N/A
When used together with: Cisco » Nexus 9336pq Aci Spine » Version: N/A
When used together with: Cisco » Nexus 9348gc-fxp » Version: N/A
When used together with: Cisco » Nexus 9364c » Version: N/A
When used together with: Cisco » Nexus 9372px » Version: N/A
When used together with: Cisco » Nexus 9372px-e » Version: N/A
When used together with: Cisco » Nexus 9372tx » Version: N/A
When used together with: Cisco » Nexus 9372tx-e » Version: N/A
When used together with: Cisco » Nexus 9396px » Version: N/A
When used together with: Cisco » Nexus 9396tx » Version: N/A
When used together with: Cisco » Nexus 9504 » Version: N/A
When used together with: Cisco » Nexus 9508 » Version: N/A
When used together with: Cisco » Nexus 9516 » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2019-1768

EPSS FAQ

0.04%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 6 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2019-1768

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.2	HIGH	AV:L/AC:L/Au:N/C:C/I:C/A:C	3.9	10.0	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete
6.7	MEDIUM	CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H	0.8	5.9	Cisco Systems, Inc.
Attack Vector: Local Attack Complexity: Low Privileges Required: High User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High
6.7	MEDIUM	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H	0.8	5.9	NIST
Attack Vector: Local Attack Complexity: Low Privileges Required: High User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2019-1768

CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

Assigned by: nvd@nist.gov (Primary)
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Assigned by: ykramarz@cisco.com (Secondary)

References for CVE-2019-1768

http://www.securityfocus.com/bid/108386

Cisco NX-OS Software Local Buffer Overflow and Command Injection Vulnerabilities
Third Party Advisory;VDB Entry

CVEs referencing this url
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-overflow-inj

Cisco NX-OS Software Buffer Overflow and Command Injection Vulnerabilities
Vendor Advisory

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2019-1768

Products affected by CVE-2019-1768

Exploit prediction scoring system (EPSS) score for CVE-2019-1768

CVSS scores for CVE-2019-1768

CWE ids for CVE-2019-1768

References for CVE-2019-1768