CVE-2019-1604

{"id": "CVE-2019-1604", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Secondary", "source": "ykramarz@cisco.com", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.3, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.3}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2019-03-08T19:29:00.407", "references": [{"url": "http://www.securityfocus.com/bid/107323", "tags": ["Third Party Advisory", "VDB Entry"], "source": "ykramarz@cisco.com"}, {"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-privesca", "tags": ["Patch", "Vendor Advisory"], "source": "ykramarz@cisco.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-863"}]}, {"type": "Secondary", "source": "ykramarz@cisco.com", "description": [{"lang": "en", "value": "CWE-285"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the user account management interface of Cisco NX-OS Software could allow an authenticated, local attacker to gain elevated privileges on an affected device. The vulnerability is due to an incorrect authorization check of user accounts and their associated Group ID (GID). An attacker could exploit this vulnerability by taking advantage of a logic error that will permit the use of higher privileged commands than what is necessarily assigned. A successful exploit could allow an attacker to execute commands with elevated privileges on the underlying Linux shell of an affected device. Nexus 7000 and 7700 Series Switches are affected in versions prior to 6.2(22), 8.2(3), and 8.3(2). Nexus 3000 Series Switches are affected in versions prior to 7.0(3)I7(4). Nexus 3500 Platform Switches are affected in versions prior to 7.0(3)I7(4). Nexus 3600 Platform Switches are affected in versions prior to 7.0(3)F3(5). Nexus 9000 Series Switches-Standalone are affected in versions prior to 7.0(3)I7(4). Nexus 9500 R-Series Line Cards and Fabric Modules are affected in versions prior to 7.0(3)F3(5)."}, {"lang": "es", "value": "Una vulnerabilidad en la interfaz de gesti\u00f3n de cuentas de usuario del software NX-OS de Cisco podr\u00eda permitir a un atacante local autenticado obtener privilegios escalados en un dispositivo afectado. La vulnerabilidad se deba a una comprobaci\u00f3n de autorizaci\u00f3n incorrecta de las cuentas de usuario y su grupo ID asociado (GID). Un atacante podr\u00eda explotar esta vulnerabilidad, aprovechando un error de l\u00f3gica que permite el uso de comandos con privilegios m\u00e1s altos de los que est\u00e1n necesariamente asignados. Si se explota esta vulnerabilidad con \u00e9xito, el atacante podr\u00eda ejecutar comandos con privilegios elevados en el shell Linux subyacente de un dispositivo afectado. Los switches de Nexus, en sus series 7000 y 7700, se ven afectados en versiones anteriores a las 6.2(22), 8.2(3) y 8.3(2). Los switches de Nexus 3000 Series se ven afectados en versiones anteriores a la 7.0(3)I7(4). Los switches de Nexus 3500 Platform se ven afectados en versiones anteriores a la 7.0(3)I7(4). Los switches de Nexus 3600 Platform se ven afectados en versiones anteriores a la 7.0(3)F3(5). Los switches de Nexus 9000 Series-Standalone se ven afectados en versiones anteriores a la 7.0(3)I7(4). Los switches de 9500 R-Series Line Cards y Fabric Modules se ven afectados en versiones anteriores a la 7.0(3)F3(5)."}], "lastModified": "2020-10-05T19:43:15.327", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C0E72727-2F90-4236-8059-14C3A5EB100D", "versionEndExcluding": "7.0\\(3\\)i7\\(4\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_3000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "10FFC5E8-CC5A-4D31-A63A-19E72EC442AB"}, {"criteria": "cpe:2.3:h:cisco:nexus_3500:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A8E1073F-D374-4311-8F12-AD8C72FAA293"}, {"criteria": "cpe:2.3:h:cisco:nexus_9000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8EBEBA5B-5589-417B-BF3B-976083E9FE54"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CAB74D2E-06DD-4899-9262-64AAC104A992", "versionEndExcluding": "7.0\\(3\\)f3\\(5\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_3600:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "97217080-455C-48E4-8CE1-6D5B9485864F"}, {"criteria": "cpe:2.3:h:cisco:nexus_9500:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "63BE0266-1C00-4D6A-AD96-7F82532ABAA7"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F1F66B82-F5C0-46EB-BD0E-0D583699D091", "versionEndExcluding": "8.3\\(2\\)", "versionStartExcluding": "8.2\\(3\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3"}, {"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "80EE59CF-53C9-4264-9012-29632C344259", "versionEndExcluding": "8.2\\(3\\)", "versionStartExcluding": "6.22\\(22\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3"}, {"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A67D92F3-7EE1-4CFD-9608-4E35994C1BC4", "versionEndExcluding": "6.2\\(22\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3"}, {"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "ykramarz@cisco.com"}