Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2019.1756.4
Cisco NX-OS Software Vulnerabilities
18 July 2019
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Cisco NX-OS Software
Publisher: Cisco Systems
Operating System: Cisco
Impact/Access: Execute Arbitrary Code/Commands -- Existing Account
Increased Privileges -- Existing Account
Access Privileged Data -- Existing Account
Overwrite Arbitrary Files -- Existing Account
Cross-site Scripting -- Existing Account
Unauthorised Access -- Existing Account
Resolution: Patch/Upgrade
CVE Names: CVE-2019-1813 CVE-2019-1812 CVE-2019-1811
CVE-2019-1809 CVE-2019-1795 CVE-2019-1791
CVE-2019-1790 CVE-2019-1784 CVE-2019-1783
CVE-2019-1782 CVE-2019-1781 CVE-2019-1780
CVE-2019-1779 CVE-2019-1778 CVE-2019-1776
CVE-2019-1775 CVE-2019-1774 CVE-2019-1770
CVE-2019-1769 CVE-2019-1768 CVE-2019-1767
CVE-2019-1735 CVE-2019-1733 CVE-2019-1732
CVE-2019-1731 CVE-2019-1730 CVE-2019-1729
CVE-2019-1727 CVE-2019-1726
Original Bulletin:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-sisv2
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-file-write
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-bash-bypass
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-overflow-inj
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cli-bypass
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1774-1775
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1735
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1770
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1776
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1778
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1783
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmd-inject-1784
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1790
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1791
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-linecardinj-1769
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-nxapi-xss
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-psvb
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-pyth-escal
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-rpm-injec
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-ssh-info
Revision History: July 18 2019: Updated cisco-sa-20190515-nxos-cmdinj-1776/cisco-sa-20190515-nxos-cmdinj-1783/cisco-sa-20190515-nxos-cmd-inject-1784 to v1.1
May 21 2019: Updated cisco-sa-20190515-nxos-bash-bypass to v1.1
May 17 2019: Updated cisco-sa-20190515-nxos-ssh-info to v1.1
May 16 2019: Initial Release
- --------------------------BEGIN INCLUDED TEXT--------------------
Cisco NX-OS CLI Command Software Image Signature Verification Vulnerabilities
Priority: Medium
Advisory ID: cisco-sa-20190515-nxos-sisv2
First Published: 2019 May 15 16:00 GMT
Version 1.0: Final
Workarounds: No workarounds available
CVE-2019-1811
CVE-2019-1812
CVE-2019-1813
CWE-347
CVSS Score:
6.7 AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X
Summary
o Multiple vulnerabilities in the Image Signature Verification feature of
Cisco NX-OS Software could allow an authenticated, local attacker with
administrator-level credentials to install a malicious software image on an
affected device.
The vulnerabilities exist because software digital signatures are not
properly verified during CLI command execution. An attacker could exploit
these vulnerabilities to install an unsigned software image on an affected
device.
Note: If the device has not been patched for the vulnerability previously
disclosed in the Cisco Security Advisory cisco-sa-20190306-nxos-sig-verif ,
a successful exploit could allow the attacker to boot a malicious software
image.
Cisco has released software updates that address these vulnerabilities.
There are no workarounds that address these vulnerabilities.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
cisco-sa-20190515-nxos-sisv2
Affected Products
o Vulnerable Products
These vulnerabilities affect the following Cisco products if they are
running a vulnerable release of Cisco NX-OS Software:
Nexus 3000 Series Switches
Nexus 3600 Platform Switches
Nexus 9000 Series Switches in standalone NX-OS mode
Nexus 9500 R-Series Switching Platform
Note: For the Nexus 3000 Series Switches, only a subset of products
supports image signature verification. The following Nexus 3000 Series
product IDs (PIDs) are affected by these vulnerabilities:
N3K-C31108PC-V
N3K-C31108TC-V
N3K-C31128PQ-10GE
N3K-C3132C-Z
N3K-C3164Q-40GE
N3K-C3232C
N3K-C3264C-E
N3K-C3264Q
N3K-C34180YC
N3K-C3432D-I
N3K-C3464C
For information about which Cisco NX-OS Software releases are vulnerable,
see the Fixed Software section of this advisory.
Determining the Cisco NX-OS Product ID
To check the PID, administrators can use the show inventory command in the
device CLI. The following example shows the output of the command for a
device that has the PID N3K-C3232C :
switch# show inventory
NAME: "Chassis", DESCR: "Nexus3000 C3232C Chassis"
PID: N3K-C3232C , VID: V02 , SN: FOC20291JA0
NAME: "Slot 1", DESCR: "32x40/100G QSFP28 2x10G SFP+ Ethernet Module"
PID: N3K-C3232C , VID: V02 , SN: FOC20291JA0
NAME: "Power Supply 1", DESCR: "Nexus3000 C3232C Chassis Power Supply"
PID: NXA-PAC-650W-PI , VID: V01 , SN: LIT20362Z6G
Products Confirmed Not Vulnerable
Only products listed in the Vulnerable Products section of this advisory
are known to be affected by these vulnerabilities.
Cisco has confirmed that these vulnerabilities do not affect the following
Cisco products:
Firepower 2100 Series
Firepower 4100 Series
Firepower 9300 Security Appliances
MDS 9000 Series Multilayer Switches
Nexus 1000V Switch for Microsoft Hyper-V
Nexus 1000V Switch for VMware vSphere
Nexus 3500 Platform Switches
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 7000 Series Switches
Nexus 7700 Series Switches
Nexus 9000 Series Fabric Switches in Application Centric Infrastructure
(ACI) mode
UCS 6200 Series Fabric Interconnects
UCS 6300 Series Fabric Interconnects
UCS 6400 Series Fabric Interconnects
Workarounds
o There are no workarounds that address these vulnerabilities.
Fixed Software
o Cisco has released free software updates that address the vulnerabilities
described in this advisory. Customers may only install and expect support
for software versions and feature sets for which they have purchased a
license. By installing, downloading, accessing, or otherwise using such
software upgrades, customers agree to follow the terms of the Cisco
software license: https://www.cisco.com/c/en/us/products/
end-user-license-agreement.html
Additionally, customers may only download software for which they have a
valid license, procured from Cisco directly, or through a Cisco authorized
reseller or partner. In most cases this will be a maintenance upgrade to
software that was previously purchased. Free security software updates do
not entitle customers to a new software license, additional software
feature sets, or major revision upgrades.
When considering software upgrades, customers are advised to regularly
consult the advisories for Cisco products, which are available from the
Cisco Security Advisories and Alerts page , to determine exposure and a
complete upgrade solution.
In all cases, customers should ensure that the devices to be upgraded
contain sufficient memory and confirm that current hardware and software
configurations will continue to be supported properly by the new release.
If the information is not clear, customers are advised to contact the Cisco
Technical Assistance Center (TAC) or their contracted maintenance
providers.
Customers Without Service Contracts
Customers who purchase directly from Cisco but do not hold a Cisco service
contract and customers who make purchases through third-party vendors but
are unsuccessful in obtaining fixed software through their point of sale
should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c
/en/us/support/web/tsd-cisco-worldwide-contacts.html
Customers should have the product serial number available and be prepared
to provide the URL of this advisory as evidence of entitlement to a free
upgrade.
Fixed Releases
Customers are advised to upgrade to an appropriate release as indicated in
the applicable table in this section. In the following tables, the left
column lists Cisco NX-OS Software releases. The right column indicates the
first release that includes the fix for these vulnerabilities.
Note: A complete fix for these vulnerabilities requires that a proper BIOS
version is installed. Customers who are running an affected product that is
listed in the previously disclosed Cisco advisory
cisco-sa-20190306-nxos-sig-verif may not have upgraded the BIOS when the
software was installed even if they are running a fixed software release.
Customers are advised to confirm that the BIOS is running a fixed BIOS
version (first fixed or later) as described in the previously disclosed
advisory .
Nexus 3000 Series Switches: CSCvj14182 , CSCvj14106 , CSCvj14093
Cisco NX-OS Software Release First Fixed Release for These Vulnerabilities
Prior to 6.0(2) Not vulnerable
6.0(2) Not vulnerable
Prior to 7.0(3)I4 7.0(3)I7(5)
7.0(3)I4 7.0(3)I7(5)
7.0(3)I5 7.0(3)I7(5)
7.0(3)I6 7.0(3)I7(5)
7.0(3)I7 7.0(3)I7(5)
9.2 9.2(2)
Nexus 3600 Platform Switches and Nexus 9500 R-Series Switching Platform:
CSCvk53256 , CSCvk53227 , CSCvk53125
Cisco NX-OS Software Release First Fixed Release for These Vulnerabilities
7.0(3)F3 7.0(3)F3(5)
9.2 9.2(2)
Nexus 9000 Series Switches in Standalone NX-OS Mode: CSCvj14182 ,
CSCvj14106 , CSCvj14093
Cisco NX-OS Software Release First Fixed Release for These Vulnerabilities
Prior to 7.0(3)I4 7.0(3)I7(5)
7.0(3)I4 7.0(3)I7(5)
7.0(3)I5 7.0(3)I7(5)
7.0(3)I6 7.0(3)I7(5)
7.0(3)I7 7.0(3)I7(5)
9.2 9.2(2)
Additional Resources
For help determining the best Cisco NX-OS Software release for a Cisco
Nexus Switch, administrators can refer to the following Recommended
Releases documents. If a security advisory recommends a later release,
Cisco recommends following the advisory guidance.
Cisco MDS Series Switches
Cisco Nexus 1000V for VMware Switch
Cisco Nexus 3000 Series and 3500 Series Switches
Cisco Nexus 5000 Series Switches
Cisco Nexus 5500 Platform Switches
Cisco Nexus 6000 Series Switches
Cisco Nexus 7000 Series Switches
Cisco Nexus 9000 Series Switches
Cisco Nexus 9000 Series ACI-Mode Switches
For help determining the best Cisco NX-OS Software release for Cisco UCS,
refer to the Recommended Releases documents in the release notes for the
device.
Exploitation and Public Announcements
o The Cisco Product Security Incident Response Team (PSIRT) is not aware of
any public announcements or malicious use of the vulnerabilities that are
described in this advisory.
Source
o These vulnerabilities were found during internal security testing.
Cisco Security Vulnerability Policy
o To learn about Cisco security vulnerability disclosure policies and
publications, see the Security Vulnerability Policy . This document also
contains instructions for obtaining fixed software and receiving security
vulnerability information from Cisco.
URL
o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
cisco-sa-20190515-nxos-sisv2
Revision History
o +----------+---------------------------+----------+--------+--------------+
| Version | Description | Section | Status | Date |
+----------+---------------------------+----------+--------+--------------+
| 1.0 | Initial public release. | - | Final | 2019-May-15 |
+----------+---------------------------+----------+--------+--------------+
- -------------------------------------------------------------------------------
Cisco NX-OS Software Arbitrary File Overwrite Vulnerability
Priority: Medium
Advisory ID: cisco-sa-20190515-nxos-file-write
First Published: 2019 May 15 16:00 GMT
Version 1.0: Final
Workarounds: No workarounds availableCisco Bug IDs: CSCvh76022CSCvj03856
CVE-2019-1729
CWE-20
CVSS Score:
6.7 AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X
Summary
o
A vulnerability in the CLI implementation of a specific command used for
image maintenance for Cisco NX-OS Software could allow an authenticated,
local attacker to overwrite any file on the file system including system
files. These file overwrites by the attacker are accomplished at the root
privilege level.
The vulnerability occurs because there is no verification of user-input
parameters and or digital-signature verification for image files when using
a specific CLI command. An attacker could exploit this vulnerability by
authenticating to the device and issuing a command at the CLI. Because an
exploit could allow the attacker to overwrite any file on the disk,
including system files, a denial of service (DoS) condition could occur.
The attacker must have valid administrator credentials for the affected
device to exploit this vulnerability.
Cisco has released software updates that address this vulnerability. There
are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
cisco-sa-20190515-nxos-file-write
Affected Products
o Vulnerable Products
This vulnerability affects the following Cisco products if they are running
a vulnerable release of Cisco NX-OS Software:
Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 3600 Platform Switches
Nexus 9000 Series Switches in standalone NX-OS mode
Nexus 9500 R-Series Switching Platform
For information about which Cisco NX-OS Software releases are vulnerable,
see the Fixed Software section of this advisory.
Products Confirmed Not Vulnerable
Only products listed in the Vulnerable Products section of this advisory
are known to be affected by this vulnerability.
Cisco has confirmed that this vulnerability does not affect the following
Cisco products:
Firepower 2100 Series
Firepower 4100 Series
Firepower 9300 Security Appliances
MDS 9000 Series Multilayer Switches
Nexus 1000V Switch for Microsoft Hyper-V
Nexus 1000V Switch for VMware vSphere
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 7000 Series Switches
Nexus 7700 Series Switches
Nexus 9000 Series Fabric Switches in Application Centric Infrastructure
(ACI) mode
UCS 6200 Series Fabric Interconnects
UCS 6300 Series Fabric Interconnects
UCS 6400 Series Fabric Interconnects
Workarounds
o There are no workarounds that address this vulnerability.
Fixed Software
o Cisco has released free software updates that address the vulnerabilities
described in this advisory. Customers may only install and expect support
for software versions and feature sets for which they have purchased a
license. By installing, downloading, accessing, or otherwise using such
software upgrades, customers agree to follow the terms of the Cisco
software license: https://www.cisco.com/c/en/us/products/
end-user-license-agreement.html
Additionally, customers may only download software for which they have a
valid license, procured from Cisco directly, or through a Cisco authorized
reseller or partner. In most cases this will be a maintenance upgrade to
software that was previously purchased. Free security software updates do
not entitle customers to a new software license, additional software
feature sets, or major revision upgrades.
When considering software upgrades, customers are advised to regularly
consult the advisories for Cisco products, which are available from the
Cisco Security Advisories and Alerts page , to determine exposure and a
complete upgrade solution.
In all cases, customers should ensure that the devices to be upgraded
contain sufficient memory and confirm that current hardware and software
configurations will continue to be supported properly by the new release.
If the information is not clear, customers are advised to contact the Cisco
Technical Assistance Center (TAC) or their contracted maintenance
providers.
Customers Without Service Contracts
Customers who purchase directly from Cisco but do not hold a Cisco service
contract and customers who make purchases through third-party vendors but
are unsuccessful in obtaining fixed software through their point of sale
should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c
/en/us/support/web/tsd-cisco-worldwide-contacts.html
Customers should have the product serial number available and be prepared
to provide the URL of this advisory as evidence of entitlement to a free
upgrade.
Fixed Releases
No upgrade action is necessary for customers who have already applied a
recommended release to address the March 2019 Cisco FXOS and NX-OS Software
bundle. See Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software
Security Advisory Bundled Publication for a list of advisories in the
bundle.
Customers who have not applied a recommended release to address the March
2019 bundle are advised to upgrade to an appropriate release as indicated
in the applicable table in this section. In the following tables, the left
column lists Cisco NX-OS Software releases. The right column indicates the
first release that includes the fix for this vulnerability.
Nexus 3000 Series Switches, Nexus 3500 Platform Switches, and Nexus 9000
Series Switches in Standalone NX-OS Mode: CSCvh76022
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
Prior to 7.0(3)I4 7.0(3)I4(9)
7.0(3)I4 7.0(3)I4(9)
7.0(3)I7 7.0(3)I7(4)
9.2(1) Not vulnerable
Nexus 3600 Platform Switches and Nexus 9500 R-Series Switching Platform:
CSCvj03856
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
7.0(3) 7.0(3)F3(5)
9.2 Not vulnerable
Additional Resources
For help determining the best Cisco NX-OS Software release for a Cisco
Nexus Switch, administrators can refer to the following Recommended
Releases documents. If a security advisory recommends a later release,
Cisco recommends following the advisory guidance.
Cisco MDS Series Switches
Cisco Nexus 1000V for VMware Switch
Cisco Nexus 3000 Series and 3500 Series Switches
Cisco Nexus 5000 Series Switches
Cisco Nexus 5500 Platform Switches
Cisco Nexus 6000 Series Switches
Cisco Nexus 7000 Series Switches
Cisco Nexus 9000 Series Switches
Cisco Nexus 9000 Series ACI-Mode Switches
For help determining the best Cisco NX-OS Software release for Cisco UCS,
refer to the Recommended Releases documents in the release notes for the
device.
Exploitation and Public Announcements
o The Cisco Product Security Incident Response Team (PSIRT) is not aware of
any public announcements or malicious use of the vulnerability that is
described in this advisory.
Source
o This vulnerability was found during internal security testing.
Cisco Security Vulnerability Policy
o To learn about Cisco security vulnerability disclosure policies and
publications, see the Security Vulnerability Policy . This document also
contains instructions for obtaining fixed software and receiving security
vulnerability information from Cisco.
URL
o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
cisco-sa-20190515-nxos-file-write
Revision History
o +----------+---------------------------+----------+--------+--------------+
| Version | Description | Section | Status | Date |
+----------+---------------------------+----------+--------+--------------+
| 1.0 | Initial public release. | - | Final | 2019-May-15 |
+----------+---------------------------+----------+--------+--------------+
- -------------------------------------------------------------------------------
Cisco NX-OS Software Bash Bypass Guest Shell Vulnerability
Priority: Medium
Advisory ID: cisco-sa-20190515-nxos-bash-bypass
First Published: 2019 May 15 16:00 GMT
Version 1.0: Final
Workarounds: No workarounds available
Cisco Bug IDs: CSCvh76090CSCvj01472CSCvj01497
CVE-2019-1730
CWE-264
CVSS Score:
6.0 AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H/E:X/RL:X/RC:X
Summary
o
A vulnerability in the Bash shell implementation for Cisco NX-OS Software
could allow an authenticated, local attacker to bypass the limited command
set of the restricted Guest Shell and execute commands at the privilege
level of a network-admin user outside of the Guest Shell. The attacker must
authenticate with valid administrator device credentials.
The vulnerability is due to the incorrect implementation of a CLI command
that allows a Bash command to be incorrectly invoked on the Guest Shell
CLI. An attacker could exploit this vulnerability by authenticating to the
device and entering a crafted command at the Guest Shell prompt. A
successful exploit could allow the attacker to issue commands that should
be restricted by a Guest Shell account.
Cisco has released software updates that address this vulnerability. There
are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
cisco-sa-20190515-nxos-bash-bypass
Affected Products
o Vulnerable Products
This vulnerability affects the following Cisco products if they are running
a vulnerable release of Cisco NX-OS Software:
Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 3600 Platform Switches
Nexus 7000 Series Switches
Nexus 7700 Series Switches
Nexus 9000 Series Switches in standalone NX-OS mode
Nexus 9500 R-Series Switching Platform
For information about which Cisco NX-OS Software releases are vulnerable,
see the Fixed Software section of this advisory.
Products Confirmed Not Vulnerable
Only products listed in the Vulnerable Products section of this advisory
are known to be affected by this vulnerability.
Cisco has confirmed that this vulnerability does not affect the following
Cisco products:
Firepower 2100 Series
Firepower 4100 Series
Firepower 9300 Security Appliances
MDS 9000 Series Multilayer Switches
Nexus 1000V Switch for Microsoft Hyper-V
Nexus 1000V Switch for VMware vSphere
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 9000 Series Fabric Switches in Application Centric Infrastructure
(ACI) mode
UCS 6200 Series Fabric Interconnects
UCS 6300 Series Fabric Interconnects
UCS 6400 Series Fabric Interconnects
Details
o In addition to the NX-OS CLI, Cisco NX-OS Software can support access to
the Bash shell, which interprets commands that a user enters or that are
read from a shell script. Bash enables access to and is used to manage the
underlying Linux system on the device. In Cisco NX-OS Software, the Bash
shell is accessible from user accounts that are associated with the Cisco
NX-OS dev-ops role or the Cisco NX-OS network-admin role.
For additional information, customers can refer to the Bash chapter of the
Cisco NX-OS Programmability Guide .
Workarounds
o There are no workarounds that address this vulnerability.
Fixed Software
o Cisco has released free software updates that address the vulnerability
described in this advisory. Customers may only install and expect support
for software versions and feature sets for which they have purchased a
license. By installing, downloading, accessing, or otherwise using such
software upgrades, customers agree to follow the terms of the Cisco
software license: https://www.cisco.com/c/en/us/products/
end-user-license-agreement.html
Additionally, customers may only download software for which they have a
valid license, procured from Cisco directly, or through a Cisco authorized
reseller or partner. In most cases this will be a maintenance upgrade to
software that was previously purchased. Free security software updates do
not entitle customers to a new software license, additional software
feature sets, or major revision upgrades.
When considering software upgrades, customers are advised to regularly
consult the advisories for Cisco products, which are available from the
Cisco Security Advisories and Alerts page , to determine exposure and a
complete upgrade solution.
In all cases, customers should ensure that the devices to be upgraded
contain sufficient memory and confirm that current hardware and software
configurations will continue to be supported properly by the new release.
If the information is not clear, customers are advised to contact the Cisco
Technical Assistance Center (TAC) or their contracted maintenance
providers.
Customers Without Service Contracts
Customers who purchase directly from Cisco but do not hold a Cisco service
contract and customers who make purchases through third-party vendors but
are unsuccessful in obtaining fixed software through their point of sale
should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c
/en/us/support/web/tsd-cisco-worldwide-contacts.html
Customers should have the product serial number available and be prepared
to provide the URL of this advisory as evidence of entitlement to a free
upgrade.
Fixed Releases
No upgrade action is necessary for customers who have already applied a
recommended release to address the March 2019 Cisco FXOS and NX-OS Software
bundle. See Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software
Security Advisory Bundled Publication for a list of advisories in the
bundle.
Customers who have not applied a recommended release to address the March
2019 bundle are advised to upgrade to an appropriate release as indicated
in the applicable table in this section. In the following tables, the left
column lists Cisco NX-OS Software releases. The right column indicates the
first release that includes the fix for this vulnerability.
Nexus 3000 Series Switches, Nexus 3500 Platform Switches, and Nexus 9000
Series Switches in Standalone NX-OS Mode: CSCvh76090
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
Prior to 7.0(3)I2 Not vulnerable
7.0(3)I4 7.0(3)I4(9)
7.0(3)I7 7.0(3)I7(4)
9.2(1) Not vulnerable
Nexus 3600 Platform Switches and Nexus 9500 R-Series Switching Platform :
CSCvj01497
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
7.0(3) 7.0(3)F3(5)
9.2 Not vulnerable
Nexus 7000 and 7700 Series Switches: CSCvj01472
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
Prior to 8.3 8.3(1)
8.3 8.3(1)
Additional Resources
For help determining the best Cisco NX-OS Software release for a Cisco
Nexus Switch, administrators can refer to the following Recommended
Releases documents. If a security advisory recommends a later release,
Cisco recommends following the advisory guidance.
Cisco MDS Series Switches
Cisco Nexus 1000V for VMware Switch
Cisco Nexus 3000 Series and 3500 Series Switches
Cisco Nexus 5000 Series Switches
Cisco Nexus 5500 Platform Switches
Cisco Nexus 6000 Series Switches
Cisco Nexus 7000 Series Switches
Cisco Nexus 9000 Series Switches
Cisco Nexus 9000 Series ACI-Mode Switches
For help determining the best Cisco NX-OS Software release for Cisco UCS,
refer to the Recommended Releases documents in the release notes for the
device.
Exploitation and Public Announcements
o The Cisco Product Security Incident Response Team (PSIRT) is not aware of
any public announcements or malicious use of the vulnerability that is
described in this advisory.
Source
o This vulnerability was found during internal security testing.
Cisco Security Vulnerability Policy
o To learn about Cisco security vulnerability disclosure policies and
publications, see the Security Vulnerability Policy . This document also
contains instructions for obtaining fixed software and receiving security
vulnerability information from Cisco.
URL
o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
cisco-sa-20190515-nxos-bash-bypass
Revision History
o +----------+---------------------------+----------+--------+--------------+
| Version | Description | Section | Status | Date |
+----------+---------------------------+----------+--------+--------------+
| 1.0 | Initial public release. | - | Final | 2019-May-15 |
+----------+---------------------------+----------+--------+--------------+
- -------------------------------------------------------------------------------
Cisco NX-OS Software Buffer Overflow and Command Injection Vulnerabilities
Priority: Medium
Advisory ID: cisco-sa-20190515-nxos-overflow-inj
First Published: 2019 May 15 16:00 GMT
Version 1.0: Final
Workarounds: No workarounds availableCisco Bug IDs: CSCvh76129CSCvh76132CSCvj00497CSCvj10162
CVE-2019-1767
CVE-2019-1768
CWE-119
CWE-77
CVSS Score:
6.7 AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X
Summary
o Multiple vulnerabilities in the implementation of a specific CLI command
for Cisco NX-OS Software could allow an authenticated, local attacker with
administrator credentials to cause a buffer overflow condition or perform
command injection. This could allow the attacker to execute arbitrary
commands with elevated privileges on the underlying operating system of an
affected device.
The vulnerabilities are due to insufficient validation of arguments passed
to a certain CLI command. An attacker could exploit these vulnerabilities
by including malicious input as the argument of the affected CLI command. A
successful exploit could allow the attacker to execute arbitrary commands
on the underlying operating system with root privileges. An attacker would
need valid administrator credentials to exploit these vulnerabilities.
Cisco has released software updates that address these vulnerabilities.
There are no workarounds that address these vulnerabilities.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
cisco-sa-20190515-nxos-overflow-inj
Affected Products
o Vulnerable Products
These vulnerabilities affect the following Cisco products if they are
running a vulnerable release of Cisco NX-OS Software:
Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 3600 Platform Switches
Nexus 9000 Series Switches in standalone NX-OS mode
Nexus 9500 R-Series Switching Platform
For information about which Cisco NX-OS Software releases are vulnerable,
see the Fixed Software section of this advisory.
Products Confirmed Not Vulnerable
Only products listed in the Vulnerable Products section of this advisory
are known to be affected by these vulnerabilities.
Cisco has confirmed that these vulnerabilities do not affect the following
Cisco products:
Firepower 2100 Series
Firepower 4100 Series
Firepower 9300 Security Appliances
MDS 9000 Series Multilayer Switches
Nexus 1000V Switch for Microsoft Hyper-V
Nexus 1000V Switch for VMware vSphere
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 7000 Series Switches
Nexus 7700 Series Switches
Nexus 9000 Series Fabric Switches in Application Centric Infrastructure
(ACI) mode
UCS 6200 Series Fabric Interconnects
UCS 6300 Series Fabric Interconnects
UCS 6400 Series Fabric Interconnects
Workarounds
o There are no workarounds that address these vulnerabilities.
Fixed Software
o Cisco has released free software updates that address the vulnerabilities
described in this advisory. Customers may only install and expect support
for software versions and feature sets for which they have purchased a
license. By installing, downloading, accessing, or otherwise using such
software upgrades, customers agree to follow the terms of the Cisco
software license: https://www.cisco.com/c/en/us/products/
end-user-license-agreement.html
Additionally, customers may only download software for which they have a
valid license, procured from Cisco directly, or through a Cisco authorized
reseller or partner. In most cases this will be a maintenance upgrade to
software that was previously purchased. Free security software updates do
not entitle customers to a new software license, additional software
feature sets, or major revision upgrades.
When considering software upgrades, customers are advised to regularly
consult the advisories for Cisco products, which are available from the
Cisco Security Advisories and Alerts page , to determine exposure and a
complete upgrade solution.
In all cases, customers should ensure that the devices to be upgraded
contain sufficient memory and confirm that current hardware and software
configurations will continue to be supported properly by the new release.
If the information is not clear, customers are advised to contact the Cisco
Technical Assistance Center (TAC) or their contracted maintenance
providers.
Customers Without Service Contracts
Customers who purchase directly from Cisco but do not hold a Cisco service
contract and customers who make purchases through third-party vendors but
are unsuccessful in obtaining fixed software through their point of sale
should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c
/en/us/support/web/tsd-cisco-worldwide-contacts.html
Customers should have the product serial number available and be prepared
to provide the URL of this advisory as evidence of entitlement to a free
upgrade.
Fixed Releases
No upgrade action is necessary for customers who have already applied a
recommended release to address the March 2019 Cisco FXOS and NX-OS Software
bundle. See Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software
Security Advisory Bundled Publication for a list of advisories in the
bundle.
Customers who have not applied a recommended release to address the March
2019 bundle are advised to upgrade to an appropriate release as indicated
in the applicable table in this section. In the following tables, the left
column lists Cisco NX-OS Software releases. The right column indicates the
first release that includes the fix for these vulnerabilities.
Nexus 3000 Series Switches, Nexus 3500 Platform Switches, and Nexus 9000
Series Switches in Standalone NX-OS Mode: CSCvh76132 and CSCvh76129
Cisco NX-OS Software Release First Fixed Release for These Vulnerabilities
Prior to 7.0(3)I4 7.0(3)I4(8)
7.0(3)I4 7.0(3)I4(8)
7.0(3)I7 7.0(3)I7(3)
9.2(1) Not vulnerable
Nexus 3600 Platform Switches and Nexus 9500 R-Series Switching Platform:
CSCvj00497 and CSCvj10162
Cisco NX-OS Software Release First Fixed Release for These Vulnerabilities
7.0(3) 7.0(3)F3(5)
9.2 Not vulnerable
Additional Resources
For help determining the best Cisco NX-OS Software release for a Cisco
Nexus Switch, administrators can refer to the following Recommended
Releases documents. If a security advisory recommends a later release,
Cisco recommends following the advisory guidance.
Cisco MDS Series Switches
Cisco Nexus 1000V for VMware Switch
Cisco Nexus 3000 Series and 3500 Series Switches
Cisco Nexus 5000 Series Switches
Cisco Nexus 5500 Platform Switches
Cisco Nexus 6000 Series Switches
Cisco Nexus 7000 Series Switches
Cisco Nexus 9000 Series Switches
Cisco Nexus 9000 Series ACI-Mode Switches
For help determining the best Cisco NX-OS Software release for Cisco UCS,
refer to the Recommended Releases documents in the release notes for the
device.
Exploitation and Public Announcements
o The Cisco Product Security Incident Response Team (PSIRT) is not aware of
any public announcements or malicious use of the vulnerabilities that are
described in this advisory.
Source
o These vulnerabilities were found during internal security testing.
Cisco Security Vulnerability Policy
o To learn about Cisco security vulnerability disclosure policies and
publications, see the Security Vulnerability Policy . This document also
contains instructions for obtaining fixed software and receiving security
vulnerability information from Cisco.
URL
o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
cisco-sa-20190515-nxos-overflow-inj
Revision History
o +----------+---------------------------+----------+--------+--------------+
| Version | Description | Section | Status | Date |
+----------+---------------------------+----------+--------+--------------+
| 1.0 | Initial public release. | - | Final | 2019-May-15 |
+----------+---------------------------+----------+--------+--------------+
- -------------------------------------------------------------------------------
Cisco NX-OS Software CLI Bypass to Internal Service Vulnerability
Priority: Medium
Advisory ID: cisco-sa-20190515-nxos-cli-bypass
First Published: 2019 May 15 16:00 GMT
Version 1.0: Final
Workarounds: No workarounds available
CVE-2019-1726
CWE-20
CVSS Score:
5.3 AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:X/RL:X/RC:X
Summary
o
A vulnerability in the CLI of Cisco NX-OS Software could allow an
authenticated, local attacker to access internal services that should be
restricted on an affected device, such as the NX-API.
The vulnerability is due to insufficient validation of arguments passed to
a certain CLI command. An attacker could exploit this vulnerability by
including malicious input as the argument to the affected command. A
successful exploit could allow the attacker to bypass intended restrictions
and access internal services of the device. An attacker would need valid
device credentials to exploit this vulnerability.
Cisco has released software updates that address this vulnerability. There
are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
cisco-sa-20190515-nxos-cli-bypass
Affected Products
o Vulnerable Products
This vulnerability affects the following Cisco products if they are running
a vulnerable release of Cisco NX-OS Software:
MDS 9000 Series Multilayer Switches
Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 3600 Platform Switches
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 7000 Series Switches
Nexus 7700 Series Switches
Nexus 9000 Series Switches in standalone NX-OS mode
Nexus 9500 R-Series Switching Platform
UCS 6200 Series Fabric Interconnects
UCS 6300 Series Fabric Interconnects
UCS 6400 Series Fabric Interconnects
For information about which Cisco NX-OS Software releases are vulnerable,
see the Fixed Software section of this advisory.
Products Confirmed Not Vulnerable
Only products listed in the Vulnerable Products section of this advisory
are known to be affected by this vulnerability.
Cisco has confirmed that this vulnerability does not affect the following
Cisco products:
Firepower 2100 Series
Firepower 4100 Series
Firepower 9300 Security Appliances
Nexus 1000V Switch for Microsoft Hyper-V
Nexus 1000V Switch for VMware vSphere
Nexus 9000 Series Fabric Switches in Application Centric Infrastructure
(ACI) mode
Workarounds
o There are no workarounds that address this vulnerability.
Fixed Software
o Cisco has released free software updates that address the vulnerability
described in this advisory. Customers may only install and expect support
for software versions and feature sets for which they have purchased a
license. By installing, downloading, accessing, or otherwise using such
software upgrades, customers agree to follow the terms of the Cisco
software license: https://www.cisco.com/c/en/us/products/
end-user-license-agreement.html
Additionally, customers may only download software for which they have a
valid license, procured from Cisco directly, or through a Cisco authorized
reseller or partner. In most cases this will be a maintenance upgrade to
software that was previously purchased. Free security software updates do
not entitle customers to a new software license, additional software
feature sets, or major revision upgrades.
When considering software upgrades, customers are advised to regularly
consult the advisories for Cisco products, which are available from the
Cisco Security Advisories and Alerts page , to determine exposure and a
complete upgrade solution.
In all cases, customers should ensure that the devices to be upgraded
contain sufficient memory and confirm that current hardware and software
configurations will continue to be supported properly by the new release.
If the information is not clear, customers are advised to contact the Cisco
Technical Assistance Center (TAC) or their contracted maintenance
providers.
Customers Without Service Contracts
Customers who purchase directly from Cisco but do not hold a Cisco service
contract and customers who make purchases through third-party vendors but
are unsuccessful in obtaining fixed software through their point of sale
should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c
/en/us/support/web/tsd-cisco-worldwide-contacts.html
Customers should have the product serial number available and be prepared
to provide the URL of this advisory as evidence of entitlement to a free
upgrade.
Fixed Releases
No upgrade action is necessary for customers who have already applied a
recommended release to address the March 2019 Cisco FXOS and NX-OS Software
bundle. See Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software
Security Advisory Bundled Publication for a list of advisories in the
bundle.
Customers who have not applied a recommended release to address the March
2019 bundle are advised to upgrade to an appropriate release as indicated
in the applicable table in this section. In the following tables, the left
column lists Cisco NX-OS Software releases. The right column indicates the
first release that includes the fix for this vulnerability.
MDS 9000 Series Multilayer Switches: CSCvi99248
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
5.2 6.2(25)
6.2 6.2(25)
7.3 8.3(2)
8.1 8.3(2)
8.2 8.3(2)
8.3 8.3(2)
Nexus 3000 Series Switches and Nexus 9000 Series Switches in Standalone
NX-OS Mode: CSCvh24771
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
Prior to 7.0(3)I7 7.0(3)I7(3)
7.0(3)I7 7.0(3)I7(3)
9.2(1) Not vulnerable
Nexus 3500 Platform Switches: CSCvi99250
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
Prior to 6.0(2)A8 6.0(2)A8(11)
6.0(2)A8 6.0(2)A8(11)
7.0(3) 7.0(3)I7(3)
9.2 Not vulnerable
Nexus 3600 Platform Switches and Nexus 9500 R-Series Switching Platform:
CSCvi99247
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
7.0(3) 9.2(1)
9.2 9.2(1)
Nexus 5500, 5600, and 6000 Series Switches: CSCvi99251
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
Prior to 7.3 7.3(4)N1(1)
7.3 7.3(4)N1(1)
Nexus 7000 and 7700 Series Switches: CSCvi99248
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
Prior to 6.2 6.2(22)
6.2 6.2(22)
7.2 7.3(3)D1(1)
7.3 7.3(3)D1(1)
8.0 8.3(2)
8.1 8.3(2)
8.2 8.3(2)
8.3 8.3(2)
UCS 6200, 6300, and 6400 Series Fabric Interconnects: CSCvi99252 and
CSCvn11851
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
Prior to 4.0 4.0(1d)
4.0 4.0(1d)
Additional Resources
For help determining the best Cisco NX-OS Software release for a Cisco
Nexus Switch, administrators can refer to the following Recommended
Releases documents. If a security advisory recommends a later release,
Cisco recommends following the advisory guidance.
Cisco MDS Series Switches
Cisco Nexus 1000V for VMware Switch
Cisco Nexus 3000 Series and 3500 Series Switches
Cisco Nexus 5000 Series Switches
Cisco Nexus 5500 Platform Switches
Cisco Nexus 6000 Series Switches
Cisco Nexus 7000 Series Switches
Cisco Nexus 9000 Series Switches
Cisco Nexus 9000 Series ACI-Mode Switches
For help determining the best Cisco NX-OS Software release for Cisco UCS,
refer to the Recommended Releases documents in the release notes for the
device.
Exploitation and Public Announcements
o The Cisco Product Security Incident Response Team (PSIRT) is not aware of
any public announcements or malicious use of the vulnerability that is
described in this advisory.
Source
o This vulnerability was found during internal security testing.
Cisco Security Vulnerability Policy
o To learn about Cisco security vulnerability disclosure policies and
publications, see the Security Vulnerability Policy . This document also
contains instructions for obtaining fixed software and receiving security
vulnerability information from Cisco.
URL
o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
cisco-sa-20190515-nxos-cli-bypass
Revision History
o +----------+---------------------------+----------+--------+--------------+
| Version | Description | Section | Status | Date |
+----------+---------------------------+----------+--------+--------------+
| 1.0 | Initial public release. | - | Final | 2019-May-15 |
+----------+---------------------------+----------+--------+--------------+
- -------------------------------------------------------------------------------
Cisco NX-OS Software Command Injection Vulnerabilities (CVE-2019-1774,
CVE-2019-1775)
Priority: Medium
Advisory ID: cisco-sa-20190515-nxos-cmdinj-1774-1775
First Published: 2019 May 15 16:00 GMT
Version 1.0: Final
Workarounds: No workarounds availableCisco Bug IDs: CSCvh75895 CSCvh75909 CSCvh75968 CSCvh75976CSCvi92256 CSCvi92258 CSCvi92260 CSCvi99195CSCvi99197 CSCvi99198
CVE-2019-1774
CVE-2019-1775
CWE-78
CVSS Score:
6.7 AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X
Summary
o Multiple vulnerabilities in the CLI of Cisco NX-OS Software could allow an
authenticated, local attacker to execute arbitrary commands on the
underlying operating system of an affected device.
These vulnerabilities are due to insufficient validation of arguments
passed to certain CLI commands. An attacker could exploit these
vulnerabilities by including malicious input as the argument of an affected
command. A successful exploit could allow the attacker to execute arbitrary
commands on the underlying operating system with elevated privileges. An
attacker would need valid administrator credentials to exploit these
vulnerabilities.
Cisco has released software updates that address these vulnerabilities.
There are no workarounds that address these vulnerabilities.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
cisco-sa-20190515-nxos-cmdinj-1774-1775
Affected Products
o Vulnerable Products
These vulnerabilities affect the following Cisco products if they are
running a vulnerable release of Cisco NX-OS Software:
MDS 9000 Series Multilayer Switches
Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 3600 Platform Switches
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 7000 Series Switches
Nexus 7700 Series Switches
Nexus 9000 Series Switches in standalone NX-OS mode
Nexus 9500 R-Series Switching Platform
For information about which Cisco NX-OS Software releases are vulnerable,
see the Fixed Software section of this advisory.
Products Confirmed Not Vulnerable
Only products listed in the Vulnerable Products section of this advisory
are known to be affected by these vulnerabilities.
Cisco has confirmed that these vulnerabilities do not affect the following
Cisco products:
Firepower 2100 Series
Firepower 4100 Series
Firepower 9300 Security Appliances
Nexus 1000V Switch for Microsoft Hyper-V
Nexus 1000V Switch for VMware vSphere
Nexus 9000 Series Fabric Switches in Application Centric Infrastructure
(ACI) mode
UCS 6200 Series Fabric Interconnects
UCS 6300 Series Fabric Interconnects
UCS 6400 Series Fabric Interconnects
Details
o Cisco has disclosed several similar CLI command injection vulnerabilities.
They differ primarily in affected products and software versions. This
table shows the affected products for each vulnerability by Cisco bug ID
and CVE ID.
Security FP 4100/ MDS 9K/ N1000V N3K/N3500/ N3600/ N5500K/ UCS 6200/
Advisory 9300 N7K/ MS/VM N9K-NXOS N9500R N5600/ UCS 6300
N7700 ^1 N6K UCS 6400 ^
2
Cisco NX-OS N/A CSCvj63728 CSCvk52969 CSCvj63877 CSCvk52988 CSCvk52972 CSCvk52975
Software CSCvk52985 CSCvk52971
Command
Injection
Vulnerability
(CVE-2019-1735)
Cisco NX-OS N/A N/A N/A CSCvh20032 CSCvj00299 N/A N/A
Software Line
Card Command
Injection
Vulnerability
(CVE-2019-1769)
Cisco NX-OS N/A CSCvh75867 CSCvi92240 CSCvh75958 CSCvi92239 CSCvi92243 N/A
Software ^1 CSCvk36294 CSCvi92242
Command
Injection
Vulnerability
(CVE-2019-1770)
Cisco NX-OS N/A CSCvh75895 N/A CSCvh75968 CSCvi99195 CSCvi99198 N/A
Software CSCvh75909 CSCvh75976 CSCvi92256 CSCvi92260
Command CSCvi99197
Injection CSCvi92258
Vulnerabilities
(CVE-2019-1774,
CVE-2019-1775)
Cisco NX-OS N/A CSCvh20081 N/A CSCvh20076 CSCvi96429 CSCvi96432 CSCvi96433
Software CSCvi96431 ^2
Command
Injection
Vulnerability
(CVE-2019-1776)
Cisco NX-OS N/A N/A N/A CSCvh75996 CSCvj03877 N/A N/A
Software
Command
Injection
Vulnerability
(CVE-2019-1778)
Cisco FXOS and CSCvj00418 CSCve51688 N/A CSCvh76126 CSCvj00412 CSCvj00416 N/A
NX-OS Software
Command
Injection
Vulnerability
(CVE-2019-1779)
Cisco FXOS and CSCvi92332 CSCvi01440 N/A CSCvi01431 CSCvi92326 CSCvi92329 N/A
NX-OS Software CSCvi92328
Command
Injection
Vulnerability
(CVE-2019-1780)
Cisco FXOS and CSCvi96527 CSCvi01448 N/A CSCvi01445 CSCvi96522 CSCvi96525 CSCvi96526
NX-OS Software CSCvi92130 CSCvh20389 CSCvh20027 CSCvi91985 CSCvi92128 ^2
Command CSCvi96524 CSCvi92129
Injection CSCvi92126 ^2
Vulnerabilities
(CVE-2019-1781,
CVE-2019-1782)
Cisco NX-OS N/A CSCvi42281 N/A N/A N/A CSCvj03966 N/A
Software ^1
Command
Injection
Vulnerability
(CVE-2019-1783)
Cisco NX-OS N/A CSCvi42292 N/A N/A N/A CSCvj12273 CSCvj12274
Software ^1 ^2
Command
Injection
Vulnerability
(CVE-2019-1784)
Cisco NX-OS N/A CSCvh20112 N/A CSCvh20096 CSCvi96504 CSCvi96509 CSCvi96510
Software ^2
Command
Injection
Vulnerability
(CVE-2019-1790)
Cisco NX-OS N/A CSCvj63667 N/A CSCvj63270 CSCvk50889 CSCvk50876 N/A
Software CSCvk50873
Command
Injection
Vulnerability
(CVE-2019-1791)
Cisco FXOS and CSCvh66259 CSCvh20359 CSCvh66257 CSCvh20029 CSCvh66202 CSCvh66214 CSCvh66243
NX-OS Software CSCvk30761 CSCvh66219 ^2
Command
Injection
Vulnerability
(CVE-2019-1795)
1. CSCvh75867, CSCvi42281, and CSCvi42292 apply to only Nexus 7000 Series
and Nexus 7700 Series Switches. The MDS 9000 Series Multilayer Switches are
not affected by these vulnerabilities.
2. CSCvk52975 applies to UCS 6200, 6300, and 6400. For all other UCS
defects, only UCS 6200 and 6300 are affected (and UCS 6400 is not
affected).
Workarounds
o There are no workarounds that address these vulnerabilities.
Fixed Software
o Cisco has released free software updates that address the vulnerabilities
described in this advisory. Customers may only install and expect support
for software versions and feature sets for which they have purchased a
license. By installing, downloading, accessing, or otherwise using such
software upgrades, customers agree to follow the terms of the Cisco
software license: https://www.cisco.com/c/en/us/products/
end-user-license-agreement.html
Additionally, customers may only download software for which they have a
valid license, procured from Cisco directly, or through a Cisco authorized
reseller or partner. In most cases this will be a maintenance upgrade to
software that was previously purchased. Free security software updates do
not entitle customers to a new software license, additional software
feature sets, or major revision upgrades.
When considering software upgrades, customers are advised to regularly
consult the advisories for Cisco products, which are available from the
Cisco Security Advisories and Alerts page , to determine exposure and a
complete upgrade solution.
In all cases, customers should ensure that the devices to be upgraded
contain sufficient memory and confirm that current hardware and software
configurations will continue to be supported properly by the new release.
If the information is not clear, customers are advised to contact the Cisco
Technical Assistance Center (TAC) or their contracted maintenance
providers.
Customers Without Service Contracts
Customers who purchase directly from Cisco but do not hold a Cisco service
contract and customers who make purchases through third-party vendors but
are unsuccessful in obtaining fixed software through their point of sale
should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c
/en/us/support/web/tsd-cisco-worldwide-contacts.html
Customers should have the product serial number available and be prepared
to provide the URL of this advisory as evidence of entitlement to a free
upgrade.
Fixed Releases
No upgrade action is necessary for customers who have already applied a
recommended release to address the March 2019 Cisco FXOS and NX-OS Software
bundle. See Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software
Security Advisory Bundled Publication for a list of advisories in the
bundle.
Customers who have not applied a recommended release to address the March
2019 bundle are advised to upgrade to an appropriate release as indicated
in the applicable table in this section. In the following tables, the left
column lists Cisco NX-OS Software releases. The right column indicates the
first release that includes the fix for the vulnerabilities that are
described in this advisory.
MDS 9000 Series Multilayer Switches: CSCvh75895 and CSCvh75909
Cisco NX-OS Software Release First Fixed Release for These Vulnerabilities
5.2 6.2(25)
6.2 6.2(25)
7.3 8.1(1b)
8.1 8.1(1b)
8.2 8.3(1)
8.3 8.3(1)
Nexus 3000 Series Switches and Nexus 9000 Series Switches in Standalone
NX-OS Mode: CSCvh75968 and CSCvh75976
Cisco NX-OS Software Release First Fixed Release for These Vulnerabilities
Prior to 7.0(3)I4 7.0(3)I4(9)
7.0(3)I4 7.0(3)I4(9)
7.0(3)I7 7.0(3)I7(4)
9.2(1) Not vulnerable
Nexus 3500 Platform Switches: CSCvi99197 and CSCvi92258
Cisco NX-OS Software Release First Fixed Release for These Vulnerabilities
Prior to 6.0(2)A8 6.0(2)A8(11)
6.0(2)A8 6.0(2)A8(11)
7.0(3)I4 7.0(3)I4(9)
7.0(3)I7 7.0(3)I7(4)
9.2 Not vulnerable
Nexus 3600 Platform Switches and Nexus 9500 R-Series Switching Platform:
CSCvi99195 and CSCvi92256
Cisco NX-OS Software Release First Fixed Release for These Vulnerabilities
7.0(3) 7.0(3)F3(5)
9.2 Not vulnerable
Nexus 5500, 5600, and 6000 Series Switches: CSCvi99198 and CSCvi92260
Cisco NX-OS Software Release First Fixed Release for These Vulnerabilities
Prior to 7.3 7.3(4)N1(1)
7.3 7.3(4)N1(1)
Nexus 7000 and 7700 Series Switches: CSCvh75895 and CSCvh75909
Cisco NX-OS Software Release First Fixed Release for These Vulnerabilities
Prior to 6.2 6.2(22)
6.2 6.2(22)
7.2 7.3(3)D1(1)
7.3 7.3(3)D1(1)
8.0 8.3(1)
8.1 8.3(1)
8.2 8.3(1)
8.3 8.3(1)
Additional Resources
For help determining the best Cisco NX-OS Software release for a Cisco
Nexus Switch, administrators can refer to the following Recommended
Releases documents. If a security advisory recommends a later release,
Cisco recommends following the advisory guidance.
Cisco MDS Series Switches
Cisco Nexus 1000V for VMware Switch
Cisco Nexus 3000 Series and 3500 Series Switches
Cisco Nexus 5000 Series Switches
Cisco Nexus 5500 Platform Switches
Cisco Nexus 6000 Series Switches
Cisco Nexus 7000 Series Switches
Cisco Nexus 9000 Series Switches
Cisco Nexus 9000 Series ACI-Mode Switches
For help determining the best Cisco NX-OS Software release for Cisco UCS,
refer to the Recommended Releases documents in the release notes for the
device.
Exploitation and Public Announcements
o The Cisco Product Security Incident Response Team (PSIRT) is not aware of
any public announcements or malicious use of the vulnerabilities that are
described in this advisory.
Source
o These vulnerabilities were found during internal security testing.
Cisco Security Vulnerability Policy
o To learn about Cisco security vulnerability disclosure policies and
publications, see the Security Vulnerability Policy . This document also
contains instructions for obtaining fixed software and receiving security
vulnerability information from Cisco.
URL
o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
cisco-sa-20190515-nxos-cmdinj-1774-1775
Revision History
o +----------+---------------------------+----------+--------+--------------+
| Version | Description | Section | Status | Date |
+----------+---------------------------+----------+--------+--------------+
| 1.0 | Initial public release. | - | Final | 2019-May-15 |
+----------+---------------------------+----------+--------+--------------+
- -------------------------------------------------------------------------------
Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1735)
Priority: Medium
Advisory ID: cisco-sa-20190515-nxos-cmdinj-1735
First Published: 2019 May 15 16:00 GMT
Version 1.0: Final
Workarounds: No workarounds availableCisco Bug IDs: CSCvj63728 CSCvj63877 CSCvk52969 CSCvk52971CSCvk52972 CSCvk52975 CSCvk52985 CSCvk52988
CVE-2019-1735
CWE-77
CVSS Score:
4.4 AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:X/RL:X/RC:X
Summary
o A vulnerability in the CLI of Cisco NX-OS Software could allow an
authenticated, local attacker to execute arbitrary commands with elevated
privileges on the underlying operating system of an affected device.
The vulnerability is due to insufficient validation of arguments passed to
certain CLI commands. An attacker could exploit this vulnerability by
including malicious input as the argument of an affected command. A
successful exploit could allow the attacker to execute arbitrary commands
on the underlying operating system with elevated privileges. An attacker
would need valid user credentials to exploit this vulnerability.
Cisco has released software updates that address this vulnerability. There
are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
cisco-sa-20190515-nxos-cmdinj-1735
Affected Products
o Vulnerable Products
This vulnerability affects the following Cisco products if they are running
a vulnerable release of Cisco NX-OS Software:
MDS 9000 Series Multilayer Switches
Nexus 1000 Virtual Edge
Nexus 1000V Switch for Microsoft Hyper-V
Nexus 1000V Switch for VMware vSphere
Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 3600 Platform Switches
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 7000 Series Switches
Nexus 7700 Series Switches
Nexus 9000 Series Switches in standalone NX-OS mode
Nexus 9500 R-Series Switching Platform
UCS 6200 Series Fabric Interconnects
UCS 6300 Series Fabric Interconnects
UCS 6400 Series Fabric Interconnects
For information about which Cisco NX-OS Software releases are vulnerable,
see the Fixed Software section of this advisory.
Products Confirmed Not Vulnerable
Only products listed in the Vulnerable Products section of this advisory
are known to be affected by this vulnerability.
Cisco has confirmed that this vulnerability does not affect the following
Cisco products:
Firepower 2100 Series
Firepower 4100 Series
Firepower 9300 Security Appliances
Nexus 9000 Series Fabric Switches in Application Centric Infrastructure
(ACI) mode
Details
o Cisco has disclosed several similar CLI command injection vulnerabilities.
They differ primarily in affected products and software versions. This
table shows the affected products for each vulnerability by Cisco bug ID
and CVE ID.
Security FP 4100/ MDS 9K/ N1000V N3K/N3500/ N3600/ N5500K/ UCS 6200/
Advisory 9300 N7K/ MS/VM N9K-NXOS N9500R N5600/ UCS 6300
N7700 ^1 N6K UCS 6400 ^
2
Cisco NX-OS N/A CSCvj63728 CSCvk52969 CSCvj63877 CSCvk52988 CSCvk52972 CSCvk52975
Software CSCvk52985 CSCvk52971
Command
Injection
Vulnerability
(CVE-2019-1735)
Cisco NX-OS N/A N/A N/A CSCvh20032 CSCvj00299 N/A N/A
Software Line
Card Command
Injection
Vulnerability
(CVE-2019-1769)
Cisco NX-OS N/A CSCvh75867 CSCvi92240 CSCvh75958 CSCvi92239 CSCvi92243 N/A
Software ^1 CSCvk36294 CSCvi92242
Command
Injection
Vulnerability
(CVE-2019-1770)
Cisco NX-OS N/A CSCvh75895 N/A CSCvh75968 CSCvi99195 CSCvi99198 N/A
Software CSCvh75909 CSCvh75976 CSCvi92256 CSCvi92260
Command CSCvi99197
Injection CSCvi92258
Vulnerabilities
(CVE-2019-1774,
CVE-2019-1775)
Cisco NX-OS N/A CSCvh20081 N/A CSCvh20076 CSCvi96429 CSCvi96432 CSCvi96433
Software CSCvi96431 ^2
Command
Injection
Vulnerability
(CVE-2019-1776)
Cisco NX-OS N/A N/A N/A CSCvh75996 CSCvj03877 N/A N/A
Software
Command
Injection
Vulnerability
(CVE-2019-1778)
Cisco FXOS and CSCvj00418 CSCve51688 N/A CSCvh76126 CSCvj00412 CSCvj00416 N/A
NX-OS Software
Command
Injection
Vulnerability
(CVE-2019-1779)
Cisco FXOS and CSCvi92332 CSCvi01440 N/A CSCvi01431 CSCvi92326 CSCvi92329 N/A
NX-OS Software CSCvi92328
Command
Injection
Vulnerability
(CVE-2019-1780)
Cisco FXOS and CSCvi96527 CSCvi01448 N/A CSCvi01445 CSCvi96522 CSCvi96525 CSCvi96526
NX-OS Software CSCvi92130 CSCvh20389 CSCvh20027 CSCvi91985 CSCvi92128 ^2
Command CSCvi96524 CSCvi92129
Injection CSCvi92126 ^2
Vulnerabilities
(CVE-2019-1781,
CVE-2019-1782)
Cisco NX-OS N/A CSCvi42281 N/A N/A N/A CSCvj03966 N/A
Software ^1
Command
Injection
Vulnerability
(CVE-2019-1783)
Cisco NX-OS N/A CSCvi42292 N/A N/A N/A CSCvj12273 CSCvj12274
Software ^1 ^2
Command
Injection
Vulnerability
(CVE-2019-1784)
Cisco NX-OS N/A CSCvh20112 N/A CSCvh20096 CSCvi96504 CSCvi96509 CSCvi96510
Software ^2
Command
Injection
Vulnerability
(CVE-2019-1790)
Cisco NX-OS N/A CSCvj63667 N/A CSCvj63270 CSCvk50889 CSCvk50876 N/A
Software CSCvk50873
Command
Injection
Vulnerability
(CVE-2019-1791)
Cisco FXOS and CSCvh66259 CSCvh20359 CSCvh66257 CSCvh20029 CSCvh66202 CSCvh66214 CSCvh66243
NX-OS Software CSCvk30761 CSCvh66219 ^2
Command
Injection
Vulnerability
(CVE-2019-1795)
1. CSCvh75867, CSCvi42281, and CSCvi42292 apply to only Nexus 7000 Series
and Nexus 7700 Series Switches. The MDS 9000 Series Multilayer Switches are
not affected by these vulnerabilities.
2. CSCvk52975 applies to UCS 6200, 6300, and 6400. For all other UCS
defects, only UCS 6200 and 6300 are affected (and UCS 6400 is not
affected).
Workarounds
o There are no workarounds that address this vulnerability.
Fixed Software
o Cisco has released free software updates that address the vulnerability
described in this advisory. Customers may only install and expect support
for software versions and feature sets for which they have purchased a
license. By installing, downloading, accessing, or otherwise using such
software upgrades, customers agree to follow the terms of the Cisco
software license: https://www.cisco.com/c/en/us/products/
end-user-license-agreement.html
Additionally, customers may only download software for which they have a
valid license, procured from Cisco directly, or through a Cisco authorized
reseller or partner. In most cases this will be a maintenance upgrade to
software that was previously purchased. Free security software updates do
not entitle customers to a new software license, additional software
feature sets, or major revision upgrades.
When considering software upgrades, customers are advised to regularly
consult the advisories for Cisco products, which are available from the
Cisco Security Advisories and Alerts page , to determine exposure and a
complete upgrade solution.
In all cases, customers should ensure that the devices to be upgraded
contain sufficient memory and confirm that current hardware and software
configurations will continue to be supported properly by the new release.
If the information is not clear, customers are advised to contact the Cisco
Technical Assistance Center (TAC) or their contracted maintenance
providers.
Customers Without Service Contracts
Customers who purchase directly from Cisco but do not hold a Cisco service
contract and customers who make purchases through third-party vendors but
are unsuccessful in obtaining fixed software through their point of sale
should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c
/en/us/support/web/tsd-cisco-worldwide-contacts.html
Customers should have the product serial number available and be prepared
to provide the URL of this advisory as evidence of entitlement to a free
upgrade.
Fixed Releases
No upgrade action is necessary for customers who have already applied a
recommended release to address the March 2019 Cisco FXOS and NX-OS Software
bundle. See Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software
Security Advisory Bundled Publication for a list of advisories in the
bundle.
Customers who have not applied a recommended release to address the March
2019 bundle are advised to upgrade to an appropriate release as indicated
in the applicable table in this section. In the following tables, the left
column lists Cisco NX-OS Software releases. The right column indicates the
first release that includes the fix for this vulnerability.
MDS 9000 Series Multilayer Switches: CSCvj63728
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
Prior to 8.3 8.3(1)
8.3 8.3(1)
Nexus 1000 Virtual Edge: CSCvk52969
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
5.2 5.2(1)SV5(1.1)
Nexus 1000V Switch for Microsoft Hyper-V: CSCvk52985
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
Prior to 5.2 No fix available
5.2 No fix available
Nexus 1000V Switch for VMware vSphere: CSCvk52969
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
Prior to 5.2 5.2(1)SV3(4.1a)
5.2 5.2(1)SV3(4.1a)
Nexus 3000 Series Switches and Nexus 9000 Series Switches in Standalone
NX-OS Mode: CSCvj63877
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
Prior to 7.0(3)I4 7.0(3)I4(9)
7.0(3)I4 7.0(3)I4(9)
7.0(3)I7 7.0(3)I7(6)
9.2(1) Not vulnerable
Nexus 3500 Platform Switches: CSCvk52971
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
Prior to 6.0(2)A8 6.0(2)A8(11)
6.0(2)A8 6.0(2)A8(11)
7.0(3)I4 7.0(3)I4(9)
7.0(3)I7 7.0(3)I7(6)
9.2 Not vulnerable
Nexus 3600 Platform Switches and Nexus 9500 R-Series Switching Platform:
CSCvk52988
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
7.0(3) 7.0(3)F3(5)
9.2 Not vulnerable
Nexus 5500 and 5600 Platform Switches and 6000 Series Switches: CSCvk52972
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
Prior to 7.3 7.3(4)N1(1)
7.3 7.3(4)N1(1)
Nexus 7000 and 7700 Series Switches: CSCvj63728
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
Prior to 6.2 6.2(22)
6.2 6.2(22)
7.2 7.3(3)D1(1)
7.3 7.3(3)D1(1)
8.0 8.3(1)
8.1 8.3(1)
8.2 8.3(1)
8.3 8.3(1)
UCS 6200, 6300, and 6400 Series Fabric Interconnects: CSCvk52975
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
Prior to 4.0 4.0(2a)
4.0 4.0(2a)
Additional Resources
For help determining the best Cisco NX-OS Software release for a Cisco
Nexus Switch, administrators can refer to the following Recommended
Releases documents. If a security advisory recommends a later release,
Cisco recommends following the advisory guidance.
Cisco MDS Series Switches
Cisco Nexus 1000V for VMware Switch
Cisco Nexus 3000 Series and 3500 Series Switches
Cisco Nexus 5000 Series Switches
Cisco Nexus 5500 Platform Switches
Cisco Nexus 6000 Series Switches
Cisco Nexus 7000 Series Switches
Cisco Nexus 9000 Series Switches
Cisco Nexus 9000 Series ACI-Mode Switches
For help determining the best Cisco NX-OS Software release for Cisco UCS,
refer to the Recommended Releases documents in the release notes for the
device.
Exploitation and Public Announcements
o The Cisco Product Security Incident Response Team (PSIRT) is not aware of
any public announcements or malicious use of the vulnerability that is
described in this advisory.
Source
o This vulnerability was found during internal security testing.
Cisco Security Vulnerability Policy
o To learn about Cisco security vulnerability disclosure policies and
publications, see the Security Vulnerability Policy . This document also
contains instructions for obtaining fixed software and receiving security
vulnerability information from Cisco.
URL
o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
cisco-sa-20190515-nxos-cmdinj-1735
Revision History
o +----------+---------------------------+----------+--------+--------------+
| Version | Description | Section | Status | Date |
+----------+---------------------------+----------+--------+--------------+
| 1.0 | Initial public release. | - | Final | 2019-May-15 |
+----------+---------------------------+----------+--------+--------------+
- -------------------------------------------------------------------------------
Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1770)
Priority: Medium
Advisory ID: cisco-sa-20190515-nxos-cmdinj-1770
First Published: 2019 May 15 16:00 GMT
Version 1.0: Final
Workarounds: No workarounds available
CVE-2019-1770
CWE-78
CVSS Score:
4.2 AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:X/RL:X/RC:X
Summary
o
A vulnerability in the CLI of Cisco NX-OS Software could allow an
authenticated, local attacker with administrator credentials to execute
arbitrary commands on the underlying Linux operating system with the
privilege level of root .
The vulnerability is due to insufficient validation of arguments passed to
a specific CLI command on the affected device. An attacker could exploit
this vulnerability by including malicious input as the argument of an
affected command. A successful exploit could allow the attacker to execute
arbitrary commands on the underlying Linux operating system with elevated
privileges. An attacker would need valid administrator credentials to
exploit this vulnerability.
Cisco has released software updates that address this vulnerability. There
are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
cisco-sa-20190515-nxos-cmdinj-1770
Affected Products
o Vulnerable Products
This vulnerability affects the following Cisco products if they are running
a vulnerable release of Cisco NX-OS Software:
Nexus 1000V Switch for Microsoft Hyper-V
Nexus 1000V Switch for VMware vSphere
Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 3600 Platform Switches
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 7000 Series Switches
Nexus 7700 Series Switches
Nexus 9000 Series Switches in standalone NX-OS mode
Nexus 9500 R-Series Switching Platform
For information about which Cisco NX-OS Software releases are vulnerable,
see the Fixed Software section of this advisory.
Products Confirmed Not Vulnerable
Only products listed in the Vulnerable Products section of this advisory
are known to be affected by this vulnerability.
Cisco has confirmed that this vulnerability does not affect the following
Cisco products:
Firepower 2100 Series
Firepower 4100 Series
Firepower 9300 Security Appliances
MDS 9000 Series Multilayer Switches
Nexus 9000 Series Fabric Switches in Application Centric Infrastructure
(ACI) mode
UCS 6200 Series Fabric Interconnects
UCS 6300 Series Fabric Interconnects
UCS 6400 Series Fabric Interconnects
Details
o Cisco has disclosed several similar CLI command injection vulnerabilities.
They differ primarily in affected products and software versions. This
table shows the affected products for each vulnerability by Cisco bug ID
and CVE ID.
Security FP 4100/ MDS 9K/ N1000V N3K/N3500/ N3600/ N5500K/ UCS 6200/
Advisory 9300 N7K/ MS/VM N9K-NXOS N9500R N5600/ UCS 6300
N7700 ^1 N6K UCS 6400 ^
2
Cisco NX-OS N/A CSCvj63728 CSCvk52969 CSCvj63877 CSCvk52988 CSCvk52972 CSCvk52975
Software CSCvk52985 CSCvk52971
Command
Injection
Vulnerability
(CVE-2019-1735)
Cisco NX-OS N/A N/A N/A CSCvh20032 CSCvj00299 N/A N/A
Software Line
Card Command
Injection
Vulnerability
(CVE-2019-1769)
Cisco NX-OS N/A CSCvh75867 CSCvi92240 CSCvh75958 CSCvi92239 CSCvi92243 N/A
Software ^1 CSCvk36294 CSCvi92242
Command
Injection
Vulnerability
(CVE-2019-1770)
Cisco NX-OS N/A CSCvh75895 N/A CSCvh75968 CSCvi99195 CSCvi99198 N/A
Software CSCvh75909 CSCvh75976 CSCvi92256 CSCvi92260
Command CSCvi99197
Injection CSCvi92258
Vulnerabilities
(CVE-2019-1774,
CVE-2019-1775)
Cisco NX-OS N/A CSCvh20081 N/A CSCvh20076 CSCvi96429 CSCvi96432 CSCvi96433
Software CSCvi96431 ^2
Command
Injection
Vulnerability
(CVE-2019-1776)
Cisco NX-OS N/A N/A N/A CSCvh75996 CSCvj03877 N/A N/A
Software
Command
Injection
Vulnerability
(CVE-2019-1778)
Cisco FXOS and CSCvj00418 CSCve51688 N/A CSCvh76126 CSCvj00412 CSCvj00416 N/A
NX-OS Software
Command
Injection
Vulnerability
(CVE-2019-1779)
Cisco FXOS and CSCvi92332 CSCvi01440 N/A CSCvi01431 CSCvi92326 CSCvi92329 N/A
NX-OS Software CSCvi92328
Command
Injection
Vulnerability
(CVE-2019-1780)
Cisco FXOS and CSCvi96527 CSCvi01448 N/A CSCvi01445 CSCvi96522 CSCvi96525 CSCvi96526
NX-OS Software CSCvi92130 CSCvh20389 CSCvh20027 CSCvi91985 CSCvi92128 ^2
Command CSCvi96524 CSCvi92129
Injection CSCvi92126 ^2
Vulnerabilities
(CVE-2019-1781,
CVE-2019-1782)
Cisco NX-OS N/A CSCvi42281 N/A N/A N/A CSCvj03966 N/A
Software ^1
Command
Injection
Vulnerability
(CVE-2019-1783)
Cisco NX-OS N/A CSCvi42292 N/A N/A N/A CSCvj12273 CSCvj12274
Software ^1 ^2
Command
Injection
Vulnerability
(CVE-2019-1784)
Cisco NX-OS N/A CSCvh20112 N/A CSCvh20096 CSCvi96504 CSCvi96509 CSCvi96510
Software ^2
Command
Injection
Vulnerability
(CVE-2019-1790)
Cisco NX-OS N/A CSCvj63667 N/A CSCvj63270 CSCvk50889 CSCvk50876 N/A
Software CSCvk50873
Command
Injection
Vulnerability
(CVE-2019-1791)
Cisco FXOS and CSCvh66259 CSCvh20359 CSCvh66257 CSCvh20029 CSCvh66202 CSCvh66214 CSCvh66243
NX-OS Software CSCvk30761 CSCvh66219 ^2
Command
Injection
Vulnerability
(CVE-2019-1795)
1. CSCvh75867, CSCvi42281, and CSCvi42292 apply to only Nexus 7000 Series
and Nexus 7700 Series Switches. The MDS 9000 Series Multilayer Switches are
not affected by these vulnerabilities.
2. CSCvk52975 applies to UCS 6200, 6300, and 6400. For all other UCS
defects, only UCS 6200 and 6300 are affected (and UCS 6400 is not
affected).
Workarounds
o There are no workarounds that address this vulnerability.
Fixed Software
o Cisco has released free software updates that address the vulnerability
described in this advisory. Customers may only install and expect support
for software versions and feature sets for which they have purchased a
license. By installing, downloading, accessing, or otherwise using such
software upgrades, customers agree to follow the terms of the Cisco
software license: https://www.cisco.com/c/en/us/products/
end-user-license-agreement.html
Additionally, customers may only download software for which they have a
valid license, procured from Cisco directly, or through a Cisco authorized
reseller or partner. In most cases this will be a maintenance upgrade to
software that was previously purchased. Free security software updates do
not entitle customers to a new software license, additional software
feature sets, or major revision upgrades.
When considering software upgrades, customers are advised to regularly
consult the advisories for Cisco products, which are available from the
Cisco Security Advisories and Alerts page , to determine exposure and a
complete upgrade solution.
In all cases, customers should ensure that the devices to be upgraded
contain sufficient memory and confirm that current hardware and software
configurations will continue to be supported properly by the new release.
If the information is not clear, customers are advised to contact the Cisco
Technical Assistance Center (TAC) or their contracted maintenance
providers.
Customers Without Service Contracts
Customers who purchase directly from Cisco but do not hold a Cisco service
contract and customers who make purchases through third-party vendors but
are unsuccessful in obtaining fixed software through their point of sale
should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c
/en/us/support/web/tsd-cisco-worldwide-contacts.html
Customers should have the product serial number available and be prepared
to provide the URL of this advisory as evidence of entitlement to a free
upgrade.
Fixed Releases
No upgrade action is necessary for customers who have already applied a
recommended release to address the March 2019 Cisco FXOS and NX-OS Software
bundle. See Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software
Security Advisory Bundled Publication for a list of advisories in the
bundle.
Customers who have not applied a recommended release to address the March
2019 bundle are advised to upgrade to an appropriate release as indicated
in the applicable table in this section. In the following tables, the left
column lists Cisco NX-OS Software releases. The right column indicates the
first release that includes the fix for this vulnerability.
Nexus 1000V Switch for Microsoft Hyper-V: CSCvk36294
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
Prior to 5.2 5.2(1)SM3(2.1)
5.2 5.2(1)SM3(2.1)
Nexus 1000V Switch for VMware vSphere: CSCvi92240
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
Prior to 5.2 5.2(1)SV3(4.1)
5.2 5.2(1)SV3(4.1)
Nexus 3000 Series Switches and Nexus 9000 Series Switches in Standalone
NX-OS Mode: CSCvh75958
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
Prior to 7.0(3)I4 7.0(3)I4(9)
7.0(3)I4 7.0(3)I4(9)
7.0(3)I7 7.0(3)I7(4)
9.2(1) Not vulnerable
Nexus 3500 Platform Switches: CSCvi92242
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
Prior to 6.0(2)A8 6.0(2)A8(11)
6.0(2)A8 6.0(2)A8(11)
7.0(3)I4 7.0(3)I4(9)
7.0(3)I7 7.0(3)I7(4)
9.2 Not vulnerable
Nexus 3600 Platform Switches and Nexus 9500 R-Series Switching Platform:
CSCvi92239
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
7.0(3) 7.0(3)F3(5)
9.2 Not vulnerable
Nexus 5500, 5600, and 6000 Series Switches: CSCvi92243
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
Prior to 7.3 7.3(4)N1(1)
7.3 7.3(4)N1(1)
Nexus 7000 and 7700 Series Switches: CSCvh75867
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
Prior to 6.2 6.2(22)
6.2 6.2(22)
7.2 7.3(3)D1(1)
7.3 7.3(3)D1(1)
8.0 8.2(3)
8.1 8.2(3)
8.2 8.2(3)
8.3 8.3(1)
Additional Resources
For help determining the best Cisco NX-OS Software release for a Cisco
Nexus Switch, administrators can refer to the following Recommended
Releases documents. If a security advisory recommends a later release,
Cisco recommends following the advisory guidance.
Cisco MDS Series Switches
Cisco Nexus 1000V for VMware Switch
Cisco Nexus 3000 Series and 3500 Series Switches
Cisco Nexus 5000 Series Switches
Cisco Nexus 5500 Platform Switches
Cisco Nexus 6000 Series Switches
Cisco Nexus 7000 Series Switches
Cisco Nexus 9000 Series Switches
Cisco Nexus 9000 Series ACI-Mode Switches
For help determining the best Cisco NX-OS Software release for Cisco UCS,
refer to the Recommended Releases documents in the release notes for the
device.
Exploitation and Public Announcements
o The Cisco Product Security Incident Response Team (PSIRT) is not aware of
any public announcements or malicious use of the vulnerability that is
described in this advisory.
Source
o This vulnerability was found during internal security testing.
Cisco Security Vulnerability Policy
o To learn about Cisco security vulnerability disclosure policies and
publications, see the Security Vulnerability Policy . This document also
contains instructions for obtaining fixed software and receiving security
vulnerability information from Cisco.
URL
o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
cisco-sa-20190515-nxos-cmdinj-1770
Revision History
o +----------+---------------------------+----------+--------+--------------+
| Version | Description | Section | Status | Date |
+----------+---------------------------+----------+--------+--------------+
| 1.0 | Initial public release. | - | Final | 2019-May-15 |
+----------+---------------------------+----------+--------+--------------+
- -------------------------------------------------------------------------------
Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1776)
Priority: Medium
Advisory ID: cisco-sa-20190515-nxos-cmdinj-1776
First Published: 2019 May 15 16:00 GMT
Last Updated: 2019 July 18 00:00 GMT
Version 1.1: Final
Workarounds: No workarounds available
CVE-2019-1776
CWE-78
CVSS Score:
6.7 AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X
Summary
o
A vulnerability in the CLI of Cisco NX-OS Software could allow an
authenticated, local attacker to execute arbitrary commands on the
underlying Linux operating system with a privilege level of root .
The vulnerability is due to insufficient validation of arguments passed to
a specific CLI command on the affected device. An attacker could exploit
this vulnerability by including malicious input as the argument of an
affected command. A successful exploit could allow the attacker to execute
arbitrary commands on the underlying Linux operating system with elevated
privileges. An attacker would need valid administrator credentials to
exploit this vulnerability.
Cisco has released software updates that address this vulnerability. There
are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
cisco-sa-20190515-nxos-cmdinj-1776
Affected Products
o Vulnerable Products
This vulnerability affects the following Cisco products if they are running
a vulnerable release of Cisco NX-OS Software:
MDS 9000 Series Multilayer Switches
Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 3600 Platform Switches
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 7000 Series Switches
Nexus 7700 Series Switches
Nexus 9000 Series Switches in standalone NX-OS mode
Nexus 9500 R-Series Switching Platform
UCS 6200 Series Fabric Interconnects
UCS 6300 Series Fabric Interconnects
For information about which Cisco NX-OS Software releases are vulnerable,
see the Fixed Software section of this advisory.
Products Confirmed Not Vulnerable
Only products listed in the Vulnerable Products section of this advisory
are known to be affected by this vulnerability.
Cisco has confirmed that this vulnerability does not affect the following
Cisco products:
Firepower 2100 Series
Firepower 4100 Series
Firepower 9300 Security Appliances
Nexus 1000V Switch for Microsoft Hyper-V
Nexus 1000V Switch for VMware vSphere
Nexus 9000 Series Fabric Switches in Application Centric Infrastructure
(ACI) mode
UCS 6400 Series Fabric Interconnects
Details
o Cisco has disclosed several similar CLI command injection vulnerabilities.
They differ primarily in affected products and software versions. This
table shows the affected products for each vulnerability by Cisco bug ID
and CVE ID.
Security FP 4100/ MDS 9K/ N1000V N3K/N3500/ N3600/ N5500K/ UCS 6200/
Advisory 9300 N7K/ MS/VM N9K-NXOS N9500R N5600/ UCS 6300
N7700 ^1 N6K UCS 6400 ^
2
Cisco NX-OS N/A CSCvj63728 CSCvk52969 CSCvj63877 CSCvk52988 CSCvk52972 CSCvk52975
Software CSCvk52985 CSCvk52971
Command
Injection
Vulnerability
(CVE-2019-1735)
Cisco NX-OS N/A N/A N/A CSCvh20032 CSCvj00299 N/A N/A
Software Line
Card Command
Injection
Vulnerability
(CVE-2019-1769)
Cisco NX-OS N/A CSCvh75867 CSCvi92240 CSCvh75958 CSCvi92239 CSCvi92243 N/A
Software ^1 CSCvk36294 CSCvi92242
Command
Injection
Vulnerability
(CVE-2019-1770)
Cisco NX-OS N/A CSCvh75895 N/A CSCvh75968 CSCvi99195 CSCvi99198 N/A
Software CSCvh75909 CSCvh75976 CSCvi92256 CSCvi92260
Command CSCvi99197
Injection CSCvi92258
Vulnerabilities
(CVE-2019-1774,
CVE-2019-1775)
Cisco NX-OS N/A CSCvh20081 N/A CSCvh20076 CSCvi96429 CSCvi96432 CSCvi96433
Software CSCvi96431 ^2
Command
Injection
Vulnerability
(CVE-2019-1776)
Cisco NX-OS N/A N/A N/A CSCvh75996 CSCvj03877 N/A N/A
Software
Command
Injection
Vulnerability
(CVE-2019-1778)
Cisco FXOS and CSCvj00418 CSCve51688 N/A CSCvh76126 CSCvj00412 CSCvj00416 N/A
NX-OS Software
Command
Injection
Vulnerability
(CVE-2019-1779)
Cisco FXOS and CSCvi92332 CSCvi01440 N/A CSCvi01431 CSCvi92326 CSCvi92329 N/A
NX-OS Software CSCvi92328
Command
Injection
Vulnerability
(CVE-2019-1780)
Cisco FXOS and CSCvi96527 CSCvi01448 N/A CSCvi01445 CSCvi96522 CSCvi96525 CSCvi96526
NX-OS Software CSCvi92130 CSCvh20389 CSCvh20027 CSCvi91985 CSCvi92128 ^2
Command CSCvi96524 CSCvi92129
Injection CSCvi92126 ^2
Vulnerabilities
(CVE-2019-1781,
CVE-2019-1782)
Cisco NX-OS N/A CSCvi42281 N/A N/A N/A CSCvj03966 N/A
Software ^1
Command
Injection
Vulnerability
(CVE-2019-1783)
Cisco NX-OS N/A CSCvi42292 N/A N/A N/A CSCvj12273 CSCvj12274
Software ^1 ^2
Command
Injection
Vulnerability
(CVE-2019-1784)
Cisco NX-OS N/A CSCvh20112 N/A CSCvh20096 CSCvi96504 CSCvi96509 CSCvi96510
Software ^2
Command
Injection
Vulnerability
(CVE-2019-1790)
Cisco NX-OS N/A CSCvj63667 N/A CSCvj63270 CSCvk50889 CSCvk50876 N/A
Software CSCvk50873
Command
Injection
Vulnerability
(CVE-2019-1791)
Cisco FXOS and CSCvh66259 CSCvh20359 CSCvh66257 CSCvh20029 CSCvh66202 CSCvh66214 CSCvh66243
NX-OS Software CSCvk30761 CSCvh66219 ^2
Command
Injection
Vulnerability
(CVE-2019-1795)
1. CSCvh75867, CSCvi42281, and CSCvi42292 apply to only Nexus 7000 Series
and Nexus 7700 Series Switches. The MDS 9000 Series Multilayer Switches are
not affected by these vulnerabilities.
2. CSCvk52975 applies to UCS 6200, 6300, and 6400. For all other UCS
defects, only UCS 6200 and 6300 are affected (and UCS 6400 is not
affected).
Workarounds
o There are no workarounds that address this vulnerability.
Fixed Software
o Cisco has released free software updates that address the vulnerability
described in this advisory. Customers may only install and expect support
for software versions and feature sets for which they have purchased a
license. By installing, downloading, accessing, or otherwise using such
software upgrades, customers agree to follow the terms of the Cisco
software license: https://www.cisco.com/c/en/us/products/
end-user-license-agreement.html
Additionally, customers may only download software for which they have a
valid license, procured from Cisco directly, or through a Cisco authorized
reseller or partner. In most cases this will be a maintenance upgrade to
software that was previously purchased. Free security software updates do
not entitle customers to a new software license, additional software
feature sets, or major revision upgrades.
When considering software upgrades, customers are advised to regularly
consult the advisories for Cisco products, which are available from the
Cisco Security Advisories and Alerts page , to determine exposure and a
complete upgrade solution.
In all cases, customers should ensure that the devices to be upgraded
contain sufficient memory and confirm that current hardware and software
configurations will continue to be supported properly by the new release.
If the information is not clear, customers are advised to contact the Cisco
Technical Assistance Center (TAC) or their contracted maintenance
providers.
Customers Without Service Contracts
Customers who purchase directly from Cisco but do not hold a Cisco service
contract and customers who make purchases through third-party vendors but
are unsuccessful in obtaining fixed software through their point of sale
should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c
/en/us/support/web/tsd-cisco-worldwide-contacts.html
Customers should have the product serial number available and be prepared
to provide the URL of this advisory as evidence of entitlement to a free
upgrade.
Fixed Releases
No upgrade action is necessary for customers who have already applied a
recommended release to address the March 2019 Cisco FXOS and NX-OS Software
bundle. See Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software
Security Advisory Bundled Publication for a list of advisories in the
bundle.
Customers who have not applied a recommended release to address the March
2019 bundle are advised to upgrade to an appropriate release as indicated
in the applicable table in this section. In the following tables, the left
column lists Cisco NX-OS Software releases. The right column indicates the
first release that includes the fix for this vulnerability.
MDS 9000 Series Multilayer Switches: CSCvh20081
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
6.2 Not vulnerable
8.1 8.2(2)
8.2 8.2(2)
8.3 8.3(1)
Nexus 3000 Series Switches and Nexus 9000 Series Switches in Standalone
NX-OS Mode: CSCvh20076
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
Prior to 7.0(3)I4 7.0(3)I4(9)
7.0(3)I4 7.0(3)I4(9)
7.0(3)I7 7.0(3)I7(4)
9.2(1) Not vulnerable
Nexus 3500 Platform Switches: CSCvi96431
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
Prior to 6.0(2)A8 6.0(2)A8(11)
6.0(2)A8 6.0(2)A8(11)
7.0(3)I4 7.0(3)I4(9)
7.0(3)I7 7.0(3)I7(4)
9.2 Not vulnerable
Nexus 3600 Platform Switches and Nexus 9500 R-Series Switching Platform:
CSCvi96429
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
7.0(3) 7.0(3)F3(5)
9.2 Not vulnerable
Nexus 5500, 5600, and 6000 Series Switches: CSCvi96432
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
Prior to 7.3 7.3(5)N1(1)
7.3 7.3(5)N1(1)
Nexus 7000 and 7700 Series Switches: CSCvh20081
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
6.2 Not vulnerable
7.2 7.3(3)D1(1)
7.3 7.3(3)D1(1)
8.0 8.2(2)
8.1 8.2(2)
8.2 8.2(2)
8.3 8.3(1)
UCS 6200 and 6300 Series Fabric Interconnects: CSCvi96433
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
Prior to 4.0 4.0(1a)
4.0 4.0(1a)
Additional Resources
For help determining the best Cisco NX-OS Software release for a Cisco
Nexus Switch, administrators can refer to the following Recommended
Releases documents. If a security advisory recommends a later release,
Cisco recommends following the advisory guidance.
Cisco MDS Series Switches
Cisco Nexus 1000V for VMware Switch
Cisco Nexus 3000 Series and 3500 Series Switches
Cisco Nexus 5000 Series Switches
Cisco Nexus 5500 Platform Switches
Cisco Nexus 6000 Series Switches
Cisco Nexus 7000 Series Switches
Cisco Nexus 9000 Series Switches
Cisco Nexus 9000 Series ACI-Mode Switches
For help determining the best Cisco NX-OS Software release for Cisco UCS,
refer to the Recommended Releases documents in the release notes for the
device.
Exploitation and Public Announcements
o The Cisco Product Security Incident Response Team (PSIRT) is not aware of
any public announcements or malicious use of the vulnerability that is
described in this advisory.
Source
o This vulnerability was found during internal security testing.
Cisco Security Vulnerability Policy
o To learn about Cisco security vulnerability disclosure policies and
publications, see the Security Vulnerability Policy . This document also
contains instructions for obtaining fixed software and receiving security
vulnerability information from Cisco.
URL
o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
cisco-sa-20190515-nxos-cmdinj-1776
Revision History
o +---------+----------------------------+----------+--------+--------------+
| Version | Description | Section | Status | Date |
+---------+----------------------------+----------+--------+--------------+
| | Updated the Fixed Release | Fixed | | |
| 1.1 | section for the MDS and | Software | Final | 2019-July-18 |
| | Nexus 7000 and 7700. | | | |
+---------+----------------------------+----------+--------+--------------+
| 1.0 | Initial public release. | - | Final | 2019-May-15 |
+---------+----------------------------+----------+--------+--------------+
- -------------------------------------------------------------------------------
Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1778)
Priority: Medium
Advisory ID: cisco-sa-20190515-nxos-cmdinj-1778
First Published: 2019 May 15 16:00 GMT
Version 1.0: Final
Workarounds: No workarounds availableCisco Bug IDs: CSCvh75996CSCvj03877
CVE-2019-1778
CWE-78
CVSS Score:
6.7 AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X
Summary
o
A vulnerability in the CLI of Cisco NX-OS Software could allow an
authenticated, local attacker to execute arbitrary commands on the
underlying Linux operating system with the privilege level of root .
The vulnerability is due to insufficient validation of arguments passed to
a specific CLI command on the affected device. An attacker could exploit
this vulnerability by including malicious input as the argument of an
affected command. A successful exploit could allow the attacker to execute
arbitrary commands on the underlying Linux operating system with elevated
privileges. An attacker would need valid administrator credentials to
exploit this vulnerability.
Cisco has released software updates that address this vulnerability. There
are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
cisco-sa-20190515-nxos-cmdinj-1778
Affected Products
o Vulnerable Products
This vulnerability affects the following Cisco products if they are running
a vulnerable release of Cisco NX-OS Software:
Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 3600 Platform Switches
Nexus 9000 Series Switches in standalone NX-OS mode
Nexus 9500 R-Series Switching Platform
For information about which Cisco NX-OS Software releases are vulnerable,
see the Fixed Software section of this advisory.
Products Confirmed Not Vulnerable
Only products listed in the Vulnerable Products section of this advisory
are known to be affected by this vulnerability.
Cisco has confirmed that this vulnerability does not affect the following
Cisco products:
Firepower 2100 Series
Firepower 4100 Series
Firepower 9300 Security Appliances
MDS 9000 Series Multilayer Switches
Nexus 1000V Switch for Microsoft Hyper-V
Nexus 1000V Switch for VMware vSphere
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 7000 Series Switches
Nexus 7700 Series Switches
Nexus 9000 Series Fabric Switches in Application Centric Infrastructure
(ACI) mode
UCS 6200 Series Fabric Interconnects
UCS 6300 Series Fabric Interconnects
UCS 6400 Series Fabric Interconnects
Details
o Cisco has disclosed several similar CLI command injection vulnerabilities.
They differ primarily in affected products and software versions. This
table shows the affected products for each vulnerability by Cisco bug ID
and CVE ID.
Security FP 4100/ MDS 9K/ N1000V N3K/N3500/ N3600/ N5500K/ UCS 6200/
Advisory 9300 N7K/ MS/VM N9K-NXOS N9500R N5600/ UCS 6300
N7700 ^1 N6K UCS 6400 ^
2
Cisco NX-OS N/A CSCvj63728 CSCvk52969 CSCvj63877 CSCvk52988 CSCvk52972 CSCvk52975
Software CSCvk52985 CSCvk52971
Command
Injection
Vulnerability
(CVE-2019-1735)
Cisco NX-OS N/A N/A N/A CSCvh20032 CSCvj00299 N/A N/A
Software Line
Card Command
Injection
Vulnerability
(CVE-2019-1769)
Cisco NX-OS N/A CSCvh75867 CSCvi92240 CSCvh75958 CSCvi92239 CSCvi92243 N/A
Software ^1 CSCvk36294 CSCvi92242
Command
Injection
Vulnerability
(CVE-2019-1770)
Cisco NX-OS N/A CSCvh75895 N/A CSCvh75968 CSCvi99195 CSCvi99198 N/A
Software CSCvh75909 CSCvh75976 CSCvi92256 CSCvi92260
Command CSCvi99197
Injection CSCvi92258
Vulnerabilities
(CVE-2019-1774,
CVE-2019-1775)
Cisco NX-OS N/A CSCvh20081 N/A CSCvh20076 CSCvi96429 CSCvi96432 CSCvi96433
Software CSCvi96431 ^2
Command
Injection
Vulnerability
(CVE-2019-1776)
Cisco NX-OS N/A N/A N/A CSCvh75996 CSCvj03877 N/A N/A
Software
Command
Injection
Vulnerability
(CVE-2019-1778)
Cisco FXOS and CSCvj00418 CSCve51688 N/A CSCvh76126 CSCvj00412 CSCvj00416 N/A
NX-OS Software
Command
Injection
Vulnerability
(CVE-2019-1779)
Cisco FXOS and CSCvi92332 CSCvi01440 N/A CSCvi01431 CSCvi92326 CSCvi92329 N/A
NX-OS Software CSCvi92328
Command
Injection
Vulnerability
(CVE-2019-1780)
Cisco FXOS and CSCvi96527 CSCvi01448 N/A CSCvi01445 CSCvi96522 CSCvi96525 CSCvi96526
NX-OS Software CSCvi92130 CSCvh20389 CSCvh20027 CSCvi91985 CSCvi92128 ^2
Command CSCvi96524 CSCvi92129
Injection CSCvi92126 ^2
Vulnerabilities
(CVE-2019-1781,
CVE-2019-1782)
Cisco NX-OS N/A CSCvi42281 N/A N/A N/A CSCvj03966 N/A
Software ^1
Command
Injection
Vulnerability
(CVE-2019-1783)
Cisco NX-OS N/A CSCvi42292 N/A N/A N/A CSCvj12273 CSCvj12274
Software ^1 ^2
Command
Injection
Vulnerability
(CVE-2019-1784)
Cisco NX-OS N/A CSCvh20112 N/A CSCvh20096 CSCvi96504 CSCvi96509 CSCvi96510
Software ^2
Command
Injection
Vulnerability
(CVE-2019-1790)
Cisco NX-OS N/A CSCvj63667 N/A CSCvj63270 CSCvk50889 CSCvk50876 N/A
Software CSCvk50873
Command
Injection
Vulnerability
(CVE-2019-1791)
Cisco FXOS and CSCvh66259 CSCvh20359 CSCvh66257 CSCvh20029 CSCvh66202 CSCvh66214 CSCvh66243
NX-OS Software CSCvk30761 CSCvh66219 ^2
Command
Injection
Vulnerability
(CVE-2019-1795)
1. CSCvh75867, CSCvi42281, and CSCvi42292 apply to only Nexus 7000 Series
and Nexus 7700 Series Switches. The MDS 9000 Series Multilayer Switches are
not affected by these vulnerabilities.
2. CSCvk52975 applies to UCS 6200, 6300, and 6400. For all other UCS
defects, only UCS 6200 and 6300 are affected (and UCS 6400 is not
affected).
Workarounds
o There are no workarounds that address this vulnerability.
Fixed Software
o Cisco has released free software updates that address the vulnerability
described in this advisory. Customers may only install and expect support
for software versions and feature sets for which they have purchased a
license. By installing, downloading, accessing, or otherwise using such
software upgrades, customers agree to follow the terms of the Cisco
software license: https://www.cisco.com/c/en/us/products/
end-user-license-agreement.html
Additionally, customers may only download software for which they have a
valid license, procured from Cisco directly, or through a Cisco authorized
reseller or partner. In most cases this will be a maintenance upgrade to
software that was previously purchased. Free security software updates do
not entitle customers to a new software license, additional software
feature sets, or major revision upgrades.
When considering software upgrades, customers are advised to regularly
consult the advisories for Cisco products, which are available from the
Cisco Security Advisories and Alerts page , to determine exposure and a
complete upgrade solution.
In all cases, customers should ensure that the devices to be upgraded
contain sufficient memory and confirm that current hardware and software
configurations will continue to be supported properly by the new release.
If the information is not clear, customers are advised to contact the Cisco
Technical Assistance Center (TAC) or their contracted maintenance
providers.
Customers Without Service Contracts
Customers should have the product serial number available and be prepared
to provide the URL of this advisory as evidence of entitlement to a free
upgrade.
Fixed Releases
No upgrade action is necessary for customers who have already applied a
recommended release to address the March 2019 Cisco FXOS and NX-OS Software
bundle. See Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software
Security Advisory Bundled Publication for a list of advisories in the
bundle.
Customers who have not applied a recommended release to address the March
2019 bundle are advised to upgrade to an appropriate release as indicated
in the applicable table in this section. In the following tables, the left
column lists Cisco NX-OS Software releases. The right column indicates the
first release that includes the fix for this vulnerability.
Nexus 3000 Series Switches, Nexus 3500 Platform Switches, and Nexus 9000
Series Switches in Standalone NX-OS Mode: CSCvh75996
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
Prior to 7.0(3)I4 7.0(3)I4(9)
7.0(3)I4 7.0(3)I4(9)
7.0(3)I7 7.0(3)I7(4)
9.2(1) Not vulnerable
Nexus 3600 Platform Switches and Nexus 9500 R-Series Switching Platform:
CSCvj03877
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
7.0(3) 7.0(3)F3(5)
9.2 Not vulnerable
Additional Resources
For help determining the best Cisco NX-OS Software release for a Cisco
Nexus Switch, administrators can refer to the following Recommended
Releases documents. If a security advisory recommends a later release,
Cisco recommends following the advisory guidance.
Cisco MDS Series Switches
Cisco Nexus 1000V for VMware Switch
Cisco Nexus 3000 Series and 3500 Series Switches
Cisco Nexus 5000 Series Switches
Cisco Nexus 5500 Platform Switches
Cisco Nexus 6000 Series Switches
Cisco Nexus 7000 Series Switches
Cisco Nexus 9000 Series Switches
Cisco Nexus 9000 Series ACI-Mode Switches
For help determining the best Cisco NX-OS Software release for Cisco UCS,
refer to the Recommended Releases documents in the release notes for the
device.
Exploitation and Public Announcements
o The Cisco Product Security Incident Response Team (PSIRT) is not aware of
any public announcements or malicious use of the vulnerability that is
described in this advisory.
Source
o This vulnerability was found during internal security testing.
Cisco Security Vulnerability Policy
o To learn about Cisco security vulnerability disclosure policies and
publications, see the Security Vulnerability Policy . This document also
contains instructions for obtaining fixed software and receiving security
vulnerability information from Cisco.
URL
o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
cisco-sa-20190515-nxos-cmdinj-1778
Revision History
o +----------+---------------------------+----------+--------+--------------+
| Version | Description | Section | Status | Date |
+----------+---------------------------+----------+--------+--------------+
| 1.0 | Initial public release. | - | Final | 2019-May-15 |
+----------+---------------------------+----------+--------+--------------+
- -------------------------------------------------------------------------------
Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1783)
Priority: Medium
Advisory ID: cisco-sa-20190515-nxos-cmdinj-1783
First Published: 2019 May 15 16:00 GMT
Last Updated: 2019 July 18 00:00 GMT
Version 1.1: Final
Workarounds: No workarounds availableCisco Bug IDs: CSCvi42281CSCvj03966
CVE-2019-1783
CWE-77
CVSS Score:
6.7 AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X
Summary
o
A vulnerability in the CLI of Cisco NX-OS Software could allow an
authenticated, local attacker with administrator credentials to execute
arbitrary commands on the underlying Linux operating system with the
privilege level of root .
The vulnerability is due to insufficient validation of arguments passed to
a specific CLI command on the affected device. An attacker could exploit
this vulnerability by including malicious input as the argument of an
affected command. A successful exploit could allow the attacker to execute
arbitrary commands on the underlying Linux operating system with elevated
privileges. An attacker would need valid administrator credentials to
exploit this vulnerability.
Cisco has released software updates that address this vulnerability. There
are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
cisco-sa-20190515-nxos-cmdinj-1783
Affected Products
o Vulnerable Products
This vulnerability affects the following Cisco products if they are running
a vulnerable release of Cisco NX-OS Software:
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 7000 Series Switches
Nexus 7700 Series Switches
For information about which Cisco NX-OS Software releases are vulnerable,
see the Fixed Software section of this advisory.
Products Confirmed Not Vulnerable
Only products listed in the Vulnerable Products section of this advisory
are known to be affected by this vulnerability.
Cisco has confirmed that this vulnerability does not affect the following
Cisco products:
Firepower 2100 Series
Firepower 4100 Series
Firepower 9300 Security Appliances
MDS 9000 Series Multilayer Switches
Nexus 1000V Switch for Microsoft Hyper-V
Nexus 1000V Switch for VMware vSphere
Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 3600 Platform Switches
Nexus 9000 Series Fabric Switches in Application Centric Infrastructure
(ACI) mode
Nexus 9000 Series Switches in standalone NX-OS mode
Nexus 9500 R-Series Switching Platform
UCS 6200 Series Fabric Interconnects
UCS 6300 Series Fabric Interconnects
UCS 6400 Series Fabric Interconnects
Details
o Cisco has disclosed several similar CLI command injection vulnerabilities.
They differ primarily in affected products and software versions. This
table shows the affected products for each vulnerability by Cisco bug ID
and CVE ID.
Security FP 4100/ MDS 9K/ N1000V N3K/N3500/ N3600/ N5500K/ UCS 6200/
Advisory 9300 N7K/ MS/VM N9K-NXOS N9500R N5600/ UCS 6300
N7700 ^1 N6K UCS 6400 ^
2
Cisco NX-OS N/A CSCvj63728 CSCvk52969 CSCvj63877 CSCvk52988 CSCvk52972 CSCvk52975
Software CSCvk52985 CSCvk52971
Command
Injection
Vulnerability
(CVE-2019-1735)
Cisco NX-OS N/A N/A N/A CSCvh20032 CSCvj00299 N/A N/A
Software Line
Card Command
Injection
Vulnerability
(CVE-2019-1769)
Cisco NX-OS N/A CSCvh75867 CSCvi92240 CSCvh75958 CSCvi92239 CSCvi92243 N/A
Software ^1 CSCvk36294 CSCvi92242
Command
Injection
Vulnerability
(CVE-2019-1770)
Cisco NX-OS N/A CSCvh75895 N/A CSCvh75968 CSCvi99195 CSCvi99198 N/A
Software CSCvh75909 CSCvh75976 CSCvi92256 CSCvi92260
Command CSCvi99197
Injection CSCvi92258
Vulnerabilities
(CVE-2019-1774,
CVE-2019-1775)
Cisco NX-OS N/A CSCvh20081 N/A CSCvh20076 CSCvi96429 CSCvi96432 CSCvi96433
Software CSCvi96431 ^2
Command
Injection
Vulnerability
(CVE-2019-1776)
Cisco NX-OS N/A N/A N/A CSCvh75996 CSCvj03877 N/A N/A
Software
Command
Injection
Vulnerability
(CVE-2019-1778)
Cisco FXOS and CSCvj00418 CSCve51688 N/A CSCvh76126 CSCvj00412 CSCvj00416 N/A
NX-OS Software
Command
Injection
Vulnerability
(CVE-2019-1779)
Cisco FXOS and CSCvi92332 CSCvi01440 N/A CSCvi01431 CSCvi92326 CSCvi92329 N/A
NX-OS Software CSCvi92328
Command
Injection
Vulnerability
(CVE-2019-1780)
Cisco FXOS and CSCvi96527 CSCvi01448 N/A CSCvi01445 CSCvi96522 CSCvi96525 CSCvi96526
NX-OS Software CSCvi92130 CSCvh20389 CSCvh20027 CSCvi91985 CSCvi92128 ^2
Command CSCvi96524 CSCvi92129
Injection CSCvi92126 ^2
Vulnerabilities
(CVE-2019-1781,
CVE-2019-1782)
Cisco NX-OS N/A CSCvi42281 N/A N/A N/A CSCvj03966 N/A
Software ^1
Command
Injection
Vulnerability
(CVE-2019-1783)
Cisco NX-OS N/A CSCvi42292 N/A N/A N/A CSCvj12273 CSCvj12274
Software ^1 ^2
Command
Injection
Vulnerability
(CVE-2019-1784)
Cisco NX-OS N/A CSCvh20112 N/A CSCvh20096 CSCvi96504 CSCvi96509 CSCvi96510
Software ^2
Command
Injection
Vulnerability
(CVE-2019-1790)
Cisco NX-OS N/A CSCvj63667 N/A CSCvj63270 CSCvk50889 CSCvk50876 N/A
Software CSCvk50873
Command
Injection
Vulnerability
(CVE-2019-1791)
Cisco FXOS and CSCvh66259 CSCvh20359 CSCvh66257 CSCvh20029 CSCvh66202 CSCvh66214 CSCvh66243
NX-OS Software CSCvk30761 CSCvh66219 ^2
Command
Injection
Vulnerability
(CVE-2019-1795)
1. CSCvh75867, CSCvi42281, and CSCvi42292 apply to only Nexus 7000 Series
and Nexus 7700 Series Switches. The MDS 9000 Series Multilayer Switches are
not affected by these vulnerabilities.
2. CSCvk52975 applies to UCS 6200, 6300, and 6400. For all other UCS
defects, only UCS 6200 and 6300 are affected (and UCS 6400 is not
affected).
Workarounds
o There are no workarounds that address this vulnerability.
Fixed Software
o Cisco has released free software updates that address the vulnerability
described in this advisory. Customers may only install and expect support
for software versions and feature sets for which they have purchased a
license. By installing, downloading, accessing, or otherwise using such
software upgrades, customers agree to follow the terms of the Cisco
software license: https://www.cisco.com/c/en/us/products/
end-user-license-agreement.html
Additionally, customers may only download software for which they have a
valid license, procured from Cisco directly, or through a Cisco authorized
reseller or partner. In most cases this will be a maintenance upgrade to
software that was previously purchased. Free security software updates do
not entitle customers to a new software license, additional software
feature sets, or major revision upgrades.
When considering software upgrades, customers are advised to regularly
consult the advisories for Cisco products, which are available from the
Cisco Security Advisories and Alerts page , to determine exposure and a
complete upgrade solution.
In all cases, customers should ensure that the devices to be upgraded
contain sufficient memory and confirm that current hardware and software
configurations will continue to be supported properly by the new release.
If the information is not clear, customers are advised to contact the Cisco
Technical Assistance Center (TAC) or their contracted maintenance
providers.
Customers Without Service Contracts
Customers who purchase directly from Cisco but do not hold a Cisco service
contract and customers who make purchases through third-party vendors but
are unsuccessful in obtaining fixed software through their point of sale
should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c
/en/us/support/web/tsd-cisco-worldwide-contacts.html
Customers should have the product serial number available and be prepared
to provide the URL of this advisory as evidence of entitlement to a free
upgrade.
Fixed Releases
No upgrade action is necessary for customers who have already applied a
recommended release to address the March 2019 Cisco FXOS and NX-OS Software
bundle. See Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software
Security Advisory Bundled Publication for a list of advisories in the
bundle.
Customers who have not applied a recommended release to address the March
2019 bundle are advised to upgrade to an appropriate release as indicated
in the applicable table in this section. In the following tables, the left
column lists Cisco NX-OS Software releases. The right column indicates the
first release that includes the fix for this vulnerability.
Nexus 5500, 5600, and 6000 Series Switches: CSCvj03966
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
Prior to 7.3 7.3(4)N1(1)
7.3 7.3(4)N1(1)
Nexus 7000 and 7700 Series Switches: CSCvi42281
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
6.2 Not vulnerable
7.2 7.3(3)D1(1)
7.3 7.3(3)D1(1)
8.0 8.3(1)
8.1 8.3(1)
8.2 8.3(1)
8.3 8.3(1)
Additional Resources
For help determining the best Cisco NX-OS Software release for a Cisco
Nexus Switch, administrators can refer to the following Recommended
Releases documents. If a security advisory recommends a later release,
Cisco recommends following the advisory guidance.
Cisco MDS Series Switches
Cisco Nexus 1000V for VMware Switch
Cisco Nexus 3000 Series and 3500 Series Switches
Cisco Nexus 5000 Series Switches
Cisco Nexus 5500 Platform Switches
Cisco Nexus 6000 Series Switches
Cisco Nexus 7000 Series Switches
Cisco Nexus 9000 Series Switches
Cisco Nexus 9000 Series ACI-Mode Switches
For help determining the best Cisco NX-OS Software release for Cisco UCS,
refer to the Recommended Releases documents in the release notes for the
device.
Exploitation and Public Announcements
o The Cisco Product Security Incident Response Team (PSIRT) is not aware of
any public announcements or malicious use of the vulnerability that is
described in this advisory.
Source
o This vulnerability was found during internal security testing.
Cisco Security Vulnerability Policy
o To learn about Cisco security vulnerability disclosure policies and
publications, see the Security Vulnerability Policy . This document also
contains instructions for obtaining fixed software and receiving security
vulnerability information from Cisco.
URL
o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
cisco-sa-20190515-nxos-cmdinj-1783
Revision History
o +---------+----------------------------+----------+--------+--------------+
| Version | Description | Section | Status | Date |
+---------+----------------------------+----------+--------+--------------+
| 1.1 | Updated the Fixed Releases | Fixed | Final | 2019-July-18 |
| | for the Nexus 7000/7700. | Software | | |
+---------+----------------------------+----------+--------+--------------+
| 1.0 | Initial public release. | - | Final | 2019-May-15 |
+---------+----------------------------+----------+--------+--------------+
- -------------------------------------------------------------------------------
Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1784)
Priority: Medium
Advisory ID: cisco-sa-20190515-nxos-cmd-inject-1784
First Published: 2019 May 15 16:00 GMT
Last Updated: 2019 July 18 00:00 GMT
Version 1.1: Final
Workarounds: No workarounds availableCisco Bug IDs: CSCvi42292CSCvj12273CSCvj12274
CVE-2019-1784
CWE-77
CVSS Score:
6.7 AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X
Summary
o
A vulnerability in the CLI of Cisco NX-OS Software could allow an
authenticated, local attacker to execute arbitrary commands on the
underlying Linux operating system with the privilege level of root .
The vulnerability is due to insufficient validation of arguments passed to
a specific CLI command on the affected device. An attacker could exploit
this vulnerability by including malicious input as the argument of an
affected command. A successful exploit could allow the attacker to execute
arbitrary commands on the underlying Linux operating system with elevated
privileges. An attacker would need valid administrator credentials to
exploit this vulnerability.
Cisco has released software updates that address this vulnerability. There
are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
cisco-sa-20190515-nxos-cmd-inject-1784
Affected Products
o Vulnerable Products
This vulnerability affects the following Cisco products if they are running
a vulnerable release of Cisco NX-OS Software:
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 7000 Series Switches
Nexus 7700 Series Switches
UCS 6200 Series Fabric Interconnects
UCS 6300 Series Fabric Interconnects
For information about which Cisco NX-OS Software releases are vulnerable,
see the Fixed Software section of this advisory.
Products Confirmed Not Vulnerable
Only products listed in the Vulnerable Products section of this advisory
are known to be affected by this vulnerability.
Cisco has confirmed that this vulnerability does not affect the following
Cisco products:
Firepower 2100 Series
Firepower 4100 Series
Firepower 9300 Security Appliances
MDS 9000 Series Multilayer Switches
Nexus 1000V Switch for Microsoft Hyper-V
Nexus 1000V Switch for VMware vSphere
Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 3600 Platform Switches
Nexus 9000 Series Fabric Switches in Application Centric Infrastructure
(ACI) mode
Nexus 9000 Series Switches in standalone NX-OS mode
Nexus 9500 R-Series Switching Platform
UCS 6400 Series Fabric Interconnects
Details
o Cisco has disclosed several similar CLI command injection vulnerabilities.
They differ primarily in affected products and software versions. This
table shows the affected products for each vulnerability by Cisco bug ID
and CVE ID.
Security FP 4100/ MDS 9K/ N1000V N3K/N3500/ N3600/ N5500K/ UCS 6200/
Advisory 9300 N7K/ MS/VM N9K-NXOS N9500R N5600/ UCS 6300
N7700 ^1 N6K UCS 6400 ^
2
Cisco NX-OS N/A CSCvj63728 CSCvk52969 CSCvj63877 CSCvk52988 CSCvk52972 CSCvk52975
Software CSCvk52985 CSCvk52971
Command
Injection
Vulnerability
(CVE-2019-1735)
Cisco NX-OS N/A N/A N/A CSCvh20032 CSCvj00299 N/A N/A
Software Line
Card Command
Injection
Vulnerability
(CVE-2019-1769)
Cisco NX-OS N/A CSCvh75867 CSCvi92240 CSCvh75958 CSCvi92239 CSCvi92243 N/A
Software ^1 CSCvk36294 CSCvi92242
Command
Injection
Vulnerability
(CVE-2019-1770)
Cisco NX-OS N/A CSCvh75895 N/A CSCvh75968 CSCvi99195 CSCvi99198 N/A
Software CSCvh75909 CSCvh75976 CSCvi92256 CSCvi92260
Command CSCvi99197
Injection CSCvi92258
Vulnerabilities
(CVE-2019-1774,
CVE-2019-1775)
Cisco NX-OS N/A CSCvh20081 N/A CSCvh20076 CSCvi96429 CSCvi96432 CSCvi96433
Software CSCvi96431 ^2
Command
Injection
Vulnerability
(CVE-2019-1776)
Cisco NX-OS N/A N/A N/A CSCvh75996 CSCvj03877 N/A N/A
Software
Command
Injection
Vulnerability
(CVE-2019-1778)
Cisco FXOS and CSCvj00418 CSCve51688 N/A CSCvh76126 CSCvj00412 CSCvj00416 N/A
NX-OS Software
Command
Injection
Vulnerability
(CVE-2019-1779)
Cisco FXOS and CSCvi92332 CSCvi01440 N/A CSCvi01431 CSCvi92326 CSCvi92329 N/A
NX-OS Software CSCvi92328
Command
Injection
Vulnerability
(CVE-2019-1780)
Cisco FXOS and CSCvi96527 CSCvi01448 N/A CSCvi01445 CSCvi96522 CSCvi96525 CSCvi96526
NX-OS Software CSCvi92130 CSCvh20389 CSCvh20027 CSCvi91985 CSCvi92128 ^2
Command CSCvi96524 CSCvi92129
Injection CSCvi92126 ^2
Vulnerabilities
(CVE-2019-1781,
CVE-2019-1782)
Cisco NX-OS N/A CSCvi42281 N/A N/A N/A CSCvj03966 N/A
Software ^1
Command
Injection
Vulnerability
(CVE-2019-1783)
Cisco NX-OS N/A CSCvi42292 N/A N/A N/A CSCvj12273 CSCvj12274
Software ^1 ^2
Command
Injection
Vulnerability
(CVE-2019-1784)
Cisco NX-OS N/A CSCvh20112 N/A CSCvh20096 CSCvi96504 CSCvi96509 CSCvi96510
Software ^2
Command
Injection
Vulnerability
(CVE-2019-1790)
Cisco NX-OS N/A CSCvj63667 N/A CSCvj63270 CSCvk50889 CSCvk50876 N/A
Software CSCvk50873
Command
Injection
Vulnerability
(CVE-2019-1791)
Cisco FXOS and CSCvh66259 CSCvh20359 CSCvh66257 CSCvh20029 CSCvh66202 CSCvh66214 CSCvh66243
NX-OS Software CSCvk30761 CSCvh66219 ^2
Command
Injection
Vulnerability
(CVE-2019-1795)
1. CSCvh75867, CSCvi42281, and CSCvi42292 apply to only Nexus 7000 Series
and Nexus 7700 Series Switches. The MDS 9000 Series Multilayer Switches are
not affected by these vulnerabilities.
2. CSCvk52975 applies to UCS 6200, 6300, and 6400. For all other UCS
defects, only UCS 6200 and 6300 are affected (and UCS 6400 is not
affected).
Workarounds
o There are no workarounds that address this vulnerability.
Fixed Software
o Cisco has released free software updates that address the vulnerability
described in this advisory. Customers may only install and expect support
for software versions and feature sets for which they have purchased a
license. By installing, downloading, accessing, or otherwise using such
software upgrades, customers agree to follow the terms of the Cisco
software license: https://www.cisco.com/c/en/us/products/
end-user-license-agreement.html
Additionally, customers may only download software for which they have a
valid license, procured from Cisco directly, or through a Cisco authorized
reseller or partner. In most cases this will be a maintenance upgrade to
software that was previously purchased. Free security software updates do
not entitle customers to a new software license, additional software
feature sets, or major revision upgrades.
When considering software upgrades, customers are advised to regularly
consult the advisories for Cisco products, which are available from the
Cisco Security Advisories and Alerts page , to determine exposure and a
complete upgrade solution.
In all cases, customers should ensure that the devices to be upgraded
contain sufficient memory and confirm that current hardware and software
configurations will continue to be supported properly by the new release.
If the information is not clear, customers are advised to contact the Cisco
Technical Assistance Center (TAC) or their contracted maintenance
providers.
Customers Without Service Contracts
Customers who purchase directly from Cisco but do not hold a Cisco service
contract and customers who make purchases through third-party vendors but
are unsuccessful in obtaining fixed software through their point of sale
should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c
/en/us/support/web/tsd-cisco-worldwide-contacts.html
Customers should have the product serial number available and be prepared
to provide the URL of this advisory as evidence of entitlement to a free
upgrade.
Fixed Releases
No upgrade action is necessary for customers who have already applied a
recommended release to address the March 2019 Cisco FXOS and NX-OS Software
bundle. See Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software
Security Advisory Bundled Publication for a list of advisories in the
bundle.
Customers who have not applied a recommended release to address the March
2019 bundle are advised to upgrade to an appropriate release as indicated
in the applicable table in this section. In the following tables, the left
column lists Cisco NX-OS Software releases. The right column indicates the
first release that includes the fix for this vulnerability.
Nexus 5500, 5600, and 6000 Series Switches: CSCvj12273
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
Prior to 7.3 7.3(5)N1(1)
7.3 7.3(5)N1(1)
Nexus 7000 and 7700 Series Switches: CSCvi42292
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
Prior to 6.2 Not vulnerable
6.2 Not vulnerable
7.2 7.3(3)D1(1)
7.3 7.3(3)D1(1)
8.0 8.2(3)
8.1 8.2(3)
8.2 8.2(3)
8.3 8.3(1)
UCS 6200 and 6300 Series Fabric Interconnects: CSCvj12274
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
Prior to 4.0 4.0(1a)
4.0 4.0(1a)
Additional Resources
For help determining the best Cisco NX-OS Software release for a Cisco
Nexus Switch, administrators can refer to the following Recommended
Releases documents. If a security advisory recommends a later release,
Cisco recommends following the advisory guidance.
Cisco MDS Series Switches
Cisco Nexus 1000V for VMware Switch
Cisco Nexus 3000 Series and 3500 Series Switches
Cisco Nexus 5000 Series Switches
Cisco Nexus 5500 Platform Switches
Cisco Nexus 6000 Series Switches
Cisco Nexus 7000 Series Switches
Cisco Nexus 9000 Series Switches
Cisco Nexus 9000 Series ACI-Mode Switches
For help determining the best Cisco NX-OS Software release for Cisco UCS,
refer to the Recommended Releases documents in the release notes for the
device.
Exploitation and Public Announcements
o The Cisco Product Security Incident Response Team (PSIRT) is not aware of
any public announcements or malicious use of the vulnerability that is
described in this advisory.
Source
o This vulnerability was found during internal security testing.
Cisco Security Vulnerability Policy
o To learn about Cisco security vulnerability disclosure policies and
publications, see the Security Vulnerability Policy . This document also
contains instructions for obtaining fixed software and receiving security
vulnerability information from Cisco.
URL
o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
cisco-sa-20190515-nxos-cmd-inject-1784
Revision History
o +---------+----------------------------+----------+--------+--------------+
| Version | Description | Section | Status | Date |
+---------+----------------------------+----------+--------+--------------+
| | Updated the release | Fixed | | |
| 1.1 | information for the Nexus | Software | Final | 2019-July-18 |
| | 7000 and 7700. | | | |
+---------+----------------------------+----------+--------+--------------+
| 1.0 | Initial public release. | - | Final | 2019-May-15 |
+---------+----------------------------+----------+--------+--------------+
- -------------------------------------------------------------------------------
Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1790)
Priority: Medium
Advisory ID: cisco-sa-20190515-nxos-cmdinj-1790
First Published: 2019 May 15 16:00 GMT
Version 1.0: Final
Workarounds: No workarounds availableCisco Bug IDs: CSCvh20096CSCvh20112CSCvi96504CSCvi96509CSCvi96510
CVE-2019-1790
CWE-77
CVSS Score:
6.7 AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X
Summary
o A vulnerability in the CLI of Cisco NX-OS Software could allow an
authenticated, local attacker with valid administrator credentials to
execute arbitrary commands on the underlying operating system of an
affected device.
The vulnerability is due to insufficient validation of arguments passed to
certain CLI commands. An attacker could exploit this vulnerability by
including malicious input as the argument of an affected command. A
successful exploit could allow the attacker to execute arbitrary commands
on the underlying operating system with elevated privileges. An attacker
would need valid administrator credentials to exploit this vulnerability.
Cisco has released software updates that address this vulnerability. There
are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
cisco-sa-20190515-nxos-cmdinj-1790
Affected Products
o Vulnerable Products
This vulnerability affects the following Cisco products if they are running
a vulnerable release of Cisco NX-OS Software:
MDS 9000 Series Multilayer Switches
Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 3600 Platform Switches
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 7000 Series Switches
Nexus 7700 Series Switches
Nexus 9000 Series Switches in standalone NX-OS mode
Nexus 9500 R-Series Switching Platform
UCS 6200 Series Fabric Interconnects
UCS 6300 Series Fabric Interconnects
For information about which Cisco NX-OS Software releases are vulnerable,
see the Fixed Software section of this advisory.
Products Confirmed Not Vulnerable
Only products listed in the Vulnerable Products section of this advisory
are known to be affected by this vulnerability.
Cisco has confirmed that this vulnerability does not affect the following
Cisco products:
Firepower 2100 Series
Firepower 4100 Series
Firepower 9300 Security Appliances
Nexus 1000V Switch for Microsoft Hyper-V
Nexus 1000V Switch for VMware vSphere
Nexus 9000 Series Fabric Switches in Application Centric Infrastructure
(ACI) mode
UCS 6400 Series Fabric Interconnects
Details
o Cisco has disclosed several similar CLI command injection vulnerabilities.
They differ primarily in affected products and software versions. This
table shows the affected products for each vulnerability by Cisco bug ID
and CVE ID.
Security FP 4100/ MDS 9K/ N1000V N3K/N3500/ N3600/ N5500K/ UCS 6200/
Advisory 9300 N7K/ MS/VM N9K-NXOS N9500R N5600/ UCS 6300
N7700 ^1 N6K UCS 6400 ^
2
Cisco NX-OS N/A CSCvj63728 CSCvk52969 CSCvj63877 CSCvk52988 CSCvk52972 CSCvk52975
Software CSCvk52985 CSCvk52971
Command
Injection
Vulnerability
(CVE-2019-1735)
Cisco NX-OS N/A N/A N/A CSCvh20032 CSCvj00299 N/A N/A
Software Line
Card Command
Injection
Vulnerability
(CVE-2019-1769)
Cisco NX-OS N/A CSCvh75867 CSCvi92240 CSCvh75958 CSCvi92239 CSCvi92243 N/A
Software ^1 CSCvk36294 CSCvi92242
Command
Injection
Vulnerability
(CVE-2019-1770)
Cisco NX-OS N/A CSCvh75895 N/A CSCvh75968 CSCvi99195 CSCvi99198 N/A
Software CSCvh75909 CSCvh75976 CSCvi92256 CSCvi92260
Command CSCvi99197
Injection CSCvi92258
Vulnerabilities
(CVE-2019-1774,
CVE-2019-1775)
Cisco NX-OS N/A CSCvh20081 N/A CSCvh20076 CSCvi96429 CSCvi96432 CSCvi96433
Software CSCvi96431 ^2
Command
Injection
Vulnerability
(CVE-2019-1776)
Cisco NX-OS N/A N/A N/A CSCvh75996 CSCvj03877 N/A N/A
Software
Command
Injection
Vulnerability
(CVE-2019-1778)
Cisco FXOS and CSCvj00418 CSCve51688 N/A CSCvh76126 CSCvj00412 CSCvj00416 N/A
NX-OS Software
Command
Injection
Vulnerability
(CVE-2019-1779)
Cisco FXOS and CSCvi92332 CSCvi01440 N/A CSCvi01431 CSCvi92326 CSCvi92329 N/A
NX-OS Software CSCvi92328
Command
Injection
Vulnerability
(CVE-2019-1780)
Cisco FXOS and CSCvi96527 CSCvi01448 N/A CSCvi01445 CSCvi96522 CSCvi96525 CSCvi96526
NX-OS Software CSCvi92130 CSCvh20389 CSCvh20027 CSCvi91985 CSCvi92128 ^2
Command CSCvi96524 CSCvi92129
Injection CSCvi92126 ^2
Vulnerabilities
(CVE-2019-1781,
CVE-2019-1782)
Cisco NX-OS N/A CSCvi42281 N/A N/A N/A CSCvj03966 N/A
Software ^1
Command
Injection
Vulnerability
(CVE-2019-1783)
Cisco NX-OS N/A CSCvi42292 N/A N/A N/A CSCvj12273 CSCvj12274
Software ^1 ^2
Command
Injection
Vulnerability
(CVE-2019-1784)
Cisco NX-OS N/A CSCvh20112 N/A CSCvh20096 CSCvi96504 CSCvi96509 CSCvi96510
Software ^2
Command
Injection
Vulnerability
(CVE-2019-1790)
Cisco NX-OS N/A CSCvj63667 N/A CSCvj63270 CSCvk50889 CSCvk50876 N/A
Software CSCvk50873
Command
Injection
Vulnerability
(CVE-2019-1791)
Cisco FXOS and CSCvh66259 CSCvh20359 CSCvh66257 CSCvh20029 CSCvh66202 CSCvh66214 CSCvh66243
NX-OS Software CSCvk30761 CSCvh66219 ^2
Command
Injection
Vulnerability
(CVE-2019-1795)
1. CSCvh75867, CSCvi42281, and CSCvi42292 apply to only Nexus 7000 Series
and Nexus 7700 Series Switches. The MDS 9000 Series Multilayer Switches are
not affected by these vulnerabilities.
2. CSCvk52975 applies to UCS 6200, 6300, and 6400. For all other UCS
defects, only UCS 6200 and 6300 are affected (and UCS 6400 is not
affected).
Workarounds
o There are no workarounds that address this vulnerability.
Fixed Software
o Cisco has released free software updates that address the vulnerability
described in this advisory. Customers may only install and expect support
for software versions and feature sets for which they have purchased a
license. By installing, downloading, accessing, or otherwise using such
software upgrades, customers agree to follow the terms of the Cisco
software license: https://www.cisco.com/c/en/us/products/
end-user-license-agreement.html
Additionally, customers may only download software for which they have a
valid license, procured from Cisco directly, or through a Cisco authorized
reseller or partner. In most cases this will be a maintenance upgrade to
software that was previously purchased. Free security software updates do
not entitle customers to a new software license, additional software
feature sets, or major revision upgrades.
When considering software upgrades, customers are advised to regularly
consult the advisories for Cisco products, which are available from the
Cisco Security Advisories and Alerts page , to determine exposure and a
complete upgrade solution.
In all cases, customers should ensure that the devices to be upgraded
contain sufficient memory and confirm that current hardware and software
configurations will continue to be supported properly by the new release.
If the information is not clear, customers are advised to contact the Cisco
Technical Assistance Center (TAC) or their contracted maintenance
providers.
Customers Without Service Contracts
Customers who purchase directly from Cisco but do not hold a Cisco service
contract and customers who make purchases through third-party vendors but
are unsuccessful in obtaining fixed software through their point of sale
should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c
/en/us/support/web/tsd-cisco-worldwide-contacts.html
Customers should have the product serial number available and be prepared
to provide the URL of this advisory as evidence of entitlement to a free
upgrade.
Fixed Releases
No upgrade action is necessary for customers who have already applied a
recommended release to address the March 2019 Cisco FXOS and NX-OS Software
bundle. See Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software
Security Advisory Bundled Publication for a list of advisories in the
bundle.
Customers who have not applied a recommended release to address the March
2019 bundle are advised to upgrade to an appropriate release as indicated
in the applicable table in this section. In the following tables, the left
column lists Cisco NX-OS Software releases. The right column indicates the
first release that includes the fix for this vulnerability.
MDS 9000 Series Multilayer Switches: CSCvh20112
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
5.2 6.2(25)
6.2 6.2(25)
7.3 8.1(1b)
8.1 8.1(1b)
8.2 8.2(3)
8.3 8.3(1)
Nexus 3000 Series Switches, Nexus 3500 Platform Switches, and Nexus 9000
Series Switches in Standalone NX-OS Mode: CSCvh20096
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
Prior to 7.0(3)I4 7.0(3)I4(8)
7.0(3)I4 7.0(3)I4(8)
7.0(3)I7 7.0(3)I7(3)
9.2(1) Not vulnerable
Nexus 3600 Platform Switches and Nexus 9500 R-Series Switching Platform:
CSCvi96504
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
7.0(3) 7.0(3)F3(5)
9.2 Not vulnerable
Nexus 5500 and 5600 Platform Switches and 6000 Series Switches: CSCvi96509
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
Prior to 7.3 7.3(4)N1(1)
7.3 7.3(4)N1(1)
Nexus 7000 and 7700 Series Switches: CSCvh20112
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
Prior to 6.2 6.2(22)
6.2 6.2(22)
7.2 7.3(3)D1(1)
7.3 7.3(3)D1(1)
8.0 8.2(3)
8.1 8.2(3)
8.2 8.2(3)
8.3 8.3(1)
UCS 6200 and 6300 Series Fabric Interconnects: CSCvi96510
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
Prior to 4.0 4.0(1a)
4.0 4.0(1a)
Additional Resources
For help determining the best Cisco NX-OS Software release for a Cisco
Nexus Switch, administrators can refer to the following Recommended
Releases documents. If a security advisory recommends a later release,
Cisco recommends following the advisory guidance.
Cisco MDS Series Switches
Cisco Nexus 1000V for VMware Switch
Cisco Nexus 3000 Series and 3500 Series Switches
Cisco Nexus 5000 Series Switches
Cisco Nexus 5500 Platform Switches
Cisco Nexus 6000 Series Switches
Cisco Nexus 7000 Series Switches
Cisco Nexus 9000 Series Switches
Cisco Nexus 9000 Series ACI-Mode Switches
For help determining the best Cisco NX-OS Software release for Cisco UCS,
refer to the Recommended Releases documents in the release notes for the
device.
Exploitation and Public Announcements
o The Cisco Product Security Incident Response Team (PSIRT) is not aware of
any public announcements or malicious use of the vulnerability that is
described in this advisory.
Source
o This vulnerability was found during internal security testing.
Cisco Security Vulnerability Policy
o To learn about Cisco security vulnerability disclosure policies and
publications, see the Security Vulnerability Policy . This document also
contains instructions for obtaining fixed software and receiving security
vulnerability information from Cisco.
URL
o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
cisco-sa-20190515-nxos-cmdinj-1790
Revision History
o +----------+---------------------------+----------+--------+--------------+
| Version | Description | Section | Status | Date |
+----------+---------------------------+----------+--------+--------------+
| 1.0 | Initial public release. | - | Final | 2019-May-15 |
+----------+---------------------------+----------+--------+--------------+
- -------------------------------------------------------------------------------
Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1791)
Priority: Medium
Advisory ID: cisco-sa-20190515-nxos-cmdinj-1791
First Published: 2019 May 15 16:00 GMT
Version 1.0: Final
Workarounds: No workarounds availableCisco Bug IDs: CSCvj63270CSCvj63667CSCvk50873CSCvk50876CSCvk50889
CVE-2019-1791
CWE-77
CVSS Score:
6.7 AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X
Summary
o A vulnerability in the CLI of Cisco NX-OS Software could allow an
authenticated, local attacker with administrator credentials to execute
arbitrary commands with elevated privileges on the underlying operating
system of an affected device.
The vulnerability is due to insufficient validation of arguments passed to
certain CLI commands. An attacker could exploit this vulnerability by
including malicious input as the argument of an affected command. A
successful exploit could allow the attacker to execute arbitrary commands
on the underlying operating system with elevated privileges. An attacker
would need valid administrator credentials to exploit this vulnerability.
Cisco has released software updates that address this vulnerability. There
are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
cisco-sa-20190515-nxos-cmdinj-1791
Affected Products
o Vulnerable Products
This vulnerability affects the following Cisco products if they are running
a vulnerable release of Cisco NX-OS Software:
MDS 9000 Series Multilayer Switches
Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 3600 Platform Switches
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 7000 Series Switches
Nexus 7700 Series Switches
Nexus 9000 Series Switches in standalone NX-OS mode
Nexus 9500 R-Series Switching Platform
For information about which Cisco NX-OS Software releases are vulnerable,
see the Fixed Software section of this advisory.
Products Confirmed Not Vulnerable
Only products listed in the Vulnerable Products section of this advisory
are known to be affected by this vulnerability.
Cisco has confirmed that this vulnerability does not affect the following
Cisco products:
Firepower 2100 Series
Firepower 4100 Series
Firepower 9300 Security Appliances
Nexus 1000V Switch for Microsoft Hyper-V
Nexus 1000V Switch for VMware vSphere
Nexus 9000 Series Fabric Switches in Application Centric Infrastructure
(ACI) mode
UCS 6200 Series Fabric Interconnects
UCS 6300 Series Fabric Interconnects
UCS 6400 Series Fabric Interconnects
Details
o Cisco has disclosed several similar CLI command injection vulnerabilities.
They differ primarily in affected products and software versions. This
table shows the affected products for each vulnerability by Cisco bug ID
and CVE ID.
Security FP 4100/ MDS 9K/ N1000V N3K/N3500/ N3600/ N5500K/ UCS 6200/
Advisory 9300 N7K/ MS/VM N9K-NXOS N9500R N5600/ UCS 6300
N7700 ^1 N6K UCS 6400 ^
2
Cisco NX-OS N/A CSCvj63728 CSCvk52969 CSCvj63877 CSCvk52988 CSCvk52972 CSCvk52975
Software CSCvk52985 CSCvk52971
Command
Injection
Vulnerability
(CVE-2019-1735)
Cisco NX-OS N/A N/A N/A CSCvh20032 CSCvj00299 N/A N/A
Software Line
Card Command
Injection
Vulnerability
(CVE-2019-1769)
Cisco NX-OS N/A CSCvh75867 CSCvi92240 CSCvh75958 CSCvi92239 CSCvi92243 N/A
Software ^1 CSCvk36294 CSCvi92242
Command
Injection
Vulnerability
(CVE-2019-1770)
Cisco NX-OS N/A CSCvh75895 N/A CSCvh75968 CSCvi99195 CSCvi99198 N/A
Software CSCvh75909 CSCvh75976 CSCvi92256 CSCvi92260
Command CSCvi99197
Injection CSCvi92258
Vulnerabilities
(CVE-2019-1774,
CVE-2019-1775)
Cisco NX-OS N/A CSCvh20081 N/A CSCvh20076 CSCvi96429 CSCvi96432 CSCvi96433
Software CSCvi96431 ^2
Command
Injection
Vulnerability
(CVE-2019-1776)
Cisco NX-OS N/A N/A N/A CSCvh75996 CSCvj03877 N/A N/A
Software
Command
Injection
Vulnerability
(CVE-2019-1778)
Cisco FXOS and CSCvj00418 CSCve51688 N/A CSCvh76126 CSCvj00412 CSCvj00416 N/A
NX-OS Software
Command
Injection
Vulnerability
(CVE-2019-1779)
Cisco FXOS and CSCvi92332 CSCvi01440 N/A CSCvi01431 CSCvi92326 CSCvi92329 N/A
NX-OS Software CSCvi92328
Command
Injection
Vulnerability
(CVE-2019-1780)
Cisco FXOS and CSCvi96527 CSCvi01448 N/A CSCvi01445 CSCvi96522 CSCvi96525 CSCvi96526
NX-OS Software CSCvi92130 CSCvh20389 CSCvh20027 CSCvi91985 CSCvi92128 ^2
Command CSCvi96524 CSCvi92129
Injection CSCvi92126 ^2
Vulnerabilities
(CVE-2019-1781,
CVE-2019-1782)
Cisco NX-OS N/A CSCvi42281 N/A N/A N/A CSCvj03966 N/A
Software ^1
Command
Injection
Vulnerability
(CVE-2019-1783)
Cisco NX-OS N/A CSCvi42292 N/A N/A N/A CSCvj12273 CSCvj12274
Software ^1 ^2
Command
Injection
Vulnerability
(CVE-2019-1784)
Cisco NX-OS N/A CSCvh20112 N/A CSCvh20096 CSCvi96504 CSCvi96509 CSCvi96510
Software ^2
Command
Injection
Vulnerability
(CVE-2019-1790)
Cisco NX-OS N/A CSCvj63667 N/A CSCvj63270 CSCvk50889 CSCvk50876 N/A
Software CSCvk50873
Command
Injection
Vulnerability
(CVE-2019-1791)
Cisco FXOS and CSCvh66259 CSCvh20359 CSCvh66257 CSCvh20029 CSCvh66202 CSCvh66214 CSCvh66243
NX-OS Software CSCvk30761 CSCvh66219 ^2
Command
Injection
Vulnerability
(CVE-2019-1795)
1. CSCvh75867, CSCvi42281, and CSCvi42292 apply to only Nexus 7000 Series
and Nexus 7700 Series Switches. The MDS 9000 Series Multilayer Switches are
not affected by these vulnerabilities.
2. CSCvk52975 applies to UCS 6200, 6300, and 6400. For all other UCS
defects, only UCS 6200 and 6300 are affected (and UCS 6400 is not
affected).
Workarounds
o There are no workarounds that address this vulnerability.
Fixed Software
o Cisco has released free software updates that address the vulnerability
described in this advisory. Customers may only install and expect support
for software versions and feature sets for which they have purchased a
license. By installing, downloading, accessing, or otherwise using such
software upgrades, customers agree to follow the terms of the Cisco
software license: https://www.cisco.com/c/en/us/products/
end-user-license-agreement.html
Additionally, customers may only download software for which they have a
valid license, procured from Cisco directly, or through a Cisco authorized
reseller or partner. In most cases this will be a maintenance upgrade to
software that was previously purchased. Free security software updates do
not entitle customers to a new software license, additional software
feature sets, or major revision upgrades.
When considering software upgrades, customers are advised to regularly
consult the advisories for Cisco products, which are available from the
Cisco Security Advisories and Alerts page , to determine exposure and a
complete upgrade solution.
In all cases, customers should ensure that the devices to be upgraded
contain sufficient memory and confirm that current hardware and software
configurations will continue to be supported properly by the new release.
If the information is not clear, customers are advised to contact the Cisco
Technical Assistance Center (TAC) or their contracted maintenance
providers.
Customers Without Service Contracts
Customers who purchase directly from Cisco but do not hold a Cisco service
contract and customers who make purchases through third-party vendors but
are unsuccessful in obtaining fixed software through their point of sale
should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c
/en/us/support/web/tsd-cisco-worldwide-contacts.html
Customers should have the product serial number available and be prepared
to provide the URL of this advisory as evidence of entitlement to a free
upgrade.
Fixed Releases
No upgrade action is necessary for customers who have already applied a
recommended release to address the March 2019 Cisco FXOS and NX-OS Software
bundle. See Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software
Security Advisory Bundled Publication for a list of advisories in the
bundle.
Customers who have not applied a recommended release to address the March
2019 bundle are advised to upgrade to an appropriate release as indicated
in the applicable table in this section. In the following tables, the left
column lists Cisco NX-OS Software releases. The right column indicates the
first release that includes the fix for this vulnerability.
MDS 9000 Series Multilayer Switches: CSCvj63667
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
5.2 6.2(25)
6.2 6.2(25)
7.3 8.2(3)
8.1 8.2(3)
8.2 8.2(3)
8.3 8.3(1)
Nexus 3000 Series Switches and Nexus 9000 Series Switches in Standalone
NX-OS Mode: CSCvj63270
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
Prior to 7.0(3)I4 7.0(3)I4(9)
7.0(3)I4 7.0(3)I4(9)
7.0(3)I7 7.0(3)I7(6)
9.2(1) Not vulnerable
Nexus 3500 Platform Switches: CSCvk50873
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
Prior to 6.0(2)A8 6.0(2)A8(11)
6.0(2)A8 6.0(2)A8(11)
7.0(3)I4 7.0(3)I4(9)
7.0(3)I7 7.0(3)I7(6)
9.2 Not vulnerable
Nexus 3600 Platform Switches and Nexus 9500 R-Series Switching Platform:
CSCvk50889
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
7.0(3) 7.0(3)F3(5)
9.2 Not vulnerable
Nexus 5500 and 5600 Platform Switches and 6000 Series Switches: CSCvk50876
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
Prior to 7.3 7.3(4)N1(1)
7.3 7.3(4)N1(1)
Nexus 7000 and 7700 Series Switches: CSCvj63667
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
Prior to 6.2 6.2(22)
6.2 6.2(22)
7.2 7.3(3)D1(1)
7.3 7.3(3)D1(1)
8.0 8.2(3)
8.1 8.2(3)
8.2 8.2(3)
8.3 8.3(1)
Additional Resources
For help determining the best Cisco NX-OS Software release for a Cisco
Nexus Switch, administrators can refer to the following Recommended
Releases documents. If a security advisory recommends a later release,
Cisco recommends following the advisory guidance.
Cisco MDS Series Switches
Cisco Nexus 1000V for VMware Switch
Cisco Nexus 3000 Series and 3500 Series Switches
Cisco Nexus 5000 Series Switches
Cisco Nexus 5500 Platform Switches
Cisco Nexus 6000 Series Switches
Cisco Nexus 7000 Series Switches
Cisco Nexus 9000 Series Switches
Cisco Nexus 9000 Series ACI-Mode Switches
For help determining the best Cisco NX-OS Software release for Cisco UCS,
refer to the Recommended Releases documents in the release notes for the
device.
Exploitation and Public Announcements
o The Cisco Product Security Incident Response Team (PSIRT) is not aware of
any public announcements or malicious use of the vulnerability that is
described in this advisory.
Source
o This vulnerability was found during internal security testing.
Cisco Security Vulnerability Policy
o To learn about Cisco security vulnerability disclosure policies and
publications, see the Security Vulnerability Policy . This document also
contains instructions for obtaining fixed software and receiving security
vulnerability information from Cisco.
URL
o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
cisco-sa-20190515-nxos-cmdinj-1791
Revision History
o +----------+---------------------------+----------+--------+--------------+
| Version | Description | Section | Status | Date |
+----------+---------------------------+----------+--------+--------------+
| 1.0 | Initial public release. | - | Final | 2019-May-15 |
+----------+---------------------------+----------+--------+--------------+
- -------------------------------------------------------------------------------
Cisco NX-OS Software Line Card Command Injection Vulnerability (CVE-2019-1769)
Priority: Medium
Advisory ID: cisco-sa-20190515-nxos-linecardinj-1769
First Published: 2019 May 15 16:00 GMT
Version 1.0: Final
Workarounds: No workarounds available
Cisco Bug IDs: CSCvh20032CSCvj00299
CVE-2019-1769
CWE-78
CVSS Score:
6.7 AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X
Summary
o
A vulnerability in the CLI of Cisco NX-OS Software could allow an
authenticated, local attacker with administrator credentials to execute
arbitrary commands on the underlying Linux operating system of an attached
line card with the privilege level of root .
The vulnerability is due to insufficient validation of arguments passed to
a specific CLI command on the affected device. An attacker could exploit
this vulnerability by including malicious input as the argument of an
affected command. A successful exploit could allow the attacker to execute
arbitrary commands on the underlying Linux operating system of an attached
line card with elevated privileges. An attacker would need valid
administrator credentials to exploit this vulnerability.
Cisco has released software updates that address this vulnerability. There
are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
cisco-sa-20190515-nxos-linecardinj-1769
Affected Products
o Vulnerable Products
This vulnerability affects the following Cisco products if they are running
a vulnerable release of Cisco NX-OS Software:
Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 3600 Platform Switches
Nexus 9000 Series Switches in standalone NX-OS mode
Nexus 9500 R-Series Switching Platform
For information about which Cisco NX-OS Software releases are vulnerable,
see the Fixed Software section of this advisory.
Products Confirmed Not Vulnerable
Only products listed in the Vulnerable Products section of this advisory
are known to be affected by this vulnerability.
Cisco has confirmed that this vulnerability does not affect the following
Cisco products:
Firepower 2100 Series
Firepower 4100 Series
Firepower 9300 Security Appliances
MDS 9000 Series Multilayer Switches
Nexus 1000V Switch for Microsoft Hyper-V
Nexus 1000V Switch for VMware vSphere
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 7000 Series Switches
Nexus 7700 Series Switches
Nexus 9000 Series Fabric Switches in Application Centric Infrastructure
(ACI) mode
UCS 6200 Series Fabric Interconnects
UCS 6300 Series Fabric Interconnects
UCS 6400 Series Fabric Interconnects
Details
o Cisco has disclosed several similar CLI command injection vulnerabilities.
They differ primarily in affected products and software versions. This
table shows the affected products for each vulnerability by Cisco bug ID
and CVE ID.
Security FP 4100/ MDS 9K/ N1000V N3K/N3500/ N3600/ N5500K/ UCS 6200/
Advisory 9300 N7K/ MS/VM N9K-NXOS N9500R N5600/ UCS 6300
N7700 ^1 N6K UCS 6400 ^
2
Cisco NX-OS N/A CSCvj63728 CSCvk52969 CSCvj63877 CSCvk52988 CSCvk52972 CSCvk52975
Software CSCvk52985 CSCvk52971
Command
Injection
Vulnerability
(CVE-2019-1735)
Cisco NX-OS N/A N/A N/A CSCvh20032 CSCvj00299 N/A N/A
Software Line
Card Command
Injection
Vulnerability
(CVE-2019-1769)
Cisco NX-OS N/A CSCvh75867 CSCvi92240 CSCvh75958 CSCvi92239 CSCvi92243 N/A
Software ^1 CSCvk36294 CSCvi92242
Command
Injection
Vulnerability
(CVE-2019-1770)
Cisco NX-OS N/A CSCvh75895 N/A CSCvh75968 CSCvi99195 CSCvi99198 N/A
Software CSCvh75909 CSCvh75976 CSCvi92256 CSCvi92260
Command CSCvi99197
Injection CSCvi92258
Vulnerabilities
(CVE-2019-1774,
CVE-2019-1775)
Cisco NX-OS N/A CSCvh20081 N/A CSCvh20076 CSCvi96429 CSCvi96432 CSCvi96433
Software CSCvi96431 ^2
Command
Injection
Vulnerability
(CVE-2019-1776)
Cisco NX-OS N/A N/A N/A CSCvh75996 CSCvj03877 N/A N/A
Software
Command
Injection
Vulnerability
(CVE-2019-1778)
Cisco FXOS and CSCvj00418 CSCve51688 N/A CSCvh76126 CSCvj00412 CSCvj00416 N/A
NX-OS Software
Command
Injection
Vulnerability
(CVE-2019-1779)
Cisco FXOS and CSCvi92332 CSCvi01440 N/A CSCvi01431 CSCvi92326 CSCvi92329 N/A
NX-OS Software CSCvi92328
Command
Injection
Vulnerability
(CVE-2019-1780)
Cisco FXOS and CSCvi96527 CSCvi01448 N/A CSCvi01445 CSCvi96522 CSCvi96525 CSCvi96526
NX-OS Software CSCvi92130 CSCvh20389 CSCvh20027 CSCvi91985 CSCvi92128 ^2
Command CSCvi96524 CSCvi92129
Injection CSCvi92126 ^2
Vulnerabilities
(CVE-2019-1781,
CVE-2019-1782)
Cisco NX-OS N/A CSCvi42281 N/A N/A N/A CSCvj03966 N/A
Software ^1
Command
Injection
Vulnerability
(CVE-2019-1783)
Cisco NX-OS N/A CSCvi42292 N/A N/A N/A CSCvj12273 CSCvj12274
Software ^1 ^2
Command
Injection
Vulnerability
(CVE-2019-1784)
Cisco NX-OS N/A CSCvh20112 N/A CSCvh20096 CSCvi96504 CSCvi96509 CSCvi96510
Software ^2
Command
Injection
Vulnerability
(CVE-2019-1790)
Cisco NX-OS N/A CSCvj63667 N/A CSCvj63270 CSCvk50889 CSCvk50876 N/A
Software CSCvk50873
Command
Injection
Vulnerability
(CVE-2019-1791)
Cisco FXOS and CSCvh66259 CSCvh20359 CSCvh66257 CSCvh20029 CSCvh66202 CSCvh66214 CSCvh66243
NX-OS Software CSCvk30761 CSCvh66219 ^2
Command
Injection
Vulnerability
(CVE-2019-1795)
1. CSCvh75867, CSCvi42281, and CSCvi42292 apply to only Nexus 7000 Series
and Nexus 7700 Series Switches. The MDS 9000 Series Multilayer Switches are
not affected by these vulnerabilities.
2. CSCvk52975 applies to UCS 6200, 6300, and 6400. For all other UCS
defects, only UCS 6200 and 6300 are affected (and UCS 6400 is not
affected).
Workarounds
o There are no workarounds that address this vulnerability.
Fixed Software
o Cisco has released free software updates that address the vulnerability
described in this advisory. Customers may only install and expect support
for software versions and feature sets for which they have purchased a
license. By installing, downloading, accessing, or otherwise using such
software upgrades, customers agree to follow the terms of the Cisco
software license: https://www.cisco.com/c/en/us/products/
end-user-license-agreement.html
Additionally, customers may only download software for which they have a
valid license, procured from Cisco directly, or through a Cisco authorized
reseller or partner. In most cases this will be a maintenance upgrade to
software that was previously purchased. Free security software updates do
not entitle customers to a new software license, additional software
feature sets, or major revision upgrades.
When considering software upgrades, customers are advised to regularly
consult the advisories for Cisco products, which are available from the
Cisco Security Advisories and Alerts page , to determine exposure and a
complete upgrade solution.
In all cases, customers should ensure that the devices to be upgraded
contain sufficient memory and confirm that current hardware and software
configurations will continue to be supported properly by the new release.
If the information is not clear, customers are advised to contact the Cisco
Technical Assistance Center (TAC) or their contracted maintenance
providers.
Customers Without Service Contracts
Customers who purchase directly from Cisco but do not hold a Cisco service
contract and customers who make purchases through third-party vendors but
are unsuccessful in obtaining fixed software through their point of sale
should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c
/en/us/support/web/tsd-cisco-worldwide-contacts.html
Customers should have the product serial number available and be prepared
to provide the URL of this advisory as evidence of entitlement to a free
upgrade.
Fixed Releases
No upgrade action is necessary for customers who have already applied a
recommended release to address the March 2019 Cisco FXOS and NX-OS Software
bundle. See Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software
Security Advisory Bundled Publication for a list of advisories in the
bundle.
Customers who have not applied a recommended release to address the March
2019 bundle are advised to upgrade to an appropriate release as indicated
in the applicable table in this section. In the following tables, the left
column lists Cisco NX-OS Software releases. The right column indicates the
first release that includes the fix for this vulnerability.
Nexus 3000 Series Switches, Nexus 3500 Platform Switches, and Nexus 9000
Series Switches in Standalone NX-OS Mode: CSCvh20032
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
Prior to 7.0(3)I7 7.0(3)I7(6)
7.0(3)I7 7.0(3)I7(6)
9.2(1) Not vulnerable
Nexus 3600 Platform Switches and Nexus 9500 R-Series Switching Platform:
CSCvj00299
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
7.0(3) 7.0(3)F3(5)
9.2 Not vulnerable
Additional Resources
For help determining the best Cisco NX-OS Software release for a Cisco
Nexus Switch, administrators can refer to the following Recommended
Releases documents. If a security advisory recommends a later release,
Cisco recommends following the advisory guidance.
Cisco MDS Series Switches
Cisco Nexus 1000V for VMware Switch
Cisco Nexus 3000 Series and 3500 Series Switches
Cisco Nexus 5000 Series Switches
Cisco Nexus 5500 Platform Switches
Cisco Nexus 6000 Series Switches
Cisco Nexus 7000 Series Switches
Cisco Nexus 9000 Series Switches
Cisco Nexus 9000 Series ACI-Mode Switches
For help determining the best Cisco NX-OS Software release for Cisco UCS,
refer to the Recommended Releases documents in the release notes for the
device.
Exploitation and Public Announcements
o The Cisco Product Security Incident Response Team (PSIRT) is not aware of
any public announcements or malicious use of the vulnerability that is
described in this advisory.
Source
o This vulnerability was found during internal security testing.
Cisco Security Vulnerability Policy
o To learn about Cisco security vulnerability disclosure policies and
publications, see the Security Vulnerability Policy . This document also
contains instructions for obtaining fixed software and receiving security
vulnerability information from Cisco.
URL
o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
cisco-sa-20190515-nxos-linecardinj-1769
Revision History
o +----------+---------------------------+----------+--------+--------------+
| Version | Description | Section | Status | Date |
+----------+---------------------------+----------+--------+--------------+
| 1.0 | Initial public release. | - | Final | 2019-May-15 |
+----------+---------------------------+----------+--------+--------------+
- -------------------------------------------------------------------------------
Cisco NX-OS Software NX-API Sandbox Cross-Site Scripting Vulnerability
Priority: Medium
Advisory ID: cisco-sa-20190515-nxos-nxapi-xss
First Published: 2019 May 15 16:00 GMT
Version 1.0: Final
Workarounds: No workarounds availableCisco Bug IDs: CSCvj14814
CVE-2019-1733
CWE-79
CVSS Score:
5.4 AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:X/RL:X/RC:X
Summary
o
A vulnerability in the NX API (NX-API) Sandbox interface for Cisco NX-OS
Software could allow an authenticated, remote attacker to conduct a
cross-site scripting (XSS) attack against a user of the NX-API Sandbox
interface of an affected device.
The vulnerability is due to insufficient validation of user-supplied input
by the NX-API Sandbox interface. An attacker could exploit this
vulnerability by persuading a user of the NX-API Sandbox interface to click
a crafted link. A successful exploit could allow the attacker to execute
arbitrary script code in the context of the affected NX-API Sandbox
interface.
Cisco has released software updates that address this vulnerability. There
are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
cisco-sa-20190515-nxos-nxapi-xss
Affected Products
o Vulnerable Products
This vulnerability affects the following Cisco products if they are running
a vulnerable release of Cisco NX-OS Software:
Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 9000 Series Switches in standalone NX-OS mode
For information about which Cisco NX-OS Software releases are vulnerable,
see the Fixed Software section of this advisory.
Products Confirmed Not Vulnerable
Only products listed in the Vulnerable Products section of this advisory
are known to be affected by this vulnerability.
Cisco has confirmed that this vulnerability does not affect the following
Cisco products:
Firepower 2100 Series
Firepower 4100 Series
Firepower 9300 Security Appliances
MDS 9000 Series Multilayer Switches
Nexus 1000V Switch for Microsoft Hyper-V
Nexus 1000V Switch for VMware vSphere
Nexus 3600 Platform Switches
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 7000 Series Switches
Nexus 7700 Series Switches
Nexus 9000 Series Fabric Switches in Application Centric Infrastructure
(ACI) mode
Nexus 9500 R-Series Switching Platform
UCS 6200 Series Fabric Interconnects
UCS 6300 Series Fabric Interconnects
UCS 6400 Series Fabric Interconnects
Workarounds
o There are no workarounds that address this vulnerability.
Fixed Software
o Cisco has released free software updates that address the vulnerabilities
described in this advisory. Customers may only install and expect support
for software versions and feature sets for which they have purchased a
license. By installing, downloading, accessing, or otherwise using such
software upgrades, customers agree to follow the terms of the Cisco
software license: https://www.cisco.com/c/en/us/products/
end-user-license-agreement.html
Additionally, customers may only download software for which they have a
valid license, procured from Cisco directly, or through a Cisco authorized
reseller or partner. In most cases this will be a maintenance upgrade to
software that was previously purchased. Free security software updates do
not entitle customers to a new software license, additional software
feature sets, or major revision upgrades.
When considering software upgrades, customers are advised to regularly
consult the advisories for Cisco products, which are available from the
Cisco Security Advisories and Alerts page , to determine exposure and a
complete upgrade solution.
In all cases, customers should ensure that the devices to be upgraded
contain sufficient memory and confirm that current hardware and software
configurations will continue to be supported properly by the new release.
If the information is not clear, customers are advised to contact the Cisco
Technical Assistance Center (TAC) or their contracted maintenance
providers.
Customers Without Service Contracts
Customers who purchase directly from Cisco but do not hold a Cisco service
contract and customers who make purchases through third-party vendors but
are unsuccessful in obtaining fixed software through their point of sale
should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c
/en/us/support/web/tsd-cisco-worldwide-contacts.html
Customers should have the product serial number available and be prepared
to provide the URL of this advisory as evidence of entitlement to a free
upgrade.
Fixed Releases
No upgrade action is necessary for customers who have already applied a
recommended release to address the March 2019 Cisco FXOS and NX-OS Software
bundle. See Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software
Security Advisory Bundled Publication for a list of advisories in the
bundle.
Customers who have not applied a recommended release to address the March
2019 bundle are advised to upgrade to an appropriate release as indicated
in the applicable table in this section. In the following tables, the left
column lists Cisco NX-OS Software releases. The right column indicates the
first release that includes the fix for this vulnerability.
Nexus 3000 Series Switches, Nexus 3500 Platform Switches , and Nexus 9000
Series Switches in Standalone NX-OS Mode: CSCvj14814
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
Prior to 7.0(3)I2 Not vulnerable
7.0(3)I7 7.0(3)I7(4)
9.2(1) Not vulnerable
Additional Resources
For help determining the best Cisco NX-OS Software release for a Cisco
Nexus Switch, administrators can refer to the following Recommended
Releases documents. If a security advisory recommends a later release,
Cisco recommends following the advisory guidance.
Cisco MDS Series Switches
Cisco Nexus 1000V for VMware Switch
Cisco Nexus 3000 Series and 3500 Series Switches
Cisco Nexus 5000 Series Switches
Cisco Nexus 5500 Platform Switches
Cisco Nexus 6000 Series Switches
Cisco Nexus 7000 Series Switches
Cisco Nexus 9000 Series Switches
Cisco Nexus 9000 Series ACI-Mode Switches
For help determining the best Cisco NX-OS Software release for Cisco UCS,
refer to the Recommended Releases documents in the release notes for the
device.
Exploitation and Public Announcements
o The Cisco Product Security Incident Response Team (PSIRT) is not aware of
any public announcements or malicious use of the vulnerability that is
described in this advisory.
Source
o This vulnerability was found during internal security testing.
Cisco Security Vulnerability Policy
o To learn about Cisco security vulnerability disclosure policies and
publications, see the Security Vulnerability Policy . This document also
contains instructions for obtaining fixed software and receiving security
vulnerability information from Cisco.
Action Links for This Advisory
o Understanding Cross-Site Scripting (XSS) Threat Vectors
Related to This Advisory
o Cross-Site Scripting
URL
o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
cisco-sa-20190515-nxos-nxapi-xss
Revision History
o +----------+---------------------------+----------+--------+--------------+
| Version | Description | Section | Status | Date |
+----------+---------------------------+----------+--------+--------------+
| 1.0 | Initial public release. | - | Final | 2019-May-15 |
+----------+---------------------------+----------+--------+--------------+
- -------------------------------------------------------------------------------
Cisco NX-OS Software Patch Signature Verification Bypass Vulnerability
Priority: Medium
Advisory ID: cisco-sa-20190515-nxos-psvb
First Published: 2019 May 15 16:00 GMT
Version 1.0: Final
Workarounds: No workarounds availableCisco Bug IDs: CSCvi42264CSCvj12239
CVE-2019-1809
CWE-347
CVSS Score:
6.4 AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X
Summary
o A vulnerability in the Image Signature Verification feature of Cisco NX-OS
Software could allow an authenticated, local attacker with
administrator-level credentials to install a malicious software patch on an
affected device.
The vulnerability is due to improper verification of digital signatures for
patch images. An attacker could exploit this vulnerability by crafting an
unsigned software patch to bypass signature checks and loading it on an
affected device. A successful exploit could allow the attacker to boot a
malicious software patch image.
Cisco has released software updates that address this vulnerability. There
are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
cisco-sa-20190515-nxos-psvb
Affected Products
o Vulnerable Products
This vulnerability affects the following Cisco products if they are running
a vulnerable release of Cisco NX-OS Software:
MDS 9700 Series Multilayer Directors ^ 1
Nexus 7000 Series Switches
Nexus 7700 Series Switches
UCS 6200 Series Fabric Interconnects
UCS 6300 Series Fabric Interconnects
1. For the MDS products, only the MDS 9700 Series Multilayer Directors
are affected by this vulnerability. All other MDS 9000 Series
Multilayer Switches are not vulnerable.
For information about which Cisco NX-OS Software releases are vulnerable,
see the Fixed Software section of this advisory.
Products Confirmed Not Vulnerable
Only products listed in the Vulnerable Products section of this advisory
are known to be affected by this vulnerability.
Cisco has confirmed that this vulnerability does not affect the following
Cisco products:
Firepower 2100 Series
Firepower 4100 Series
Firepower 9300 Security Appliances
MDS 9000 Series Multilayer Switches (except MDS 9700) ^ 1
Nexus 1000V Switch for Microsoft Hyper-V
Nexus 1000V Switch for VMware vSphere
Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 3600 Platform Switches
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 9000 Series Fabric Switches in Application Centric Infrastructure
(ACI) mode
Nexus 9000 Series Switches in standalone NX-OS mode
Nexus 9500 R-Series Switching Platform
UCS 6400 Series Fabric Interconnects
1. For the MDS products, only the MDS 9700 Series Multilayer Directors
are affected by this vulnerability. All other MDS 9000 Series
Multilayer Switches are not vulnerable.
Workarounds
o There are no workarounds that address this vulnerability.
Fixed Software
o Cisco has released free software updates that address the vulnerability
described in this advisory. Customers may only install and expect support
for software versions and feature sets for which they have purchased a
license. By installing, downloading, accessing, or otherwise using such
software upgrades, customers agree to follow the terms of the Cisco
software license: https://www.cisco.com/c/en/us/products/
end-user-license-agreement.html
Additionally, customers may only download software for which they have a
valid license, procured from Cisco directly, or through a Cisco authorized
reseller or partner. In most cases this will be a maintenance upgrade to
software that was previously purchased. Free security software updates do
not entitle customers to a new software license, additional software
feature sets, or major revision upgrades.
When considering software upgrades, customers are advised to regularly
consult the advisories for Cisco products, which are available from the
Cisco Security Advisories and Alerts page , to determine exposure and a
complete upgrade solution.
In all cases, customers should ensure that the devices to be upgraded
contain sufficient memory and confirm that current hardware and software
configurations will continue to be supported properly by the new release.
If the information is not clear, customers are advised to contact the Cisco
Technical Assistance Center (TAC) or their contracted maintenance
providers.
Customers Without Service Contracts
Customers who purchase directly from Cisco but do not hold a Cisco service
contract and customers who make purchases through third-party vendors but
are unsuccessful in obtaining fixed software through their point of sale
should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c
/en/us/support/web/tsd-cisco-worldwide-contacts.html
Customers should have the product serial number available and be prepared
to provide the URL of this advisory as evidence of entitlement to a free
upgrade.
Fixed Releases
No upgrade action is necessary for customers who have already applied a
recommended release to address the March 2019 Cisco FXOS and NX-OS Software
bundle. See Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software
Security Advisory Bundled Publication for a list of advisories in the
bundle.
Customers who have not applied a recommended release to address the March
2019 bundle are advised to upgrade to an appropriate release as indicated
in the applicable table in this section. In the following tables, the left
column lists Cisco NX-OS Software releases. The right column indicates the
first release that includes the fix for this vulnerability.
MDS 9700 Series Multilayer Directors: CSCvi42264
Cisco NX-OS Software First Fixed Release for This
Release Vulnerability
5.2 Not vulnerable
6.2 Not vulnerable
7.3 8.1(1a)
8.1 8.1(1a)
8.2 8.3(1)
8.3 Not vulnerable
Nexus 7000 and 7700 Series Switches: CSCvi42264
Cisco NX-OS Software First Fixed Release for This
Release Vulnerability
Prior to 6.2 Not vulnerable
6.2 Not vulnerable
7.2 7.3(3)D1(1)
7.3 7.3(3)D1(1)
8.0 8.2(3)
8.1 8.2(3)
8.2 8.2(3)
8.3 Not vulnerable
UCS 6200 and 6300 Fabric Interconnects: CSCvj12239
Cisco NX-OS Software First Fixed Release for This
Release Vulnerability
Prior to 3.1 Not vulnerable
3.1 3.2(3k)
3.2 3.2(3k)
4.0 Not vulnerable
Additional Resources
For help determining the best Cisco NX-OS Software release for a Cisco
Nexus Switch, administrators can refer to the following Recommended
Releases documents. If a security advisory recommends a later release,
Cisco recommends following the advisory guidance.
Cisco MDS Series Switches
Cisco Nexus 1000V for VMware Switch
Cisco Nexus 3000 Series and 3500 Series Switches
Cisco Nexus 5000 Series Switches
Cisco Nexus 5500 Platform Switches
Cisco Nexus 6000 Series Switches
Cisco Nexus 7000 Series Switches
Cisco Nexus 9000 Series Switches
Cisco Nexus 9000 Series ACI-Mode Switches
For help determining the best Cisco NX-OS Software release for Cisco UCS,
refer to the Recommended Releases documents in the release notes for the
device.
Exploitation and Public Announcements
o The Cisco Product Security Incident Response Team (PSIRT) is not aware of
any public announcements or malicious use of the vulnerability that is
described in this advisory.
Source
o This vulnerability was found during internal security testing.
Cisco Security Vulnerability Policy
o To learn about Cisco security vulnerability disclosure policies and
publications, see the Security Vulnerability Policy . This document also
contains instructions for obtaining fixed software and receiving security
vulnerability information from Cisco.
URL
o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
cisco-sa-20190515-nxos-psvb
Revision History
o +----------+---------------------------+----------+--------+--------------+
| Version | Description | Section | Status | Date |
+----------+---------------------------+----------+--------+--------------+
| 1.0 | Initial public release. | - | Final | 2019-May-15 |
+----------+---------------------------+----------+--------+--------------+
- -------------------------------------------------------------------------------
Cisco NX-OS Software Python Parser Privilege Escalation Vulnerability
Priority: Medium
Advisory ID: cisco-sa-20190515-nxos-pyth-escal
First Published: 2019 May 15 16:00 GMT
Version 1.0: Final
Workarounds: No workarounds availableCisco Bug IDs: CSCvh24788CSCvi99282CSCvi99284CSCvi99288
CVE-2019-1727
CWE-264
CVSS Score:
4.2 AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:X/RL:X/RC:X
Summary
o
A vulnerability in the Python scripting subsystem of Cisco NX-OS Software
could allow an authenticated, local attacker to escape the Python parser
and issue arbitrary commands to elevate the attacker's privilege level.
The vulnerability is due to insufficient sanitization of user-supplied
parameters that are passed to certain Python functions in the scripting
sandbox of the affected device. An attacker could exploit this
vulnerability to escape the scripting sandbox and execute arbitrary
commands to elevate the attacker's privilege level.
To exploit this vulnerability, the attacker must have local access and be
authenticated to the targeted device with administrative or Python
execution privileges. These requirements could limit the possibility of a
successful exploit.
Cisco has released software updates that address this vulnerability. There
are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
cisco-sa-20190515-nxos-pyth-escal
Affected Products
o Vulnerable Products
This vulnerability affects the following Cisco products if they are running
a vulnerable release of Cisco NX-OS Software:
MDS 9000 Series Multilayer Switches
Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 3600 Platform Switches
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 7000 Series Switches
Nexus 7700 Series Switches
Nexus 9000 Series Switches in standalone NX-OS mode
Nexus 9500 R-Series Switching Platform
For information about which Cisco NX-OS Software releases are vulnerable,
see the Fixed Software section of this advisory.
Products Confirmed Not Vulnerable
Only products listed in the Vulnerable Products section of this advisory
are known to be affected by this vulnerability.
Cisco has confirmed that this vulnerability does not affect the following
Cisco products:
Firepower 2100 Series
Firepower 4100 Series
Firepower 9300 Security Appliances
Nexus 1000V Switch for Microsoft Hyper-V
Nexus 1000V Switch for VMware vSphere
Nexus 9000 Series Fabric Switches in Application Centric Infrastructure
(ACI) mode
UCS 6200 Series Fabric Interconnects
UCS 6300 Series Fabric Interconnects
UCS 6400 Series Fabric Interconnects
Workarounds
o There are no workarounds that address this vulnerability. However, an
administrator can reduce exposure to this vulnerability by ensuring that
only highly trusted users are allowed to access the Python sandbox.
Fixed Software
o Cisco has released free software updates that address the vulnerabilities
described in this advisory. Customers may only install and expect support
for software versions and feature sets for which they have purchased a
license. By installing, downloading, accessing, or otherwise using such
software upgrades, customers agree to follow the terms of the Cisco
software license: https://www.cisco.com/c/en/us/products/
end-user-license-agreement.html
Additionally, customers may only download software for which they have a
valid license, procured from Cisco directly, or through a Cisco authorized
reseller or partner. In most cases this will be a maintenance upgrade to
software that was previously purchased. Free security software updates do
not entitle customers to a new software license, additional software
feature sets, or major revision upgrades.
When considering software upgrades, customers are advised to regularly
consult the advisories for Cisco products, which are available from the
Cisco Security Advisories and Alerts page , to determine exposure and a
complete upgrade solution.
In all cases, customers should ensure that the devices to be upgraded
contain sufficient memory and confirm that current hardware and software
configurations will continue to be supported properly by the new release.
If the information is not clear, customers are advised to contact the Cisco
Technical Assistance Center (TAC) or their contracted maintenance
providers.
Customers Without Service Contracts
Customers who purchase directly from Cisco but do not hold a Cisco service
contract and customers who make purchases through third-party vendors but
are unsuccessful in obtaining fixed software through their point of sale
should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c
/en/us/support/web/tsd-cisco-worldwide-contacts.html
Customers should have the product serial number available and be prepared
to provide the URL of this advisory as evidence of entitlement to a free
upgrade.
Fixed Releases
No upgrade action is necessary for customers who have already applied a
recommended release to address the March 2019 Cisco FXOS and NX-OS Software
bundle. See Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software
Security Advisory Bundled Publication for a list of advisories in the
bundle.
Customers who have not applied a recommended release to address the March
2019 bundle are advised to upgrade to an appropriate release as indicated
in the applicable table in this section. In the following tables, the left
column lists Cisco NX-OS Software releases. The right column indicates the
first release that includes the fix for this vulnerability.
MDS 9000 Series Multilayer Switches: CSCvi99284
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
5.2 8.1(1b)
6.2 8.1(1b)
7.3 8.1(1b)
8.1 8.1(1b)
8.2 8.3(1)
8.3 8.3(1)
Nexus 3000 Series Switches, Nexus 3500 Platform Switches , and Nexus 9000
Series Switches in Standalone NX-OS Mode: CSCvh24788
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
Prior to 7.0(3)I4 7.0(3)I4(8)
7.0(3)I4 7.0(3)I4(8)
7.0(3)I5 7.0(3)I7(3)
7.0(3)I6 7.0(3)I7(3)
7.0(3)I7 7.0(3)I7(3)
9.2(1) Not vulnerable
Nexus 3600 Platform Switches and Nexus 9500 R-Series Switching Platform :
CSCvi99282
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
7.0(3) 7.0(3)F3(5)
9.2 Not vulnerable
Nexus 5500, 5600, and 6000 Series Switches: CSCvi99288
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
Prior to 7.3 7.3(4)N1(1)
7.3 7.3(4)N1(1)
Nexus 7000 and 7700 Series Switches: CSCvi99284
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
Prior to 6.2 Not vulnerable
6.2 7.3(3)D1(1)
7.2 7.3(3)D1(1)
7.3 7.3(3)D1(1)
8.0 8.3(1)
8.1 8.3(1)
8.2 8.3(1)
8.3 8.3(1)
Additional Resources
For help determining the best Cisco NX-OS Software release for a Cisco
Nexus Switch, administrators can refer to the following Recommended
Releases documents. If a security advisory recommends a later release,
Cisco recommends following the advisory guidance.
Cisco MDS Series Switches
Cisco Nexus 1000V for VMware Switch
Cisco Nexus 3000 Series and 3500 Series Switches
Cisco Nexus 5000 Series Switches
Cisco Nexus 5500 Platform Switches
Cisco Nexus 6000 Series Switches
Cisco Nexus 7000 Series Switches
Cisco Nexus 9000 Series Switches
Cisco Nexus 9000 Series ACI-Mode Switches
For help determining the best Cisco NX-OS Software release for Cisco UCS,
refer to the Recommended Releases documents in the release notes for the
device.
Exploitation and Public Announcements
o The Cisco Product Security Incident Response Team (PSIRT) is not aware of
any public announcements or malicious use of the vulnerability that is
described in this advisory.
Source
o This vulnerability was found during internal security testing.
Cisco Security Vulnerability Policy
o To learn about Cisco security vulnerability disclosure policies and
publications, see the Security Vulnerability Policy . This document also
contains instructions for obtaining fixed software and receiving security
vulnerability information from Cisco.
URL
o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
cisco-sa-20190515-nxos-pyth-escal
Revision History
o +----------+---------------------------+----------+--------+--------------+
| Version | Description | Section | Status | Date |
+----------+---------------------------+----------+--------+--------------+
| 1.0 | Initial public release. | - | Final | 2019-May-15 |
+----------+---------------------------+----------+--------+--------------+
- -------------------------------------------------------------------------------
Cisco NX-OS Software Remote Package Manager Command Injection Vulnerability
Priority: Medium
Advisory ID: cisco-sa-20190515-nxos-rpm-injec
First Published: 2019 May 15 16:00 GMT
Version 1.0: Final
Workarounds: No workarounds availableCisco Bug IDs: CSCvi01453CSCvj00550
CVE-2019-1732
CWE-78
CVSS Score:
6.4 AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X
Summary
o A vulnerability in the Remote Package Manager (RPM) subsystem of Cisco
NX-OS Software could allow an authenticated, local attacker with
administrator credentials to leverage a time-of-check, time-of-use (TOCTOU)
race condition to corrupt local variables, which could lead to arbitrary
command injection.
The vulnerability is due to the lack of a proper locking mechanism on
critical variables that need to stay static until used. An attacker could
exploit this vulnerability by authenticating to an affected device and
issuing a set of RPM-related CLI commands. A successful exploit could allow
the attacker to perform arbitrary command injection. The attacker would
need administrator credentials for the targeted device.
Cisco has released software updates that address this vulnerability. There
are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
cisco-sa-20190515-nxos-rpm-injec
Affected Products
o Vulnerable Products
This vulnerability affects the following Cisco products if they are running
a vulnerable release of Cisco NX-OS Software:
Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 3600 Platform Switches
Nexus 9000 Series Switches in standalone NX-OS mode
Nexus 9500 R-Series Switching Platform
For information about which Cisco NX-OS Software releases are vulnerable,
see the Fixed Software section of this advisory.
Products Confirmed Not Vulnerable
Only products listed in the Vulnerable Products section of this advisory
are known to be affected by this vulnerability.
Cisco has confirmed that this vulnerability does not affect the following
Cisco products:
Firepower 2100 Series
Firepower 4100 Series
Firepower 9300 Security Appliances
MDS 9000 Series Multilayer Switches
Nexus 1000V Switch for Microsoft Hyper-V
Nexus 1000V Switch for VMware vSphere
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 7000 Series Switches
Nexus 7700 Series Switches
Nexus 9000 Series Fabric Switches in Application Centric Infrastructure
(ACI) mode
UCS 6200 Series Fabric Interconnects
UCS 6300 Series Fabric Interconnects
UCS 6400 Series Fabric Interconnects
Workarounds
o There are no workarounds that address this vulnerability.
Fixed Software
o Cisco has released free software updates that address the vulnerability
described in this advisory. Customers may only install and expect support
for software versions and feature sets for which they have purchased a
license. By installing, downloading, accessing, or otherwise using such
software upgrades, customers agree to follow the terms of the Cisco
software license: https://www.cisco.com/c/en/us/products/
end-user-license-agreement.html
Additionally, customers may only download software for which they have a
valid license, procured from Cisco directly, or through a Cisco authorized
reseller or partner. In most cases this will be a maintenance upgrade to
software that was previously purchased. Free security software updates do
not entitle customers to a new software license, additional software
feature sets, or major revision upgrades.
When considering software upgrades, customers are advised to regularly
consult the advisories for Cisco products, which are available from the
Cisco Security Advisories and Alerts page , to determine exposure and a
complete upgrade solution.
In all cases, customers should ensure that the devices to be upgraded
contain sufficient memory and confirm that current hardware and software
configurations will continue to be supported properly by the new release.
If the information is not clear, customers are advised to contact the Cisco
Technical Assistance Center (TAC) or their contracted maintenance
providers.
Customers Without Service Contracts
Customers who purchase directly from Cisco but do not hold a Cisco service
contract and customers who make purchases through third-party vendors but
are unsuccessful in obtaining fixed software through their point of sale
should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c
/en/us/support/web/tsd-cisco-worldwide-contacts.html
Customers should have the product serial number available and be prepared
to provide the URL of this advisory as evidence of entitlement to a free
upgrade.
Fixed Releases
No upgrade action is necessary for customers who have already applied a
recommended release to address the March 2019 Cisco FXOS and NX-OS Software
bundle. See Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software
Security Advisory Bundled Publication for a list of advisories in the
bundle.
Customers who have not applied a recommended release to address the March
2019 bundle are advised to upgrade to an appropriate release as indicated
in the applicable table in this section. In the following tables, the left
column lists Cisco NX-OS Software releases. The right column indicates the
first release that includes the fix for this vulnerability.
Nexus 3000 Series Switches, Nexus 3500 Platform Switches, and Nexus 9000
Series Switches in Standalone NX-OS Mode: CSCvi01453
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
Prior to 7.0(3)I4 7.0(3)I4(9)
7.0(3)I4 7.0(3)I4(9)
7.0(3)I7 7.0(3)I7(4)
9.2(1) Not vulnerable
Nexus 3600 Platform Switches and Nexus 9500 R-Series Switching Platform:
CSCvj00550
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
7.0(3) 7.0(3)F3(5)
9.2 Not vulnerable
Additional Resources
For help determining the best Cisco NX-OS Software release for a Cisco
Nexus Switch, administrators can refer to the following Recommended
Releases documents. If a security advisory recommends a later release,
Cisco recommends following the advisory guidance.
Cisco MDS Series Switches
Cisco Nexus 1000V for VMware Switch
Cisco Nexus 3000 Series and 3500 Series Switches
Cisco Nexus 5000 Series Switches
Cisco Nexus 5500 Platform Switches
Cisco Nexus 6000 Series Switches
Cisco Nexus 7000 Series Switches
Cisco Nexus 9000 Series Switches
Cisco Nexus 9000 Series ACI-Mode Switches
For help determining the best Cisco NX-OS Software release for Cisco UCS,
refer to the Recommended Releases documents in the release notes for the
device.
Exploitation and Public Announcements
o The Cisco Product Security Incident Response Team (PSIRT) is not aware of
any public announcements or malicious use of the vulnerability that is
described in this advisory.
Source
o This vulnerability was found during internal security testing.
Cisco Security Vulnerability Policy
o To learn about Cisco security vulnerability disclosure policies and
publications, see the Security Vulnerability Policy . This document also
contains instructions for obtaining fixed software and receiving security
vulnerability information from Cisco.
URL
o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
cisco-sa-20190515-nxos-rpm-injec
Revision History
o +----------+---------------------------+----------+--------+--------------+
| Version | Description | Section | Status | Date |
+----------+---------------------------+----------+--------+--------------+
| 1.0 | Initial public release. | - | Final | 2019-May-15 |
+----------+---------------------------+----------+--------+--------------+
- -------------------------------------------------------------------------------
Cisco NX-OS Software SSH Key Information Disclosure Vulnerability
Priority: Medium
Advisory ID: cisco-sa-20190515-nxos-ssh-info
First Published: 2019 May 15 16:00 GMT
Last Updated: 2019 May 16 15:49 GMT
Version 1.1: Final
Workarounds: No workarounds available
Cisco Bug IDs: CSCvh76123CSCvj01385CSCvj01386CSCvj01393
CVE-2019-1731
CWE-200
CVSS Score:
5.1 AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N/E:X/RL:X/RC:X
Summary
o
A vulnerability in the SSH CLI key management functionality of Cisco NX-OS
Software could allow an authenticated, local attacker to expose a user's
private SSH key to all authenticated users on the targeted device. The
attacker must authenticate with valid administrator device credentials.
The vulnerability is due to incomplete error handling if a specific error
type occurs during the SSH key export. An attacker could exploit this
vulnerability by authenticating to the device and entering a crafted
command at the CLI. A successful exploit could allow the attacker to expose
a user's private SSH key. In addition, a similar type of error in the SSH
key import could cause the passphrase-protected private SSH key to be
imported unintentionally.
Cisco has released software updates that address this vulnerability. There
are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
cisco-sa-20190515-nxos-ssh-info
Affected Products
o Vulnerable Products
This vulnerability affects the following Cisco products if they are running
a vulnerable release of Cisco NX-OS Software:
Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 3600 Platform Switches
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 9000 Series Switches in standalone NX-OS mode
Nexus 9500 R-Series Switching Platform
For information about which Cisco NX-OS Software releases are vulnerable,
see the Fixed Software section of this advisory.
Products Confirmed Not Vulnerable
Only products listed in the Vulnerable Products section of this advisory
are known to be affected by this vulnerability.
Cisco has confirmed that this vulnerability does not affect the following
Cisco products:
Firepower 2100 Series
Firepower 4100 Series
Firepower 9300 Security Appliances
MDS 9000 Series Multilayer Switches
Nexus 1000V Switch for Microsoft Hyper-V
Nexus 1000V Switch for VMware vSphere
Nexus 7000 Series Switches
Nexus 7700 Series Switches
Nexus 9000 Series Fabric Switches in Application Centric Infrastructure
(ACI) mode
UCS 6200 Series Fabric Interconnects
UCS 6300 Series Fabric Interconnects
UCS 6400 Series Fabric Interconnects
Workarounds
o There are no workarounds that address this vulnerability.
Fixed Software
o Cisco has released free software updates that address the vulnerabilities
described in this advisory. Customers may only install and expect support
for software versions and feature sets for which they have purchased a
license. By installing, downloading, accessing, or otherwise using such
software upgrades, customers agree to follow the terms of the Cisco
software license: https://www.cisco.com/c/en/us/products/
end-user-license-agreement.html
Additionally, customers may only download software for which they have a
valid license, procured from Cisco directly, or through a Cisco authorized
reseller or partner. In most cases this will be a maintenance upgrade to
software that was previously purchased. Free security software updates do
not entitle customers to a new software license, additional software
feature sets, or major revision upgrades.
When considering software upgrades, customers are advised to regularly
consult the advisories for Cisco products, which are available from the
Cisco Security Advisories and Alerts page , to determine exposure and a
complete upgrade solution.
In all cases, customers should ensure that the devices to be upgraded
contain sufficient memory and confirm that current hardware and software
configurations will continue to be supported properly by the new release.
If the information is not clear, customers are advised to contact the Cisco
Technical Assistance Center (TAC) or their contracted maintenance
providers.
Customers Without Service Contracts
Customers who purchase directly from Cisco but do not hold a Cisco service
contract and customers who make purchases through third-party vendors but
are unsuccessful in obtaining fixed software through their point of sale
should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c
/en/us/support/web/tsd-cisco-worldwide-contacts.html
Customers should have the product serial number available and be prepared
to provide the URL of this advisory as evidence of entitlement to a free
upgrade.
Fixed Releases
No upgrade action is necessary for customers who have already applied a
recommended release to address the March 2019 Cisco FXOS and NX-OS Software
bundle. See Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software
Security Advisory Bundled Publication for a list of advisories in the
bundle.
Customers who have not applied a recommended release to address the March
2019 bundle are advised to upgrade to an appropriate release as indicated
in the applicable table in this section. In the following tables, the left
column lists Cisco NX-OS Software releases. The right column indicates the
first release that includes the fix for this vulnerability.
Nexus 3000 Series Switches and Nexus 9000 Series Switches in Standalone
NX-OS Mode: CSCvh76123
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
Prior to 7.0(3)I4 7.0(3)I4(9)
7.0(3)I4 7.0(3)I4(9)
7.0(3)I7 7.0(3)I7(4)
9.2(1) Not vulnerable
Nexus 3500 Platform Switches: CSCvj01385
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
Prior to 6.0(2)A8 6.0(2)A8(10)
6.0(2)A8 6.0(2)A8(10)
7.0(3)I4 7.0(3)I4(9)
7.0(3)I7 7.0(3)I7(4)
9.2 Not vulnerable
Nexus 3600 Platform Switches and Nexus 9500 R-Series Switching Platform:
CSCvj01393
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
7.0(3) 7.0(3)F3(5)
9.2 Not vulnerable
Nexus 5500, 5600, and 6000 Series Switches: CSCvj01386
Cisco NX-OS Software Release First Fixed Release for This Vulnerability
Prior to 7.3 7.3(4)N1(1)
7.3 7.3(4)N1(1)
Additional Resources
For help determining the best Cisco NX-OS Software release for a Cisco
Nexus Switch, administrators can refer to the following Recommended
Releases documents. If a security advisory recommends a later release,
Cisco recommends following the advisory guidance.
Cisco MDS Series Switches
Cisco Nexus 1000V for VMware Switch
Cisco Nexus 3000 Series and 3500 Series Switches
Cisco Nexus 5000 Series Switches
Cisco Nexus 5500 Platform Switches
Cisco Nexus 6000 Series Switches
Cisco Nexus 7000 Series Switches
Cisco Nexus 9000 Series Switches
Cisco Nexus 9000 Series ACI-Mode Switches
For help determining the best Cisco NX-OS Software release for Cisco UCS,
refer to the Recommended Releases documents in the release notes for the
device.
Exploitation and Public Announcements
o The Cisco Product Security Incident Response Team (PSIRT) is not aware of
any public announcements or malicious use of the vulnerability that is
described in this advisory.
Source
o This vulnerability was found during internal security testing.
Cisco Security Vulnerability Policy
o To learn about Cisco security vulnerability disclosure policies and
publications, see the Security Vulnerability Policy . This document also
contains instructions for obtaining fixed software and receiving security
vulnerability information from Cisco.
URL
o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
cisco-sa-20190515-nxos-ssh-info
Revision History
o +---------+-----------------------------+----------+--------+-------------+
| Version | Description | Section | Status | Date |
+---------+-----------------------------+----------+--------+-------------+
| | Fixed an error in the Fixed | | | |
| 1.1 | Release table for the Nexus | Fixed | Final | 2019-May-16 |
| | 3000 Series Switches and | Software | | |
| | Nexus 9000 Series Switches. | | | |
+---------+-----------------------------+----------+--------+-------------+
| 1.0 | Initial public release. | - | Final | 2019-May-15 |
+---------+-----------------------------+----------+--------+-------------+
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBXS/9uGaOgq3Tt24GAQgqkg//a/0mZBtxs7szI40wFRu2BbWk7OkZ+/sz
B6HPNTV/ntegYXsiGxAPT1ZEsit1V1WcEW9x/9suDuKbyMnQYasSFJuc14HOppDg
7bAjdiZH66GrkAc7uQRkDOFUYmFd4aTyGpnXSMd7HWzP2XoDj4DzHIbim/CUjPID
nmYWj4PbRquReL90K/FzH9VRQ7hj147pQHeImjZqqLKYmPLsrKlbrS1SR/aRvRBM
JMRuV294zEBr4qBdRW54r1llFjLH9e0yYPfWDx1m+UAC87QGs+VL3LRnJNncHnpV
HcpxvtklfSseG0t4KmYYpI9vjn6N3qacwHIx31CpNkrgnZzPgb7oZLYZnuVVE1Ua
k9rwwL3en8ImWfM4W7h+bktC2uKbeR7of8zp01R57jX8056DKmwjYLPwq3NFyXGO
y/m/S6EBmlm8gE+H/HQOSedDPxkR8yu0RCJMN9Ze4lC7PDd8JTl2b+bKxnt+fblM
7/Vg6DUshwzL6PgpANP4rc77leV2ajIKpxtYmlbJkl9EIVQ8HNMTuBnxiIey0FKj
T1kmsXd3EvPtnedUgZiinOkaBN/Eq5GYf8oVz8rwJ5ODwHsHh94F2CWsV5oGHojb
3eLo97ss7gpm9q+iTFW+aMqH8HeV014fG70kAninFAQufX2EKaCifizm8GpXEz64
s9CTlPaNCT8=
=oDcF
-----END PGP SIGNATURE-----