Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2019.1756.4 Cisco NX-OS Software Vulnerabilities 18 July 2019 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Cisco NX-OS Software Publisher: Cisco Systems Operating System: Cisco Impact/Access: Execute Arbitrary Code/Commands -- Existing Account Increased Privileges -- Existing Account Access Privileged Data -- Existing Account Overwrite Arbitrary Files -- Existing Account Cross-site Scripting -- Existing Account Unauthorised Access -- Existing Account Resolution: Patch/Upgrade CVE Names: CVE-2019-1813 CVE-2019-1812 CVE-2019-1811 CVE-2019-1809 CVE-2019-1795 CVE-2019-1791 CVE-2019-1790 CVE-2019-1784 CVE-2019-1783 CVE-2019-1782 CVE-2019-1781 CVE-2019-1780 CVE-2019-1779 CVE-2019-1778 CVE-2019-1776 CVE-2019-1775 CVE-2019-1774 CVE-2019-1770 CVE-2019-1769 CVE-2019-1768 CVE-2019-1767 CVE-2019-1735 CVE-2019-1733 CVE-2019-1732 CVE-2019-1731 CVE-2019-1730 CVE-2019-1729 CVE-2019-1727 CVE-2019-1726 Original Bulletin: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-sisv2 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-file-write https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-bash-bypass https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-overflow-inj https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cli-bypass https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1774-1775 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1735 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1770 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1776 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1778 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1783 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmd-inject-1784 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1790 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1791 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-linecardinj-1769 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-nxapi-xss https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-psvb https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-pyth-escal https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-rpm-injec https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-ssh-info Revision History: July 18 2019: Updated cisco-sa-20190515-nxos-cmdinj-1776/cisco-sa-20190515-nxos-cmdinj-1783/cisco-sa-20190515-nxos-cmd-inject-1784 to v1.1 May 21 2019: Updated cisco-sa-20190515-nxos-bash-bypass to v1.1 May 17 2019: Updated cisco-sa-20190515-nxos-ssh-info to v1.1 May 16 2019: Initial Release - --------------------------BEGIN INCLUDED TEXT-------------------- Cisco NX-OS CLI Command Software Image Signature Verification Vulnerabilities Priority: Medium Advisory ID: cisco-sa-20190515-nxos-sisv2 First Published: 2019 May 15 16:00 GMT Version 1.0: Final Workarounds: No workarounds available CVE-2019-1811 CVE-2019-1812 CVE-2019-1813 CWE-347 CVSS Score: 6.7 AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X Summary o Multiple vulnerabilities in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerabilities exist because software digital signatures are not properly verified during CLI command execution. An attacker could exploit these vulnerabilities to install an unsigned software image on an affected device. Note: If the device has not been patched for the vulnerability previously disclosed in the Cisco Security Advisory cisco-sa-20190306-nxos-sig-verif , a successful exploit could allow the attacker to boot a malicious software image. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/ cisco-sa-20190515-nxos-sisv2 Affected Products o Vulnerable Products These vulnerabilities affect the following Cisco products if they are running a vulnerable release of Cisco NX-OS Software: Nexus 3000 Series Switches Nexus 3600 Platform Switches Nexus 9000 Series Switches in standalone NX-OS mode Nexus 9500 R-Series Switching Platform Note: For the Nexus 3000 Series Switches, only a subset of products supports image signature verification. The following Nexus 3000 Series product IDs (PIDs) are affected by these vulnerabilities: N3K-C31108PC-V N3K-C31108TC-V N3K-C31128PQ-10GE N3K-C3132C-Z N3K-C3164Q-40GE N3K-C3232C N3K-C3264C-E N3K-C3264Q N3K-C34180YC N3K-C3432D-I N3K-C3464C For information about which Cisco NX-OS Software releases are vulnerable, see the Fixed Software section of this advisory. Determining the Cisco NX-OS Product ID To check the PID, administrators can use the show inventory command in the device CLI. The following example shows the output of the command for a device that has the PID N3K-C3232C : switch# show inventory NAME: "Chassis", DESCR: "Nexus3000 C3232C Chassis" PID: N3K-C3232C , VID: V02 , SN: FOC20291JA0 NAME: "Slot 1", DESCR: "32x40/100G QSFP28 2x10G SFP+ Ethernet Module" PID: N3K-C3232C , VID: V02 , SN: FOC20291JA0 NAME: "Power Supply 1", DESCR: "Nexus3000 C3232C Chassis Power Supply" PID: NXA-PAC-650W-PI , VID: V01 , SN: LIT20362Z6G Products Confirmed Not Vulnerable Only products listed in the Vulnerable Products section of this advisory are known to be affected by these vulnerabilities. Cisco has confirmed that these vulnerabilities do not affect the following Cisco products: Firepower 2100 Series Firepower 4100 Series Firepower 9300 Security Appliances MDS 9000 Series Multilayer Switches Nexus 1000V Switch for Microsoft Hyper-V Nexus 1000V Switch for VMware vSphere Nexus 3500 Platform Switches Nexus 5500 Platform Switches Nexus 5600 Platform Switches Nexus 6000 Series Switches Nexus 7000 Series Switches Nexus 7700 Series Switches Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode UCS 6200 Series Fabric Interconnects UCS 6300 Series Fabric Interconnects UCS 6400 Series Fabric Interconnects Workarounds o There are no workarounds that address these vulnerabilities. Fixed Software o Cisco has released free software updates that address the vulnerabilities described in this advisory. Customers may only install and expect support for software versions and feature sets for which they have purchased a license. By installing, downloading, accessing, or otherwise using such software upgrades, customers agree to follow the terms of the Cisco software license: https://www.cisco.com/c/en/us/products/ end-user-license-agreement.html Additionally, customers may only download software for which they have a valid license, procured from Cisco directly, or through a Cisco authorized reseller or partner. In most cases this will be a maintenance upgrade to software that was previously purchased. Free security software updates do not entitle customers to a new software license, additional software feature sets, or major revision upgrades. When considering software upgrades, customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories and Alerts page , to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Customers Without Service Contracts Customers who purchase directly from Cisco but do not hold a Cisco service contract and customers who make purchases through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c /en/us/support/web/tsd-cisco-worldwide-contacts.html Customers should have the product serial number available and be prepared to provide the URL of this advisory as evidence of entitlement to a free upgrade. Fixed Releases Customers are advised to upgrade to an appropriate release as indicated in the applicable table in this section. In the following tables, the left column lists Cisco NX-OS Software releases. The right column indicates the first release that includes the fix for these vulnerabilities. Note: A complete fix for these vulnerabilities requires that a proper BIOS version is installed. Customers who are running an affected product that is listed in the previously disclosed Cisco advisory cisco-sa-20190306-nxos-sig-verif may not have upgraded the BIOS when the software was installed even if they are running a fixed software release. Customers are advised to confirm that the BIOS is running a fixed BIOS version (first fixed or later) as described in the previously disclosed advisory . Nexus 3000 Series Switches: CSCvj14182 , CSCvj14106 , CSCvj14093 Cisco NX-OS Software Release First Fixed Release for These Vulnerabilities Prior to 6.0(2) Not vulnerable 6.0(2) Not vulnerable Prior to 7.0(3)I4 7.0(3)I7(5) 7.0(3)I4 7.0(3)I7(5) 7.0(3)I5 7.0(3)I7(5) 7.0(3)I6 7.0(3)I7(5) 7.0(3)I7 7.0(3)I7(5) 9.2 9.2(2) Nexus 3600 Platform Switches and Nexus 9500 R-Series Switching Platform: CSCvk53256 , CSCvk53227 , CSCvk53125 Cisco NX-OS Software Release First Fixed Release for These Vulnerabilities 7.0(3)F3 7.0(3)F3(5) 9.2 9.2(2) Nexus 9000 Series Switches in Standalone NX-OS Mode: CSCvj14182 , CSCvj14106 , CSCvj14093 Cisco NX-OS Software Release First Fixed Release for These Vulnerabilities Prior to 7.0(3)I4 7.0(3)I7(5) 7.0(3)I4 7.0(3)I7(5) 7.0(3)I5 7.0(3)I7(5) 7.0(3)I6 7.0(3)I7(5) 7.0(3)I7 7.0(3)I7(5) 9.2 9.2(2) Additional Resources For help determining the best Cisco NX-OS Software release for a Cisco Nexus Switch, administrators can refer to the following Recommended Releases documents. If a security advisory recommends a later release, Cisco recommends following the advisory guidance. Cisco MDS Series Switches Cisco Nexus 1000V for VMware Switch Cisco Nexus 3000 Series and 3500 Series Switches Cisco Nexus 5000 Series Switches Cisco Nexus 5500 Platform Switches Cisco Nexus 6000 Series Switches Cisco Nexus 7000 Series Switches Cisco Nexus 9000 Series Switches Cisco Nexus 9000 Series ACI-Mode Switches For help determining the best Cisco NX-OS Software release for Cisco UCS, refer to the Recommended Releases documents in the release notes for the device. Exploitation and Public Announcements o The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. Source o These vulnerabilities were found during internal security testing. Cisco Security Vulnerability Policy o To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy . This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco. URL o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/ cisco-sa-20190515-nxos-sisv2 Revision History o +----------+---------------------------+----------+--------+--------------+ | Version | Description | Section | Status | Date | +----------+---------------------------+----------+--------+--------------+ | 1.0 | Initial public release. | - | Final | 2019-May-15 | +----------+---------------------------+----------+--------+--------------+ - ------------------------------------------------------------------------------- Cisco NX-OS Software Arbitrary File Overwrite Vulnerability Priority: Medium Advisory ID: cisco-sa-20190515-nxos-file-write First Published: 2019 May 15 16:00 GMT Version 1.0: Final Workarounds: No workarounds availableCisco Bug IDs: CSCvh76022CSCvj03856 CVE-2019-1729 CWE-20 CVSS Score: 6.7 AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X Summary o A vulnerability in the CLI implementation of a specific command used for image maintenance for Cisco NX-OS Software could allow an authenticated, local attacker to overwrite any file on the file system including system files. These file overwrites by the attacker are accomplished at the root privilege level. The vulnerability occurs because there is no verification of user-input parameters and or digital-signature verification for image files when using a specific CLI command. An attacker could exploit this vulnerability by authenticating to the device and issuing a command at the CLI. Because an exploit could allow the attacker to overwrite any file on the disk, including system files, a denial of service (DoS) condition could occur. The attacker must have valid administrator credentials for the affected device to exploit this vulnerability. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/ cisco-sa-20190515-nxos-file-write Affected Products o Vulnerable Products This vulnerability affects the following Cisco products if they are running a vulnerable release of Cisco NX-OS Software: Nexus 3000 Series Switches Nexus 3500 Platform Switches Nexus 3600 Platform Switches Nexus 9000 Series Switches in standalone NX-OS mode Nexus 9500 R-Series Switching Platform For information about which Cisco NX-OS Software releases are vulnerable, see the Fixed Software section of this advisory. Products Confirmed Not Vulnerable Only products listed in the Vulnerable Products section of this advisory are known to be affected by this vulnerability. Cisco has confirmed that this vulnerability does not affect the following Cisco products: Firepower 2100 Series Firepower 4100 Series Firepower 9300 Security Appliances MDS 9000 Series Multilayer Switches Nexus 1000V Switch for Microsoft Hyper-V Nexus 1000V Switch for VMware vSphere Nexus 5500 Platform Switches Nexus 5600 Platform Switches Nexus 6000 Series Switches Nexus 7000 Series Switches Nexus 7700 Series Switches Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode UCS 6200 Series Fabric Interconnects UCS 6300 Series Fabric Interconnects UCS 6400 Series Fabric Interconnects Workarounds o There are no workarounds that address this vulnerability. Fixed Software o Cisco has released free software updates that address the vulnerabilities described in this advisory. Customers may only install and expect support for software versions and feature sets for which they have purchased a license. By installing, downloading, accessing, or otherwise using such software upgrades, customers agree to follow the terms of the Cisco software license: https://www.cisco.com/c/en/us/products/ end-user-license-agreement.html Additionally, customers may only download software for which they have a valid license, procured from Cisco directly, or through a Cisco authorized reseller or partner. In most cases this will be a maintenance upgrade to software that was previously purchased. Free security software updates do not entitle customers to a new software license, additional software feature sets, or major revision upgrades. When considering software upgrades, customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories and Alerts page , to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Customers Without Service Contracts Customers who purchase directly from Cisco but do not hold a Cisco service contract and customers who make purchases through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c /en/us/support/web/tsd-cisco-worldwide-contacts.html Customers should have the product serial number available and be prepared to provide the URL of this advisory as evidence of entitlement to a free upgrade. Fixed Releases No upgrade action is necessary for customers who have already applied a recommended release to address the March 2019 Cisco FXOS and NX-OS Software bundle. See Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication for a list of advisories in the bundle. Customers who have not applied a recommended release to address the March 2019 bundle are advised to upgrade to an appropriate release as indicated in the applicable table in this section. In the following tables, the left column lists Cisco NX-OS Software releases. The right column indicates the first release that includes the fix for this vulnerability. Nexus 3000 Series Switches, Nexus 3500 Platform Switches, and Nexus 9000 Series Switches in Standalone NX-OS Mode: CSCvh76022 Cisco NX-OS Software Release First Fixed Release for This Vulnerability Prior to 7.0(3)I4 7.0(3)I4(9) 7.0(3)I4 7.0(3)I4(9) 7.0(3)I7 7.0(3)I7(4) 9.2(1) Not vulnerable Nexus 3600 Platform Switches and Nexus 9500 R-Series Switching Platform: CSCvj03856 Cisco NX-OS Software Release First Fixed Release for This Vulnerability 7.0(3) 7.0(3)F3(5) 9.2 Not vulnerable Additional Resources For help determining the best Cisco NX-OS Software release for a Cisco Nexus Switch, administrators can refer to the following Recommended Releases documents. If a security advisory recommends a later release, Cisco recommends following the advisory guidance. Cisco MDS Series Switches Cisco Nexus 1000V for VMware Switch Cisco Nexus 3000 Series and 3500 Series Switches Cisco Nexus 5000 Series Switches Cisco Nexus 5500 Platform Switches Cisco Nexus 6000 Series Switches Cisco Nexus 7000 Series Switches Cisco Nexus 9000 Series Switches Cisco Nexus 9000 Series ACI-Mode Switches For help determining the best Cisco NX-OS Software release for Cisco UCS, refer to the Recommended Releases documents in the release notes for the device. Exploitation and Public Announcements o The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. Source o This vulnerability was found during internal security testing. Cisco Security Vulnerability Policy o To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy . This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco. URL o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/ cisco-sa-20190515-nxos-file-write Revision History o +----------+---------------------------+----------+--------+--------------+ | Version | Description | Section | Status | Date | +----------+---------------------------+----------+--------+--------------+ | 1.0 | Initial public release. | - | Final | 2019-May-15 | +----------+---------------------------+----------+--------+--------------+ - ------------------------------------------------------------------------------- Cisco NX-OS Software Bash Bypass Guest Shell Vulnerability Priority: Medium Advisory ID: cisco-sa-20190515-nxos-bash-bypass First Published: 2019 May 15 16:00 GMT Version 1.0: Final Workarounds: No workarounds available Cisco Bug IDs: CSCvh76090CSCvj01472CSCvj01497 CVE-2019-1730 CWE-264 CVSS Score: 6.0 AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H/E:X/RL:X/RC:X Summary o A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to bypass the limited command set of the restricted Guest Shell and execute commands at the privilege level of a network-admin user outside of the Guest Shell. The attacker must authenticate with valid administrator device credentials. The vulnerability is due to the incorrect implementation of a CLI command that allows a Bash command to be incorrectly invoked on the Guest Shell CLI. An attacker could exploit this vulnerability by authenticating to the device and entering a crafted command at the Guest Shell prompt. A successful exploit could allow the attacker to issue commands that should be restricted by a Guest Shell account. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/ cisco-sa-20190515-nxos-bash-bypass Affected Products o Vulnerable Products This vulnerability affects the following Cisco products if they are running a vulnerable release of Cisco NX-OS Software: Nexus 3000 Series Switches Nexus 3500 Platform Switches Nexus 3600 Platform Switches Nexus 7000 Series Switches Nexus 7700 Series Switches Nexus 9000 Series Switches in standalone NX-OS mode Nexus 9500 R-Series Switching Platform For information about which Cisco NX-OS Software releases are vulnerable, see the Fixed Software section of this advisory. Products Confirmed Not Vulnerable Only products listed in the Vulnerable Products section of this advisory are known to be affected by this vulnerability. Cisco has confirmed that this vulnerability does not affect the following Cisco products: Firepower 2100 Series Firepower 4100 Series Firepower 9300 Security Appliances MDS 9000 Series Multilayer Switches Nexus 1000V Switch for Microsoft Hyper-V Nexus 1000V Switch for VMware vSphere Nexus 5500 Platform Switches Nexus 5600 Platform Switches Nexus 6000 Series Switches Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode UCS 6200 Series Fabric Interconnects UCS 6300 Series Fabric Interconnects UCS 6400 Series Fabric Interconnects Details o In addition to the NX-OS CLI, Cisco NX-OS Software can support access to the Bash shell, which interprets commands that a user enters or that are read from a shell script. Bash enables access to and is used to manage the underlying Linux system on the device. In Cisco NX-OS Software, the Bash shell is accessible from user accounts that are associated with the Cisco NX-OS dev-ops role or the Cisco NX-OS network-admin role. For additional information, customers can refer to the Bash chapter of the Cisco NX-OS Programmability Guide . Workarounds o There are no workarounds that address this vulnerability. Fixed Software o Cisco has released free software updates that address the vulnerability described in this advisory. Customers may only install and expect support for software versions and feature sets for which they have purchased a license. By installing, downloading, accessing, or otherwise using such software upgrades, customers agree to follow the terms of the Cisco software license: https://www.cisco.com/c/en/us/products/ end-user-license-agreement.html Additionally, customers may only download software for which they have a valid license, procured from Cisco directly, or through a Cisco authorized reseller or partner. In most cases this will be a maintenance upgrade to software that was previously purchased. Free security software updates do not entitle customers to a new software license, additional software feature sets, or major revision upgrades. When considering software upgrades, customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories and Alerts page , to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Customers Without Service Contracts Customers who purchase directly from Cisco but do not hold a Cisco service contract and customers who make purchases through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c /en/us/support/web/tsd-cisco-worldwide-contacts.html Customers should have the product serial number available and be prepared to provide the URL of this advisory as evidence of entitlement to a free upgrade. Fixed Releases No upgrade action is necessary for customers who have already applied a recommended release to address the March 2019 Cisco FXOS and NX-OS Software bundle. See Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication for a list of advisories in the bundle. Customers who have not applied a recommended release to address the March 2019 bundle are advised to upgrade to an appropriate release as indicated in the applicable table in this section. In the following tables, the left column lists Cisco NX-OS Software releases. The right column indicates the first release that includes the fix for this vulnerability. Nexus 3000 Series Switches, Nexus 3500 Platform Switches, and Nexus 9000 Series Switches in Standalone NX-OS Mode: CSCvh76090 Cisco NX-OS Software Release First Fixed Release for This Vulnerability Prior to 7.0(3)I2 Not vulnerable 7.0(3)I4 7.0(3)I4(9) 7.0(3)I7 7.0(3)I7(4) 9.2(1) Not vulnerable Nexus 3600 Platform Switches and Nexus 9500 R-Series Switching Platform : CSCvj01497 Cisco NX-OS Software Release First Fixed Release for This Vulnerability 7.0(3) 7.0(3)F3(5) 9.2 Not vulnerable Nexus 7000 and 7700 Series Switches: CSCvj01472 Cisco NX-OS Software Release First Fixed Release for This Vulnerability Prior to 8.3 8.3(1) 8.3 8.3(1) Additional Resources For help determining the best Cisco NX-OS Software release for a Cisco Nexus Switch, administrators can refer to the following Recommended Releases documents. If a security advisory recommends a later release, Cisco recommends following the advisory guidance. Cisco MDS Series Switches Cisco Nexus 1000V for VMware Switch Cisco Nexus 3000 Series and 3500 Series Switches Cisco Nexus 5000 Series Switches Cisco Nexus 5500 Platform Switches Cisco Nexus 6000 Series Switches Cisco Nexus 7000 Series Switches Cisco Nexus 9000 Series Switches Cisco Nexus 9000 Series ACI-Mode Switches For help determining the best Cisco NX-OS Software release for Cisco UCS, refer to the Recommended Releases documents in the release notes for the device. Exploitation and Public Announcements o The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. Source o This vulnerability was found during internal security testing. Cisco Security Vulnerability Policy o To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy . This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco. URL o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/ cisco-sa-20190515-nxos-bash-bypass Revision History o +----------+---------------------------+----------+--------+--------------+ | Version | Description | Section | Status | Date | +----------+---------------------------+----------+--------+--------------+ | 1.0 | Initial public release. | - | Final | 2019-May-15 | +----------+---------------------------+----------+--------+--------------+ - ------------------------------------------------------------------------------- Cisco NX-OS Software Buffer Overflow and Command Injection Vulnerabilities Priority: Medium Advisory ID: cisco-sa-20190515-nxos-overflow-inj First Published: 2019 May 15 16:00 GMT Version 1.0: Final Workarounds: No workarounds availableCisco Bug IDs: CSCvh76129CSCvh76132CSCvj00497CSCvj10162 CVE-2019-1767 CVE-2019-1768 CWE-119 CWE-77 CVSS Score: 6.7 AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X Summary o Multiple vulnerabilities in the implementation of a specific CLI command for Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to cause a buffer overflow condition or perform command injection. This could allow the attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerabilities are due to insufficient validation of arguments passed to a certain CLI command. An attacker could exploit these vulnerabilities by including malicious input as the argument of the affected CLI command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges. An attacker would need valid administrator credentials to exploit these vulnerabilities. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/ cisco-sa-20190515-nxos-overflow-inj Affected Products o Vulnerable Products These vulnerabilities affect the following Cisco products if they are running a vulnerable release of Cisco NX-OS Software: Nexus 3000 Series Switches Nexus 3500 Platform Switches Nexus 3600 Platform Switches Nexus 9000 Series Switches in standalone NX-OS mode Nexus 9500 R-Series Switching Platform For information about which Cisco NX-OS Software releases are vulnerable, see the Fixed Software section of this advisory. Products Confirmed Not Vulnerable Only products listed in the Vulnerable Products section of this advisory are known to be affected by these vulnerabilities. Cisco has confirmed that these vulnerabilities do not affect the following Cisco products: Firepower 2100 Series Firepower 4100 Series Firepower 9300 Security Appliances MDS 9000 Series Multilayer Switches Nexus 1000V Switch for Microsoft Hyper-V Nexus 1000V Switch for VMware vSphere Nexus 5500 Platform Switches Nexus 5600 Platform Switches Nexus 6000 Series Switches Nexus 7000 Series Switches Nexus 7700 Series Switches Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode UCS 6200 Series Fabric Interconnects UCS 6300 Series Fabric Interconnects UCS 6400 Series Fabric Interconnects Workarounds o There are no workarounds that address these vulnerabilities. Fixed Software o Cisco has released free software updates that address the vulnerabilities described in this advisory. Customers may only install and expect support for software versions and feature sets for which they have purchased a license. By installing, downloading, accessing, or otherwise using such software upgrades, customers agree to follow the terms of the Cisco software license: https://www.cisco.com/c/en/us/products/ end-user-license-agreement.html Additionally, customers may only download software for which they have a valid license, procured from Cisco directly, or through a Cisco authorized reseller or partner. In most cases this will be a maintenance upgrade to software that was previously purchased. Free security software updates do not entitle customers to a new software license, additional software feature sets, or major revision upgrades. When considering software upgrades, customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories and Alerts page , to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Customers Without Service Contracts Customers who purchase directly from Cisco but do not hold a Cisco service contract and customers who make purchases through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c /en/us/support/web/tsd-cisco-worldwide-contacts.html Customers should have the product serial number available and be prepared to provide the URL of this advisory as evidence of entitlement to a free upgrade. Fixed Releases No upgrade action is necessary for customers who have already applied a recommended release to address the March 2019 Cisco FXOS and NX-OS Software bundle. See Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication for a list of advisories in the bundle. Customers who have not applied a recommended release to address the March 2019 bundle are advised to upgrade to an appropriate release as indicated in the applicable table in this section. In the following tables, the left column lists Cisco NX-OS Software releases. The right column indicates the first release that includes the fix for these vulnerabilities. Nexus 3000 Series Switches, Nexus 3500 Platform Switches, and Nexus 9000 Series Switches in Standalone NX-OS Mode: CSCvh76132 and CSCvh76129 Cisco NX-OS Software Release First Fixed Release for These Vulnerabilities Prior to 7.0(3)I4 7.0(3)I4(8) 7.0(3)I4 7.0(3)I4(8) 7.0(3)I7 7.0(3)I7(3) 9.2(1) Not vulnerable Nexus 3600 Platform Switches and Nexus 9500 R-Series Switching Platform: CSCvj00497 and CSCvj10162 Cisco NX-OS Software Release First Fixed Release for These Vulnerabilities 7.0(3) 7.0(3)F3(5) 9.2 Not vulnerable Additional Resources For help determining the best Cisco NX-OS Software release for a Cisco Nexus Switch, administrators can refer to the following Recommended Releases documents. If a security advisory recommends a later release, Cisco recommends following the advisory guidance. Cisco MDS Series Switches Cisco Nexus 1000V for VMware Switch Cisco Nexus 3000 Series and 3500 Series Switches Cisco Nexus 5000 Series Switches Cisco Nexus 5500 Platform Switches Cisco Nexus 6000 Series Switches Cisco Nexus 7000 Series Switches Cisco Nexus 9000 Series Switches Cisco Nexus 9000 Series ACI-Mode Switches For help determining the best Cisco NX-OS Software release for Cisco UCS, refer to the Recommended Releases documents in the release notes for the device. Exploitation and Public Announcements o The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. Source o These vulnerabilities were found during internal security testing. Cisco Security Vulnerability Policy o To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy . This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco. URL o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/ cisco-sa-20190515-nxos-overflow-inj Revision History o +----------+---------------------------+----------+--------+--------------+ | Version | Description | Section | Status | Date | +----------+---------------------------+----------+--------+--------------+ | 1.0 | Initial public release. | - | Final | 2019-May-15 | +----------+---------------------------+----------+--------+--------------+ - ------------------------------------------------------------------------------- Cisco NX-OS Software CLI Bypass to Internal Service Vulnerability Priority: Medium Advisory ID: cisco-sa-20190515-nxos-cli-bypass First Published: 2019 May 15 16:00 GMT Version 1.0: Final Workarounds: No workarounds available CVE-2019-1726 CWE-20 CVSS Score: 5.3 AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:X/RL:X/RC:X Summary o A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to access internal services that should be restricted on an affected device, such as the NX-API. The vulnerability is due to insufficient validation of arguments passed to a certain CLI command. An attacker could exploit this vulnerability by including malicious input as the argument to the affected command. A successful exploit could allow the attacker to bypass intended restrictions and access internal services of the device. An attacker would need valid device credentials to exploit this vulnerability. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/ cisco-sa-20190515-nxos-cli-bypass Affected Products o Vulnerable Products This vulnerability affects the following Cisco products if they are running a vulnerable release of Cisco NX-OS Software: MDS 9000 Series Multilayer Switches Nexus 3000 Series Switches Nexus 3500 Platform Switches Nexus 3600 Platform Switches Nexus 5500 Platform Switches Nexus 5600 Platform Switches Nexus 6000 Series Switches Nexus 7000 Series Switches Nexus 7700 Series Switches Nexus 9000 Series Switches in standalone NX-OS mode Nexus 9500 R-Series Switching Platform UCS 6200 Series Fabric Interconnects UCS 6300 Series Fabric Interconnects UCS 6400 Series Fabric Interconnects For information about which Cisco NX-OS Software releases are vulnerable, see the Fixed Software section of this advisory. Products Confirmed Not Vulnerable Only products listed in the Vulnerable Products section of this advisory are known to be affected by this vulnerability. Cisco has confirmed that this vulnerability does not affect the following Cisco products: Firepower 2100 Series Firepower 4100 Series Firepower 9300 Security Appliances Nexus 1000V Switch for Microsoft Hyper-V Nexus 1000V Switch for VMware vSphere Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode Workarounds o There are no workarounds that address this vulnerability. Fixed Software o Cisco has released free software updates that address the vulnerability described in this advisory. Customers may only install and expect support for software versions and feature sets for which they have purchased a license. By installing, downloading, accessing, or otherwise using such software upgrades, customers agree to follow the terms of the Cisco software license: https://www.cisco.com/c/en/us/products/ end-user-license-agreement.html Additionally, customers may only download software for which they have a valid license, procured from Cisco directly, or through a Cisco authorized reseller or partner. In most cases this will be a maintenance upgrade to software that was previously purchased. Free security software updates do not entitle customers to a new software license, additional software feature sets, or major revision upgrades. When considering software upgrades, customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories and Alerts page , to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Customers Without Service Contracts Customers who purchase directly from Cisco but do not hold a Cisco service contract and customers who make purchases through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c /en/us/support/web/tsd-cisco-worldwide-contacts.html Customers should have the product serial number available and be prepared to provide the URL of this advisory as evidence of entitlement to a free upgrade. Fixed Releases No upgrade action is necessary for customers who have already applied a recommended release to address the March 2019 Cisco FXOS and NX-OS Software bundle. See Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication for a list of advisories in the bundle. Customers who have not applied a recommended release to address the March 2019 bundle are advised to upgrade to an appropriate release as indicated in the applicable table in this section. In the following tables, the left column lists Cisco NX-OS Software releases. The right column indicates the first release that includes the fix for this vulnerability. MDS 9000 Series Multilayer Switches: CSCvi99248 Cisco NX-OS Software Release First Fixed Release for This Vulnerability 5.2 6.2(25) 6.2 6.2(25) 7.3 8.3(2) 8.1 8.3(2) 8.2 8.3(2) 8.3 8.3(2) Nexus 3000 Series Switches and Nexus 9000 Series Switches in Standalone NX-OS Mode: CSCvh24771 Cisco NX-OS Software Release First Fixed Release for This Vulnerability Prior to 7.0(3)I7 7.0(3)I7(3) 7.0(3)I7 7.0(3)I7(3) 9.2(1) Not vulnerable Nexus 3500 Platform Switches: CSCvi99250 Cisco NX-OS Software Release First Fixed Release for This Vulnerability Prior to 6.0(2)A8 6.0(2)A8(11) 6.0(2)A8 6.0(2)A8(11) 7.0(3) 7.0(3)I7(3) 9.2 Not vulnerable Nexus 3600 Platform Switches and Nexus 9500 R-Series Switching Platform: CSCvi99247 Cisco NX-OS Software Release First Fixed Release for This Vulnerability 7.0(3) 9.2(1) 9.2 9.2(1) Nexus 5500, 5600, and 6000 Series Switches: CSCvi99251 Cisco NX-OS Software Release First Fixed Release for This Vulnerability Prior to 7.3 7.3(4)N1(1) 7.3 7.3(4)N1(1) Nexus 7000 and 7700 Series Switches: CSCvi99248 Cisco NX-OS Software Release First Fixed Release for This Vulnerability Prior to 6.2 6.2(22) 6.2 6.2(22) 7.2 7.3(3)D1(1) 7.3 7.3(3)D1(1) 8.0 8.3(2) 8.1 8.3(2) 8.2 8.3(2) 8.3 8.3(2) UCS 6200, 6300, and 6400 Series Fabric Interconnects: CSCvi99252 and CSCvn11851 Cisco NX-OS Software Release First Fixed Release for This Vulnerability Prior to 4.0 4.0(1d) 4.0 4.0(1d) Additional Resources For help determining the best Cisco NX-OS Software release for a Cisco Nexus Switch, administrators can refer to the following Recommended Releases documents. If a security advisory recommends a later release, Cisco recommends following the advisory guidance. Cisco MDS Series Switches Cisco Nexus 1000V for VMware Switch Cisco Nexus 3000 Series and 3500 Series Switches Cisco Nexus 5000 Series Switches Cisco Nexus 5500 Platform Switches Cisco Nexus 6000 Series Switches Cisco Nexus 7000 Series Switches Cisco Nexus 9000 Series Switches Cisco Nexus 9000 Series ACI-Mode Switches For help determining the best Cisco NX-OS Software release for Cisco UCS, refer to the Recommended Releases documents in the release notes for the device. Exploitation and Public Announcements o The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. Source o This vulnerability was found during internal security testing. Cisco Security Vulnerability Policy o To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy . This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco. URL o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/ cisco-sa-20190515-nxos-cli-bypass Revision History o +----------+---------------------------+----------+--------+--------------+ | Version | Description | Section | Status | Date | +----------+---------------------------+----------+--------+--------------+ | 1.0 | Initial public release. | - | Final | 2019-May-15 | +----------+---------------------------+----------+--------+--------------+ - ------------------------------------------------------------------------------- Cisco NX-OS Software Command Injection Vulnerabilities (CVE-2019-1774, CVE-2019-1775) Priority: Medium Advisory ID: cisco-sa-20190515-nxos-cmdinj-1774-1775 First Published: 2019 May 15 16:00 GMT Version 1.0: Final Workarounds: No workarounds availableCisco Bug IDs: CSCvh75895 CSCvh75909 CSCvh75968 CSCvh75976CSCvi92256 CSCvi92258 CSCvi92260 CSCvi99195CSCvi99197 CSCvi99198 CVE-2019-1774 CVE-2019-1775 CWE-78 CVSS Score: 6.7 AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X Summary o Multiple vulnerabilities in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. These vulnerabilities are due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit these vulnerabilities by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid administrator credentials to exploit these vulnerabilities. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/ cisco-sa-20190515-nxos-cmdinj-1774-1775 Affected Products o Vulnerable Products These vulnerabilities affect the following Cisco products if they are running a vulnerable release of Cisco NX-OS Software: MDS 9000 Series Multilayer Switches Nexus 3000 Series Switches Nexus 3500 Platform Switches Nexus 3600 Platform Switches Nexus 5500 Platform Switches Nexus 5600 Platform Switches Nexus 6000 Series Switches Nexus 7000 Series Switches Nexus 7700 Series Switches Nexus 9000 Series Switches in standalone NX-OS mode Nexus 9500 R-Series Switching Platform For information about which Cisco NX-OS Software releases are vulnerable, see the Fixed Software section of this advisory. Products Confirmed Not Vulnerable Only products listed in the Vulnerable Products section of this advisory are known to be affected by these vulnerabilities. Cisco has confirmed that these vulnerabilities do not affect the following Cisco products: Firepower 2100 Series Firepower 4100 Series Firepower 9300 Security Appliances Nexus 1000V Switch for Microsoft Hyper-V Nexus 1000V Switch for VMware vSphere Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode UCS 6200 Series Fabric Interconnects UCS 6300 Series Fabric Interconnects UCS 6400 Series Fabric Interconnects Details o Cisco has disclosed several similar CLI command injection vulnerabilities. They differ primarily in affected products and software versions. This table shows the affected products for each vulnerability by Cisco bug ID and CVE ID. Security FP 4100/ MDS 9K/ N1000V N3K/N3500/ N3600/ N5500K/ UCS 6200/ Advisory 9300 N7K/ MS/VM N9K-NXOS N9500R N5600/ UCS 6300 N7700 ^1 N6K UCS 6400 ^ 2 Cisco NX-OS N/A CSCvj63728 CSCvk52969 CSCvj63877 CSCvk52988 CSCvk52972 CSCvk52975 Software CSCvk52985 CSCvk52971 Command Injection Vulnerability (CVE-2019-1735) Cisco NX-OS N/A N/A N/A CSCvh20032 CSCvj00299 N/A N/A Software Line Card Command Injection Vulnerability (CVE-2019-1769) Cisco NX-OS N/A CSCvh75867 CSCvi92240 CSCvh75958 CSCvi92239 CSCvi92243 N/A Software ^1 CSCvk36294 CSCvi92242 Command Injection Vulnerability (CVE-2019-1770) Cisco NX-OS N/A CSCvh75895 N/A CSCvh75968 CSCvi99195 CSCvi99198 N/A Software CSCvh75909 CSCvh75976 CSCvi92256 CSCvi92260 Command CSCvi99197 Injection CSCvi92258 Vulnerabilities (CVE-2019-1774, CVE-2019-1775) Cisco NX-OS N/A CSCvh20081 N/A CSCvh20076 CSCvi96429 CSCvi96432 CSCvi96433 Software CSCvi96431 ^2 Command Injection Vulnerability (CVE-2019-1776) Cisco NX-OS N/A N/A N/A CSCvh75996 CSCvj03877 N/A N/A Software Command Injection Vulnerability (CVE-2019-1778) Cisco FXOS and CSCvj00418 CSCve51688 N/A CSCvh76126 CSCvj00412 CSCvj00416 N/A NX-OS Software Command Injection Vulnerability (CVE-2019-1779) Cisco FXOS and CSCvi92332 CSCvi01440 N/A CSCvi01431 CSCvi92326 CSCvi92329 N/A NX-OS Software CSCvi92328 Command Injection Vulnerability (CVE-2019-1780) Cisco FXOS and CSCvi96527 CSCvi01448 N/A CSCvi01445 CSCvi96522 CSCvi96525 CSCvi96526 NX-OS Software CSCvi92130 CSCvh20389 CSCvh20027 CSCvi91985 CSCvi92128 ^2 Command CSCvi96524 CSCvi92129 Injection CSCvi92126 ^2 Vulnerabilities (CVE-2019-1781, CVE-2019-1782) Cisco NX-OS N/A CSCvi42281 N/A N/A N/A CSCvj03966 N/A Software ^1 Command Injection Vulnerability (CVE-2019-1783) Cisco NX-OS N/A CSCvi42292 N/A N/A N/A CSCvj12273 CSCvj12274 Software ^1 ^2 Command Injection Vulnerability (CVE-2019-1784) Cisco NX-OS N/A CSCvh20112 N/A CSCvh20096 CSCvi96504 CSCvi96509 CSCvi96510 Software ^2 Command Injection Vulnerability (CVE-2019-1790) Cisco NX-OS N/A CSCvj63667 N/A CSCvj63270 CSCvk50889 CSCvk50876 N/A Software CSCvk50873 Command Injection Vulnerability (CVE-2019-1791) Cisco FXOS and CSCvh66259 CSCvh20359 CSCvh66257 CSCvh20029 CSCvh66202 CSCvh66214 CSCvh66243 NX-OS Software CSCvk30761 CSCvh66219 ^2 Command Injection Vulnerability (CVE-2019-1795) 1. CSCvh75867, CSCvi42281, and CSCvi42292 apply to only Nexus 7000 Series and Nexus 7700 Series Switches. The MDS 9000 Series Multilayer Switches are not affected by these vulnerabilities. 2. CSCvk52975 applies to UCS 6200, 6300, and 6400. For all other UCS defects, only UCS 6200 and 6300 are affected (and UCS 6400 is not affected). Workarounds o There are no workarounds that address these vulnerabilities. Fixed Software o Cisco has released free software updates that address the vulnerabilities described in this advisory. Customers may only install and expect support for software versions and feature sets for which they have purchased a license. By installing, downloading, accessing, or otherwise using such software upgrades, customers agree to follow the terms of the Cisco software license: https://www.cisco.com/c/en/us/products/ end-user-license-agreement.html Additionally, customers may only download software for which they have a valid license, procured from Cisco directly, or through a Cisco authorized reseller or partner. In most cases this will be a maintenance upgrade to software that was previously purchased. Free security software updates do not entitle customers to a new software license, additional software feature sets, or major revision upgrades. When considering software upgrades, customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories and Alerts page , to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Customers Without Service Contracts Customers who purchase directly from Cisco but do not hold a Cisco service contract and customers who make purchases through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c /en/us/support/web/tsd-cisco-worldwide-contacts.html Customers should have the product serial number available and be prepared to provide the URL of this advisory as evidence of entitlement to a free upgrade. Fixed Releases No upgrade action is necessary for customers who have already applied a recommended release to address the March 2019 Cisco FXOS and NX-OS Software bundle. See Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication for a list of advisories in the bundle. Customers who have not applied a recommended release to address the March 2019 bundle are advised to upgrade to an appropriate release as indicated in the applicable table in this section. In the following tables, the left column lists Cisco NX-OS Software releases. The right column indicates the first release that includes the fix for the vulnerabilities that are described in this advisory. MDS 9000 Series Multilayer Switches: CSCvh75895 and CSCvh75909 Cisco NX-OS Software Release First Fixed Release for These Vulnerabilities 5.2 6.2(25) 6.2 6.2(25) 7.3 8.1(1b) 8.1 8.1(1b) 8.2 8.3(1) 8.3 8.3(1) Nexus 3000 Series Switches and Nexus 9000 Series Switches in Standalone NX-OS Mode: CSCvh75968 and CSCvh75976 Cisco NX-OS Software Release First Fixed Release for These Vulnerabilities Prior to 7.0(3)I4 7.0(3)I4(9) 7.0(3)I4 7.0(3)I4(9) 7.0(3)I7 7.0(3)I7(4) 9.2(1) Not vulnerable Nexus 3500 Platform Switches: CSCvi99197 and CSCvi92258 Cisco NX-OS Software Release First Fixed Release for These Vulnerabilities Prior to 6.0(2)A8 6.0(2)A8(11) 6.0(2)A8 6.0(2)A8(11) 7.0(3)I4 7.0(3)I4(9) 7.0(3)I7 7.0(3)I7(4) 9.2 Not vulnerable Nexus 3600 Platform Switches and Nexus 9500 R-Series Switching Platform: CSCvi99195 and CSCvi92256 Cisco NX-OS Software Release First Fixed Release for These Vulnerabilities 7.0(3) 7.0(3)F3(5) 9.2 Not vulnerable Nexus 5500, 5600, and 6000 Series Switches: CSCvi99198 and CSCvi92260 Cisco NX-OS Software Release First Fixed Release for These Vulnerabilities Prior to 7.3 7.3(4)N1(1) 7.3 7.3(4)N1(1) Nexus 7000 and 7700 Series Switches: CSCvh75895 and CSCvh75909 Cisco NX-OS Software Release First Fixed Release for These Vulnerabilities Prior to 6.2 6.2(22) 6.2 6.2(22) 7.2 7.3(3)D1(1) 7.3 7.3(3)D1(1) 8.0 8.3(1) 8.1 8.3(1) 8.2 8.3(1) 8.3 8.3(1) Additional Resources For help determining the best Cisco NX-OS Software release for a Cisco Nexus Switch, administrators can refer to the following Recommended Releases documents. If a security advisory recommends a later release, Cisco recommends following the advisory guidance. Cisco MDS Series Switches Cisco Nexus 1000V for VMware Switch Cisco Nexus 3000 Series and 3500 Series Switches Cisco Nexus 5000 Series Switches Cisco Nexus 5500 Platform Switches Cisco Nexus 6000 Series Switches Cisco Nexus 7000 Series Switches Cisco Nexus 9000 Series Switches Cisco Nexus 9000 Series ACI-Mode Switches For help determining the best Cisco NX-OS Software release for Cisco UCS, refer to the Recommended Releases documents in the release notes for the device. Exploitation and Public Announcements o The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. Source o These vulnerabilities were found during internal security testing. Cisco Security Vulnerability Policy o To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy . This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco. URL o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/ cisco-sa-20190515-nxos-cmdinj-1774-1775 Revision History o +----------+---------------------------+----------+--------+--------------+ | Version | Description | Section | Status | Date | +----------+---------------------------+----------+--------+--------------+ | 1.0 | Initial public release. | - | Final | 2019-May-15 | +----------+---------------------------+----------+--------+--------------+ - ------------------------------------------------------------------------------- Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1735) Priority: Medium Advisory ID: cisco-sa-20190515-nxos-cmdinj-1735 First Published: 2019 May 15 16:00 GMT Version 1.0: Final Workarounds: No workarounds availableCisco Bug IDs: CSCvj63728 CSCvj63877 CSCvk52969 CSCvk52971CSCvk52972 CSCvk52975 CSCvk52985 CSCvk52988 CVE-2019-1735 CWE-77 CVSS Score: 4.4 AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:X/RL:X/RC:X Summary o A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid user credentials to exploit this vulnerability. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/ cisco-sa-20190515-nxos-cmdinj-1735 Affected Products o Vulnerable Products This vulnerability affects the following Cisco products if they are running a vulnerable release of Cisco NX-OS Software: MDS 9000 Series Multilayer Switches Nexus 1000 Virtual Edge Nexus 1000V Switch for Microsoft Hyper-V Nexus 1000V Switch for VMware vSphere Nexus 3000 Series Switches Nexus 3500 Platform Switches Nexus 3600 Platform Switches Nexus 5500 Platform Switches Nexus 5600 Platform Switches Nexus 6000 Series Switches Nexus 7000 Series Switches Nexus 7700 Series Switches Nexus 9000 Series Switches in standalone NX-OS mode Nexus 9500 R-Series Switching Platform UCS 6200 Series Fabric Interconnects UCS 6300 Series Fabric Interconnects UCS 6400 Series Fabric Interconnects For information about which Cisco NX-OS Software releases are vulnerable, see the Fixed Software section of this advisory. Products Confirmed Not Vulnerable Only products listed in the Vulnerable Products section of this advisory are known to be affected by this vulnerability. Cisco has confirmed that this vulnerability does not affect the following Cisco products: Firepower 2100 Series Firepower 4100 Series Firepower 9300 Security Appliances Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode Details o Cisco has disclosed several similar CLI command injection vulnerabilities. They differ primarily in affected products and software versions. This table shows the affected products for each vulnerability by Cisco bug ID and CVE ID. Security FP 4100/ MDS 9K/ N1000V N3K/N3500/ N3600/ N5500K/ UCS 6200/ Advisory 9300 N7K/ MS/VM N9K-NXOS N9500R N5600/ UCS 6300 N7700 ^1 N6K UCS 6400 ^ 2 Cisco NX-OS N/A CSCvj63728 CSCvk52969 CSCvj63877 CSCvk52988 CSCvk52972 CSCvk52975 Software CSCvk52985 CSCvk52971 Command Injection Vulnerability (CVE-2019-1735) Cisco NX-OS N/A N/A N/A CSCvh20032 CSCvj00299 N/A N/A Software Line Card Command Injection Vulnerability (CVE-2019-1769) Cisco NX-OS N/A CSCvh75867 CSCvi92240 CSCvh75958 CSCvi92239 CSCvi92243 N/A Software ^1 CSCvk36294 CSCvi92242 Command Injection Vulnerability (CVE-2019-1770) Cisco NX-OS N/A CSCvh75895 N/A CSCvh75968 CSCvi99195 CSCvi99198 N/A Software CSCvh75909 CSCvh75976 CSCvi92256 CSCvi92260 Command CSCvi99197 Injection CSCvi92258 Vulnerabilities (CVE-2019-1774, CVE-2019-1775) Cisco NX-OS N/A CSCvh20081 N/A CSCvh20076 CSCvi96429 CSCvi96432 CSCvi96433 Software CSCvi96431 ^2 Command Injection Vulnerability (CVE-2019-1776) Cisco NX-OS N/A N/A N/A CSCvh75996 CSCvj03877 N/A N/A Software Command Injection Vulnerability (CVE-2019-1778) Cisco FXOS and CSCvj00418 CSCve51688 N/A CSCvh76126 CSCvj00412 CSCvj00416 N/A NX-OS Software Command Injection Vulnerability (CVE-2019-1779) Cisco FXOS and CSCvi92332 CSCvi01440 N/A CSCvi01431 CSCvi92326 CSCvi92329 N/A NX-OS Software CSCvi92328 Command Injection Vulnerability (CVE-2019-1780) Cisco FXOS and CSCvi96527 CSCvi01448 N/A CSCvi01445 CSCvi96522 CSCvi96525 CSCvi96526 NX-OS Software CSCvi92130 CSCvh20389 CSCvh20027 CSCvi91985 CSCvi92128 ^2 Command CSCvi96524 CSCvi92129 Injection CSCvi92126 ^2 Vulnerabilities (CVE-2019-1781, CVE-2019-1782) Cisco NX-OS N/A CSCvi42281 N/A N/A N/A CSCvj03966 N/A Software ^1 Command Injection Vulnerability (CVE-2019-1783) Cisco NX-OS N/A CSCvi42292 N/A N/A N/A CSCvj12273 CSCvj12274 Software ^1 ^2 Command Injection Vulnerability (CVE-2019-1784) Cisco NX-OS N/A CSCvh20112 N/A CSCvh20096 CSCvi96504 CSCvi96509 CSCvi96510 Software ^2 Command Injection Vulnerability (CVE-2019-1790) Cisco NX-OS N/A CSCvj63667 N/A CSCvj63270 CSCvk50889 CSCvk50876 N/A Software CSCvk50873 Command Injection Vulnerability (CVE-2019-1791) Cisco FXOS and CSCvh66259 CSCvh20359 CSCvh66257 CSCvh20029 CSCvh66202 CSCvh66214 CSCvh66243 NX-OS Software CSCvk30761 CSCvh66219 ^2 Command Injection Vulnerability (CVE-2019-1795) 1. CSCvh75867, CSCvi42281, and CSCvi42292 apply to only Nexus 7000 Series and Nexus 7700 Series Switches. The MDS 9000 Series Multilayer Switches are not affected by these vulnerabilities. 2. CSCvk52975 applies to UCS 6200, 6300, and 6400. For all other UCS defects, only UCS 6200 and 6300 are affected (and UCS 6400 is not affected). Workarounds o There are no workarounds that address this vulnerability. Fixed Software o Cisco has released free software updates that address the vulnerability described in this advisory. Customers may only install and expect support for software versions and feature sets for which they have purchased a license. By installing, downloading, accessing, or otherwise using such software upgrades, customers agree to follow the terms of the Cisco software license: https://www.cisco.com/c/en/us/products/ end-user-license-agreement.html Additionally, customers may only download software for which they have a valid license, procured from Cisco directly, or through a Cisco authorized reseller or partner. In most cases this will be a maintenance upgrade to software that was previously purchased. Free security software updates do not entitle customers to a new software license, additional software feature sets, or major revision upgrades. When considering software upgrades, customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories and Alerts page , to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Customers Without Service Contracts Customers who purchase directly from Cisco but do not hold a Cisco service contract and customers who make purchases through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c /en/us/support/web/tsd-cisco-worldwide-contacts.html Customers should have the product serial number available and be prepared to provide the URL of this advisory as evidence of entitlement to a free upgrade. Fixed Releases No upgrade action is necessary for customers who have already applied a recommended release to address the March 2019 Cisco FXOS and NX-OS Software bundle. See Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication for a list of advisories in the bundle. Customers who have not applied a recommended release to address the March 2019 bundle are advised to upgrade to an appropriate release as indicated in the applicable table in this section. In the following tables, the left column lists Cisco NX-OS Software releases. The right column indicates the first release that includes the fix for this vulnerability. MDS 9000 Series Multilayer Switches: CSCvj63728 Cisco NX-OS Software Release First Fixed Release for This Vulnerability Prior to 8.3 8.3(1) 8.3 8.3(1) Nexus 1000 Virtual Edge: CSCvk52969 Cisco NX-OS Software Release First Fixed Release for This Vulnerability 5.2 5.2(1)SV5(1.1) Nexus 1000V Switch for Microsoft Hyper-V: CSCvk52985 Cisco NX-OS Software Release First Fixed Release for This Vulnerability Prior to 5.2 No fix available 5.2 No fix available Nexus 1000V Switch for VMware vSphere: CSCvk52969 Cisco NX-OS Software Release First Fixed Release for This Vulnerability Prior to 5.2 5.2(1)SV3(4.1a) 5.2 5.2(1)SV3(4.1a) Nexus 3000 Series Switches and Nexus 9000 Series Switches in Standalone NX-OS Mode: CSCvj63877 Cisco NX-OS Software Release First Fixed Release for This Vulnerability Prior to 7.0(3)I4 7.0(3)I4(9) 7.0(3)I4 7.0(3)I4(9) 7.0(3)I7 7.0(3)I7(6) 9.2(1) Not vulnerable Nexus 3500 Platform Switches: CSCvk52971 Cisco NX-OS Software Release First Fixed Release for This Vulnerability Prior to 6.0(2)A8 6.0(2)A8(11) 6.0(2)A8 6.0(2)A8(11) 7.0(3)I4 7.0(3)I4(9) 7.0(3)I7 7.0(3)I7(6) 9.2 Not vulnerable Nexus 3600 Platform Switches and Nexus 9500 R-Series Switching Platform: CSCvk52988 Cisco NX-OS Software Release First Fixed Release for This Vulnerability 7.0(3) 7.0(3)F3(5) 9.2 Not vulnerable Nexus 5500 and 5600 Platform Switches and 6000 Series Switches: CSCvk52972 Cisco NX-OS Software Release First Fixed Release for This Vulnerability Prior to 7.3 7.3(4)N1(1) 7.3 7.3(4)N1(1) Nexus 7000 and 7700 Series Switches: CSCvj63728 Cisco NX-OS Software Release First Fixed Release for This Vulnerability Prior to 6.2 6.2(22) 6.2 6.2(22) 7.2 7.3(3)D1(1) 7.3 7.3(3)D1(1) 8.0 8.3(1) 8.1 8.3(1) 8.2 8.3(1) 8.3 8.3(1) UCS 6200, 6300, and 6400 Series Fabric Interconnects: CSCvk52975 Cisco NX-OS Software Release First Fixed Release for This Vulnerability Prior to 4.0 4.0(2a) 4.0 4.0(2a) Additional Resources For help determining the best Cisco NX-OS Software release for a Cisco Nexus Switch, administrators can refer to the following Recommended Releases documents. If a security advisory recommends a later release, Cisco recommends following the advisory guidance. Cisco MDS Series Switches Cisco Nexus 1000V for VMware Switch Cisco Nexus 3000 Series and 3500 Series Switches Cisco Nexus 5000 Series Switches Cisco Nexus 5500 Platform Switches Cisco Nexus 6000 Series Switches Cisco Nexus 7000 Series Switches Cisco Nexus 9000 Series Switches Cisco Nexus 9000 Series ACI-Mode Switches For help determining the best Cisco NX-OS Software release for Cisco UCS, refer to the Recommended Releases documents in the release notes for the device. Exploitation and Public Announcements o The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. Source o This vulnerability was found during internal security testing. Cisco Security Vulnerability Policy o To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy . This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco. URL o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/ cisco-sa-20190515-nxos-cmdinj-1735 Revision History o +----------+---------------------------+----------+--------+--------------+ | Version | Description | Section | Status | Date | +----------+---------------------------+----------+--------+--------------+ | 1.0 | Initial public release. | - | Final | 2019-May-15 | +----------+---------------------------+----------+--------+--------------+ - ------------------------------------------------------------------------------- Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1770) Priority: Medium Advisory ID: cisco-sa-20190515-nxos-cmdinj-1770 First Published: 2019 May 15 16:00 GMT Version 1.0: Final Workarounds: No workarounds available CVE-2019-1770 CWE-78 CVSS Score: 4.2 AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:X/RL:X/RC:X Summary o A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying Linux operating system with the privilege level of root . The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/ cisco-sa-20190515-nxos-cmdinj-1770 Affected Products o Vulnerable Products This vulnerability affects the following Cisco products if they are running a vulnerable release of Cisco NX-OS Software: Nexus 1000V Switch for Microsoft Hyper-V Nexus 1000V Switch for VMware vSphere Nexus 3000 Series Switches Nexus 3500 Platform Switches Nexus 3600 Platform Switches Nexus 5500 Platform Switches Nexus 5600 Platform Switches Nexus 6000 Series Switches Nexus 7000 Series Switches Nexus 7700 Series Switches Nexus 9000 Series Switches in standalone NX-OS mode Nexus 9500 R-Series Switching Platform For information about which Cisco NX-OS Software releases are vulnerable, see the Fixed Software section of this advisory. Products Confirmed Not Vulnerable Only products listed in the Vulnerable Products section of this advisory are known to be affected by this vulnerability. Cisco has confirmed that this vulnerability does not affect the following Cisco products: Firepower 2100 Series Firepower 4100 Series Firepower 9300 Security Appliances MDS 9000 Series Multilayer Switches Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode UCS 6200 Series Fabric Interconnects UCS 6300 Series Fabric Interconnects UCS 6400 Series Fabric Interconnects Details o Cisco has disclosed several similar CLI command injection vulnerabilities. They differ primarily in affected products and software versions. This table shows the affected products for each vulnerability by Cisco bug ID and CVE ID. Security FP 4100/ MDS 9K/ N1000V N3K/N3500/ N3600/ N5500K/ UCS 6200/ Advisory 9300 N7K/ MS/VM N9K-NXOS N9500R N5600/ UCS 6300 N7700 ^1 N6K UCS 6400 ^ 2 Cisco NX-OS N/A CSCvj63728 CSCvk52969 CSCvj63877 CSCvk52988 CSCvk52972 CSCvk52975 Software CSCvk52985 CSCvk52971 Command Injection Vulnerability (CVE-2019-1735) Cisco NX-OS N/A N/A N/A CSCvh20032 CSCvj00299 N/A N/A Software Line Card Command Injection Vulnerability (CVE-2019-1769) Cisco NX-OS N/A CSCvh75867 CSCvi92240 CSCvh75958 CSCvi92239 CSCvi92243 N/A Software ^1 CSCvk36294 CSCvi92242 Command Injection Vulnerability (CVE-2019-1770) Cisco NX-OS N/A CSCvh75895 N/A CSCvh75968 CSCvi99195 CSCvi99198 N/A Software CSCvh75909 CSCvh75976 CSCvi92256 CSCvi92260 Command CSCvi99197 Injection CSCvi92258 Vulnerabilities (CVE-2019-1774, CVE-2019-1775) Cisco NX-OS N/A CSCvh20081 N/A CSCvh20076 CSCvi96429 CSCvi96432 CSCvi96433 Software CSCvi96431 ^2 Command Injection Vulnerability (CVE-2019-1776) Cisco NX-OS N/A N/A N/A CSCvh75996 CSCvj03877 N/A N/A Software Command Injection Vulnerability (CVE-2019-1778) Cisco FXOS and CSCvj00418 CSCve51688 N/A CSCvh76126 CSCvj00412 CSCvj00416 N/A NX-OS Software Command Injection Vulnerability (CVE-2019-1779) Cisco FXOS and CSCvi92332 CSCvi01440 N/A CSCvi01431 CSCvi92326 CSCvi92329 N/A NX-OS Software CSCvi92328 Command Injection Vulnerability (CVE-2019-1780) Cisco FXOS and CSCvi96527 CSCvi01448 N/A CSCvi01445 CSCvi96522 CSCvi96525 CSCvi96526 NX-OS Software CSCvi92130 CSCvh20389 CSCvh20027 CSCvi91985 CSCvi92128 ^2 Command CSCvi96524 CSCvi92129 Injection CSCvi92126 ^2 Vulnerabilities (CVE-2019-1781, CVE-2019-1782) Cisco NX-OS N/A CSCvi42281 N/A N/A N/A CSCvj03966 N/A Software ^1 Command Injection Vulnerability (CVE-2019-1783) Cisco NX-OS N/A CSCvi42292 N/A N/A N/A CSCvj12273 CSCvj12274 Software ^1 ^2 Command Injection Vulnerability (CVE-2019-1784) Cisco NX-OS N/A CSCvh20112 N/A CSCvh20096 CSCvi96504 CSCvi96509 CSCvi96510 Software ^2 Command Injection Vulnerability (CVE-2019-1790) Cisco NX-OS N/A CSCvj63667 N/A CSCvj63270 CSCvk50889 CSCvk50876 N/A Software CSCvk50873 Command Injection Vulnerability (CVE-2019-1791) Cisco FXOS and CSCvh66259 CSCvh20359 CSCvh66257 CSCvh20029 CSCvh66202 CSCvh66214 CSCvh66243 NX-OS Software CSCvk30761 CSCvh66219 ^2 Command Injection Vulnerability (CVE-2019-1795) 1. CSCvh75867, CSCvi42281, and CSCvi42292 apply to only Nexus 7000 Series and Nexus 7700 Series Switches. The MDS 9000 Series Multilayer Switches are not affected by these vulnerabilities. 2. CSCvk52975 applies to UCS 6200, 6300, and 6400. For all other UCS defects, only UCS 6200 and 6300 are affected (and UCS 6400 is not affected). Workarounds o There are no workarounds that address this vulnerability. Fixed Software o Cisco has released free software updates that address the vulnerability described in this advisory. Customers may only install and expect support for software versions and feature sets for which they have purchased a license. By installing, downloading, accessing, or otherwise using such software upgrades, customers agree to follow the terms of the Cisco software license: https://www.cisco.com/c/en/us/products/ end-user-license-agreement.html Additionally, customers may only download software for which they have a valid license, procured from Cisco directly, or through a Cisco authorized reseller or partner. In most cases this will be a maintenance upgrade to software that was previously purchased. Free security software updates do not entitle customers to a new software license, additional software feature sets, or major revision upgrades. When considering software upgrades, customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories and Alerts page , to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Customers Without Service Contracts Customers who purchase directly from Cisco but do not hold a Cisco service contract and customers who make purchases through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c /en/us/support/web/tsd-cisco-worldwide-contacts.html Customers should have the product serial number available and be prepared to provide the URL of this advisory as evidence of entitlement to a free upgrade. Fixed Releases No upgrade action is necessary for customers who have already applied a recommended release to address the March 2019 Cisco FXOS and NX-OS Software bundle. See Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication for a list of advisories in the bundle. Customers who have not applied a recommended release to address the March 2019 bundle are advised to upgrade to an appropriate release as indicated in the applicable table in this section. In the following tables, the left column lists Cisco NX-OS Software releases. The right column indicates the first release that includes the fix for this vulnerability. Nexus 1000V Switch for Microsoft Hyper-V: CSCvk36294 Cisco NX-OS Software Release First Fixed Release for This Vulnerability Prior to 5.2 5.2(1)SM3(2.1) 5.2 5.2(1)SM3(2.1) Nexus 1000V Switch for VMware vSphere: CSCvi92240 Cisco NX-OS Software Release First Fixed Release for This Vulnerability Prior to 5.2 5.2(1)SV3(4.1) 5.2 5.2(1)SV3(4.1) Nexus 3000 Series Switches and Nexus 9000 Series Switches in Standalone NX-OS Mode: CSCvh75958 Cisco NX-OS Software Release First Fixed Release for This Vulnerability Prior to 7.0(3)I4 7.0(3)I4(9) 7.0(3)I4 7.0(3)I4(9) 7.0(3)I7 7.0(3)I7(4) 9.2(1) Not vulnerable Nexus 3500 Platform Switches: CSCvi92242 Cisco NX-OS Software Release First Fixed Release for This Vulnerability Prior to 6.0(2)A8 6.0(2)A8(11) 6.0(2)A8 6.0(2)A8(11) 7.0(3)I4 7.0(3)I4(9) 7.0(3)I7 7.0(3)I7(4) 9.2 Not vulnerable Nexus 3600 Platform Switches and Nexus 9500 R-Series Switching Platform: CSCvi92239 Cisco NX-OS Software Release First Fixed Release for This Vulnerability 7.0(3) 7.0(3)F3(5) 9.2 Not vulnerable Nexus 5500, 5600, and 6000 Series Switches: CSCvi92243 Cisco NX-OS Software Release First Fixed Release for This Vulnerability Prior to 7.3 7.3(4)N1(1) 7.3 7.3(4)N1(1) Nexus 7000 and 7700 Series Switches: CSCvh75867 Cisco NX-OS Software Release First Fixed Release for This Vulnerability Prior to 6.2 6.2(22) 6.2 6.2(22) 7.2 7.3(3)D1(1) 7.3 7.3(3)D1(1) 8.0 8.2(3) 8.1 8.2(3) 8.2 8.2(3) 8.3 8.3(1) Additional Resources For help determining the best Cisco NX-OS Software release for a Cisco Nexus Switch, administrators can refer to the following Recommended Releases documents. If a security advisory recommends a later release, Cisco recommends following the advisory guidance. Cisco MDS Series Switches Cisco Nexus 1000V for VMware Switch Cisco Nexus 3000 Series and 3500 Series Switches Cisco Nexus 5000 Series Switches Cisco Nexus 5500 Platform Switches Cisco Nexus 6000 Series Switches Cisco Nexus 7000 Series Switches Cisco Nexus 9000 Series Switches Cisco Nexus 9000 Series ACI-Mode Switches For help determining the best Cisco NX-OS Software release for Cisco UCS, refer to the Recommended Releases documents in the release notes for the device. Exploitation and Public Announcements o The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. Source o This vulnerability was found during internal security testing. Cisco Security Vulnerability Policy o To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy . This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco. URL o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/ cisco-sa-20190515-nxos-cmdinj-1770 Revision History o +----------+---------------------------+----------+--------+--------------+ | Version | Description | Section | Status | Date | +----------+---------------------------+----------+--------+--------------+ | 1.0 | Initial public release. | - | Final | 2019-May-15 | +----------+---------------------------+----------+--------+--------------+ - ------------------------------------------------------------------------------- Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1776) Priority: Medium Advisory ID: cisco-sa-20190515-nxos-cmdinj-1776 First Published: 2019 May 15 16:00 GMT Last Updated: 2019 July 18 00:00 GMT Version 1.1: Final Workarounds: No workarounds available CVE-2019-1776 CWE-78 CVSS Score: 6.7 AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X Summary o A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with a privilege level of root . The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/ cisco-sa-20190515-nxos-cmdinj-1776 Affected Products o Vulnerable Products This vulnerability affects the following Cisco products if they are running a vulnerable release of Cisco NX-OS Software: MDS 9000 Series Multilayer Switches Nexus 3000 Series Switches Nexus 3500 Platform Switches Nexus 3600 Platform Switches Nexus 5500 Platform Switches Nexus 5600 Platform Switches Nexus 6000 Series Switches Nexus 7000 Series Switches Nexus 7700 Series Switches Nexus 9000 Series Switches in standalone NX-OS mode Nexus 9500 R-Series Switching Platform UCS 6200 Series Fabric Interconnects UCS 6300 Series Fabric Interconnects For information about which Cisco NX-OS Software releases are vulnerable, see the Fixed Software section of this advisory. Products Confirmed Not Vulnerable Only products listed in the Vulnerable Products section of this advisory are known to be affected by this vulnerability. Cisco has confirmed that this vulnerability does not affect the following Cisco products: Firepower 2100 Series Firepower 4100 Series Firepower 9300 Security Appliances Nexus 1000V Switch for Microsoft Hyper-V Nexus 1000V Switch for VMware vSphere Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode UCS 6400 Series Fabric Interconnects Details o Cisco has disclosed several similar CLI command injection vulnerabilities. They differ primarily in affected products and software versions. This table shows the affected products for each vulnerability by Cisco bug ID and CVE ID. Security FP 4100/ MDS 9K/ N1000V N3K/N3500/ N3600/ N5500K/ UCS 6200/ Advisory 9300 N7K/ MS/VM N9K-NXOS N9500R N5600/ UCS 6300 N7700 ^1 N6K UCS 6400 ^ 2 Cisco NX-OS N/A CSCvj63728 CSCvk52969 CSCvj63877 CSCvk52988 CSCvk52972 CSCvk52975 Software CSCvk52985 CSCvk52971 Command Injection Vulnerability (CVE-2019-1735) Cisco NX-OS N/A N/A N/A CSCvh20032 CSCvj00299 N/A N/A Software Line Card Command Injection Vulnerability (CVE-2019-1769) Cisco NX-OS N/A CSCvh75867 CSCvi92240 CSCvh75958 CSCvi92239 CSCvi92243 N/A Software ^1 CSCvk36294 CSCvi92242 Command Injection Vulnerability (CVE-2019-1770) Cisco NX-OS N/A CSCvh75895 N/A CSCvh75968 CSCvi99195 CSCvi99198 N/A Software CSCvh75909 CSCvh75976 CSCvi92256 CSCvi92260 Command CSCvi99197 Injection CSCvi92258 Vulnerabilities (CVE-2019-1774, CVE-2019-1775) Cisco NX-OS N/A CSCvh20081 N/A CSCvh20076 CSCvi96429 CSCvi96432 CSCvi96433 Software CSCvi96431 ^2 Command Injection Vulnerability (CVE-2019-1776) Cisco NX-OS N/A N/A N/A CSCvh75996 CSCvj03877 N/A N/A Software Command Injection Vulnerability (CVE-2019-1778) Cisco FXOS and CSCvj00418 CSCve51688 N/A CSCvh76126 CSCvj00412 CSCvj00416 N/A NX-OS Software Command Injection Vulnerability (CVE-2019-1779) Cisco FXOS and CSCvi92332 CSCvi01440 N/A CSCvi01431 CSCvi92326 CSCvi92329 N/A NX-OS Software CSCvi92328 Command Injection Vulnerability (CVE-2019-1780) Cisco FXOS and CSCvi96527 CSCvi01448 N/A CSCvi01445 CSCvi96522 CSCvi96525 CSCvi96526 NX-OS Software CSCvi92130 CSCvh20389 CSCvh20027 CSCvi91985 CSCvi92128 ^2 Command CSCvi96524 CSCvi92129 Injection CSCvi92126 ^2 Vulnerabilities (CVE-2019-1781, CVE-2019-1782) Cisco NX-OS N/A CSCvi42281 N/A N/A N/A CSCvj03966 N/A Software ^1 Command Injection Vulnerability (CVE-2019-1783) Cisco NX-OS N/A CSCvi42292 N/A N/A N/A CSCvj12273 CSCvj12274 Software ^1 ^2 Command Injection Vulnerability (CVE-2019-1784) Cisco NX-OS N/A CSCvh20112 N/A CSCvh20096 CSCvi96504 CSCvi96509 CSCvi96510 Software ^2 Command Injection Vulnerability (CVE-2019-1790) Cisco NX-OS N/A CSCvj63667 N/A CSCvj63270 CSCvk50889 CSCvk50876 N/A Software CSCvk50873 Command Injection Vulnerability (CVE-2019-1791) Cisco FXOS and CSCvh66259 CSCvh20359 CSCvh66257 CSCvh20029 CSCvh66202 CSCvh66214 CSCvh66243 NX-OS Software CSCvk30761 CSCvh66219 ^2 Command Injection Vulnerability (CVE-2019-1795) 1. CSCvh75867, CSCvi42281, and CSCvi42292 apply to only Nexus 7000 Series and Nexus 7700 Series Switches. The MDS 9000 Series Multilayer Switches are not affected by these vulnerabilities. 2. CSCvk52975 applies to UCS 6200, 6300, and 6400. For all other UCS defects, only UCS 6200 and 6300 are affected (and UCS 6400 is not affected). Workarounds o There are no workarounds that address this vulnerability. Fixed Software o Cisco has released free software updates that address the vulnerability described in this advisory. Customers may only install and expect support for software versions and feature sets for which they have purchased a license. By installing, downloading, accessing, or otherwise using such software upgrades, customers agree to follow the terms of the Cisco software license: https://www.cisco.com/c/en/us/products/ end-user-license-agreement.html Additionally, customers may only download software for which they have a valid license, procured from Cisco directly, or through a Cisco authorized reseller or partner. In most cases this will be a maintenance upgrade to software that was previously purchased. Free security software updates do not entitle customers to a new software license, additional software feature sets, or major revision upgrades. When considering software upgrades, customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories and Alerts page , to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Customers Without Service Contracts Customers who purchase directly from Cisco but do not hold a Cisco service contract and customers who make purchases through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c /en/us/support/web/tsd-cisco-worldwide-contacts.html Customers should have the product serial number available and be prepared to provide the URL of this advisory as evidence of entitlement to a free upgrade. Fixed Releases No upgrade action is necessary for customers who have already applied a recommended release to address the March 2019 Cisco FXOS and NX-OS Software bundle. See Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication for a list of advisories in the bundle. Customers who have not applied a recommended release to address the March 2019 bundle are advised to upgrade to an appropriate release as indicated in the applicable table in this section. In the following tables, the left column lists Cisco NX-OS Software releases. The right column indicates the first release that includes the fix for this vulnerability. MDS 9000 Series Multilayer Switches: CSCvh20081 Cisco NX-OS Software Release First Fixed Release for This Vulnerability 6.2 Not vulnerable 8.1 8.2(2) 8.2 8.2(2) 8.3 8.3(1) Nexus 3000 Series Switches and Nexus 9000 Series Switches in Standalone NX-OS Mode: CSCvh20076 Cisco NX-OS Software Release First Fixed Release for This Vulnerability Prior to 7.0(3)I4 7.0(3)I4(9) 7.0(3)I4 7.0(3)I4(9) 7.0(3)I7 7.0(3)I7(4) 9.2(1) Not vulnerable Nexus 3500 Platform Switches: CSCvi96431 Cisco NX-OS Software Release First Fixed Release for This Vulnerability Prior to 6.0(2)A8 6.0(2)A8(11) 6.0(2)A8 6.0(2)A8(11) 7.0(3)I4 7.0(3)I4(9) 7.0(3)I7 7.0(3)I7(4) 9.2 Not vulnerable Nexus 3600 Platform Switches and Nexus 9500 R-Series Switching Platform: CSCvi96429 Cisco NX-OS Software Release First Fixed Release for This Vulnerability 7.0(3) 7.0(3)F3(5) 9.2 Not vulnerable Nexus 5500, 5600, and 6000 Series Switches: CSCvi96432 Cisco NX-OS Software Release First Fixed Release for This Vulnerability Prior to 7.3 7.3(5)N1(1) 7.3 7.3(5)N1(1) Nexus 7000 and 7700 Series Switches: CSCvh20081 Cisco NX-OS Software Release First Fixed Release for This Vulnerability 6.2 Not vulnerable 7.2 7.3(3)D1(1) 7.3 7.3(3)D1(1) 8.0 8.2(2) 8.1 8.2(2) 8.2 8.2(2) 8.3 8.3(1) UCS 6200 and 6300 Series Fabric Interconnects: CSCvi96433 Cisco NX-OS Software Release First Fixed Release for This Vulnerability Prior to 4.0 4.0(1a) 4.0 4.0(1a) Additional Resources For help determining the best Cisco NX-OS Software release for a Cisco Nexus Switch, administrators can refer to the following Recommended Releases documents. If a security advisory recommends a later release, Cisco recommends following the advisory guidance. Cisco MDS Series Switches Cisco Nexus 1000V for VMware Switch Cisco Nexus 3000 Series and 3500 Series Switches Cisco Nexus 5000 Series Switches Cisco Nexus 5500 Platform Switches Cisco Nexus 6000 Series Switches Cisco Nexus 7000 Series Switches Cisco Nexus 9000 Series Switches Cisco Nexus 9000 Series ACI-Mode Switches For help determining the best Cisco NX-OS Software release for Cisco UCS, refer to the Recommended Releases documents in the release notes for the device. Exploitation and Public Announcements o The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. Source o This vulnerability was found during internal security testing. Cisco Security Vulnerability Policy o To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy . This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco. URL o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/ cisco-sa-20190515-nxos-cmdinj-1776 Revision History o +---------+----------------------------+----------+--------+--------------+ | Version | Description | Section | Status | Date | +---------+----------------------------+----------+--------+--------------+ | | Updated the Fixed Release | Fixed | | | | 1.1 | section for the MDS and | Software | Final | 2019-July-18 | | | Nexus 7000 and 7700. | | | | +---------+----------------------------+----------+--------+--------------+ | 1.0 | Initial public release. | - | Final | 2019-May-15 | +---------+----------------------------+----------+--------+--------------+ - ------------------------------------------------------------------------------- Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1778) Priority: Medium Advisory ID: cisco-sa-20190515-nxos-cmdinj-1778 First Published: 2019 May 15 16:00 GMT Version 1.0: Final Workarounds: No workarounds availableCisco Bug IDs: CSCvh75996CSCvj03877 CVE-2019-1778 CWE-78 CVSS Score: 6.7 AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X Summary o A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with the privilege level of root . The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/ cisco-sa-20190515-nxos-cmdinj-1778 Affected Products o Vulnerable Products This vulnerability affects the following Cisco products if they are running a vulnerable release of Cisco NX-OS Software: Nexus 3000 Series Switches Nexus 3500 Platform Switches Nexus 3600 Platform Switches Nexus 9000 Series Switches in standalone NX-OS mode Nexus 9500 R-Series Switching Platform For information about which Cisco NX-OS Software releases are vulnerable, see the Fixed Software section of this advisory. Products Confirmed Not Vulnerable Only products listed in the Vulnerable Products section of this advisory are known to be affected by this vulnerability. Cisco has confirmed that this vulnerability does not affect the following Cisco products: Firepower 2100 Series Firepower 4100 Series Firepower 9300 Security Appliances MDS 9000 Series Multilayer Switches Nexus 1000V Switch for Microsoft Hyper-V Nexus 1000V Switch for VMware vSphere Nexus 5500 Platform Switches Nexus 5600 Platform Switches Nexus 6000 Series Switches Nexus 7000 Series Switches Nexus 7700 Series Switches Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode UCS 6200 Series Fabric Interconnects UCS 6300 Series Fabric Interconnects UCS 6400 Series Fabric Interconnects Details o Cisco has disclosed several similar CLI command injection vulnerabilities. They differ primarily in affected products and software versions. This table shows the affected products for each vulnerability by Cisco bug ID and CVE ID. Security FP 4100/ MDS 9K/ N1000V N3K/N3500/ N3600/ N5500K/ UCS 6200/ Advisory 9300 N7K/ MS/VM N9K-NXOS N9500R N5600/ UCS 6300 N7700 ^1 N6K UCS 6400 ^ 2 Cisco NX-OS N/A CSCvj63728 CSCvk52969 CSCvj63877 CSCvk52988 CSCvk52972 CSCvk52975 Software CSCvk52985 CSCvk52971 Command Injection Vulnerability (CVE-2019-1735) Cisco NX-OS N/A N/A N/A CSCvh20032 CSCvj00299 N/A N/A Software Line Card Command Injection Vulnerability (CVE-2019-1769) Cisco NX-OS N/A CSCvh75867 CSCvi92240 CSCvh75958 CSCvi92239 CSCvi92243 N/A Software ^1 CSCvk36294 CSCvi92242 Command Injection Vulnerability (CVE-2019-1770) Cisco NX-OS N/A CSCvh75895 N/A CSCvh75968 CSCvi99195 CSCvi99198 N/A Software CSCvh75909 CSCvh75976 CSCvi92256 CSCvi92260 Command CSCvi99197 Injection CSCvi92258 Vulnerabilities (CVE-2019-1774, CVE-2019-1775) Cisco NX-OS N/A CSCvh20081 N/A CSCvh20076 CSCvi96429 CSCvi96432 CSCvi96433 Software CSCvi96431 ^2 Command Injection Vulnerability (CVE-2019-1776) Cisco NX-OS N/A N/A N/A CSCvh75996 CSCvj03877 N/A N/A Software Command Injection Vulnerability (CVE-2019-1778) Cisco FXOS and CSCvj00418 CSCve51688 N/A CSCvh76126 CSCvj00412 CSCvj00416 N/A NX-OS Software Command Injection Vulnerability (CVE-2019-1779) Cisco FXOS and CSCvi92332 CSCvi01440 N/A CSCvi01431 CSCvi92326 CSCvi92329 N/A NX-OS Software CSCvi92328 Command Injection Vulnerability (CVE-2019-1780) Cisco FXOS and CSCvi96527 CSCvi01448 N/A CSCvi01445 CSCvi96522 CSCvi96525 CSCvi96526 NX-OS Software CSCvi92130 CSCvh20389 CSCvh20027 CSCvi91985 CSCvi92128 ^2 Command CSCvi96524 CSCvi92129 Injection CSCvi92126 ^2 Vulnerabilities (CVE-2019-1781, CVE-2019-1782) Cisco NX-OS N/A CSCvi42281 N/A N/A N/A CSCvj03966 N/A Software ^1 Command Injection Vulnerability (CVE-2019-1783) Cisco NX-OS N/A CSCvi42292 N/A N/A N/A CSCvj12273 CSCvj12274 Software ^1 ^2 Command Injection Vulnerability (CVE-2019-1784) Cisco NX-OS N/A CSCvh20112 N/A CSCvh20096 CSCvi96504 CSCvi96509 CSCvi96510 Software ^2 Command Injection Vulnerability (CVE-2019-1790) Cisco NX-OS N/A CSCvj63667 N/A CSCvj63270 CSCvk50889 CSCvk50876 N/A Software CSCvk50873 Command Injection Vulnerability (CVE-2019-1791) Cisco FXOS and CSCvh66259 CSCvh20359 CSCvh66257 CSCvh20029 CSCvh66202 CSCvh66214 CSCvh66243 NX-OS Software CSCvk30761 CSCvh66219 ^2 Command Injection Vulnerability (CVE-2019-1795) 1. CSCvh75867, CSCvi42281, and CSCvi42292 apply to only Nexus 7000 Series and Nexus 7700 Series Switches. The MDS 9000 Series Multilayer Switches are not affected by these vulnerabilities. 2. CSCvk52975 applies to UCS 6200, 6300, and 6400. For all other UCS defects, only UCS 6200 and 6300 are affected (and UCS 6400 is not affected). Workarounds o There are no workarounds that address this vulnerability. Fixed Software o Cisco has released free software updates that address the vulnerability described in this advisory. Customers may only install and expect support for software versions and feature sets for which they have purchased a license. By installing, downloading, accessing, or otherwise using such software upgrades, customers agree to follow the terms of the Cisco software license: https://www.cisco.com/c/en/us/products/ end-user-license-agreement.html Additionally, customers may only download software for which they have a valid license, procured from Cisco directly, or through a Cisco authorized reseller or partner. In most cases this will be a maintenance upgrade to software that was previously purchased. Free security software updates do not entitle customers to a new software license, additional software feature sets, or major revision upgrades. When considering software upgrades, customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories and Alerts page , to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Customers Without Service Contracts Customers should have the product serial number available and be prepared to provide the URL of this advisory as evidence of entitlement to a free upgrade. Fixed Releases No upgrade action is necessary for customers who have already applied a recommended release to address the March 2019 Cisco FXOS and NX-OS Software bundle. See Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication for a list of advisories in the bundle. Customers who have not applied a recommended release to address the March 2019 bundle are advised to upgrade to an appropriate release as indicated in the applicable table in this section. In the following tables, the left column lists Cisco NX-OS Software releases. The right column indicates the first release that includes the fix for this vulnerability. Nexus 3000 Series Switches, Nexus 3500 Platform Switches, and Nexus 9000 Series Switches in Standalone NX-OS Mode: CSCvh75996 Cisco NX-OS Software Release First Fixed Release for This Vulnerability Prior to 7.0(3)I4 7.0(3)I4(9) 7.0(3)I4 7.0(3)I4(9) 7.0(3)I7 7.0(3)I7(4) 9.2(1) Not vulnerable Nexus 3600 Platform Switches and Nexus 9500 R-Series Switching Platform: CSCvj03877 Cisco NX-OS Software Release First Fixed Release for This Vulnerability 7.0(3) 7.0(3)F3(5) 9.2 Not vulnerable Additional Resources For help determining the best Cisco NX-OS Software release for a Cisco Nexus Switch, administrators can refer to the following Recommended Releases documents. If a security advisory recommends a later release, Cisco recommends following the advisory guidance. Cisco MDS Series Switches Cisco Nexus 1000V for VMware Switch Cisco Nexus 3000 Series and 3500 Series Switches Cisco Nexus 5000 Series Switches Cisco Nexus 5500 Platform Switches Cisco Nexus 6000 Series Switches Cisco Nexus 7000 Series Switches Cisco Nexus 9000 Series Switches Cisco Nexus 9000 Series ACI-Mode Switches For help determining the best Cisco NX-OS Software release for Cisco UCS, refer to the Recommended Releases documents in the release notes for the device. Exploitation and Public Announcements o The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. Source o This vulnerability was found during internal security testing. Cisco Security Vulnerability Policy o To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy . This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco. URL o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/ cisco-sa-20190515-nxos-cmdinj-1778 Revision History o +----------+---------------------------+----------+--------+--------------+ | Version | Description | Section | Status | Date | +----------+---------------------------+----------+--------+--------------+ | 1.0 | Initial public release. | - | Final | 2019-May-15 | +----------+---------------------------+----------+--------+--------------+ - ------------------------------------------------------------------------------- Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1783) Priority: Medium Advisory ID: cisco-sa-20190515-nxos-cmdinj-1783 First Published: 2019 May 15 16:00 GMT Last Updated: 2019 July 18 00:00 GMT Version 1.1: Final Workarounds: No workarounds availableCisco Bug IDs: CSCvi42281CSCvj03966 CVE-2019-1783 CWE-77 CVSS Score: 6.7 AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X Summary o A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying Linux operating system with the privilege level of root . The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/ cisco-sa-20190515-nxos-cmdinj-1783 Affected Products o Vulnerable Products This vulnerability affects the following Cisco products if they are running a vulnerable release of Cisco NX-OS Software: Nexus 5500 Platform Switches Nexus 5600 Platform Switches Nexus 6000 Series Switches Nexus 7000 Series Switches Nexus 7700 Series Switches For information about which Cisco NX-OS Software releases are vulnerable, see the Fixed Software section of this advisory. Products Confirmed Not Vulnerable Only products listed in the Vulnerable Products section of this advisory are known to be affected by this vulnerability. Cisco has confirmed that this vulnerability does not affect the following Cisco products: Firepower 2100 Series Firepower 4100 Series Firepower 9300 Security Appliances MDS 9000 Series Multilayer Switches Nexus 1000V Switch for Microsoft Hyper-V Nexus 1000V Switch for VMware vSphere Nexus 3000 Series Switches Nexus 3500 Platform Switches Nexus 3600 Platform Switches Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode Nexus 9000 Series Switches in standalone NX-OS mode Nexus 9500 R-Series Switching Platform UCS 6200 Series Fabric Interconnects UCS 6300 Series Fabric Interconnects UCS 6400 Series Fabric Interconnects Details o Cisco has disclosed several similar CLI command injection vulnerabilities. They differ primarily in affected products and software versions. This table shows the affected products for each vulnerability by Cisco bug ID and CVE ID. Security FP 4100/ MDS 9K/ N1000V N3K/N3500/ N3600/ N5500K/ UCS 6200/ Advisory 9300 N7K/ MS/VM N9K-NXOS N9500R N5600/ UCS 6300 N7700 ^1 N6K UCS 6400 ^ 2 Cisco NX-OS N/A CSCvj63728 CSCvk52969 CSCvj63877 CSCvk52988 CSCvk52972 CSCvk52975 Software CSCvk52985 CSCvk52971 Command Injection Vulnerability (CVE-2019-1735) Cisco NX-OS N/A N/A N/A CSCvh20032 CSCvj00299 N/A N/A Software Line Card Command Injection Vulnerability (CVE-2019-1769) Cisco NX-OS N/A CSCvh75867 CSCvi92240 CSCvh75958 CSCvi92239 CSCvi92243 N/A Software ^1 CSCvk36294 CSCvi92242 Command Injection Vulnerability (CVE-2019-1770) Cisco NX-OS N/A CSCvh75895 N/A CSCvh75968 CSCvi99195 CSCvi99198 N/A Software CSCvh75909 CSCvh75976 CSCvi92256 CSCvi92260 Command CSCvi99197 Injection CSCvi92258 Vulnerabilities (CVE-2019-1774, CVE-2019-1775) Cisco NX-OS N/A CSCvh20081 N/A CSCvh20076 CSCvi96429 CSCvi96432 CSCvi96433 Software CSCvi96431 ^2 Command Injection Vulnerability (CVE-2019-1776) Cisco NX-OS N/A N/A N/A CSCvh75996 CSCvj03877 N/A N/A Software Command Injection Vulnerability (CVE-2019-1778) Cisco FXOS and CSCvj00418 CSCve51688 N/A CSCvh76126 CSCvj00412 CSCvj00416 N/A NX-OS Software Command Injection Vulnerability (CVE-2019-1779) Cisco FXOS and CSCvi92332 CSCvi01440 N/A CSCvi01431 CSCvi92326 CSCvi92329 N/A NX-OS Software CSCvi92328 Command Injection Vulnerability (CVE-2019-1780) Cisco FXOS and CSCvi96527 CSCvi01448 N/A CSCvi01445 CSCvi96522 CSCvi96525 CSCvi96526 NX-OS Software CSCvi92130 CSCvh20389 CSCvh20027 CSCvi91985 CSCvi92128 ^2 Command CSCvi96524 CSCvi92129 Injection CSCvi92126 ^2 Vulnerabilities (CVE-2019-1781, CVE-2019-1782) Cisco NX-OS N/A CSCvi42281 N/A N/A N/A CSCvj03966 N/A Software ^1 Command Injection Vulnerability (CVE-2019-1783) Cisco NX-OS N/A CSCvi42292 N/A N/A N/A CSCvj12273 CSCvj12274 Software ^1 ^2 Command Injection Vulnerability (CVE-2019-1784) Cisco NX-OS N/A CSCvh20112 N/A CSCvh20096 CSCvi96504 CSCvi96509 CSCvi96510 Software ^2 Command Injection Vulnerability (CVE-2019-1790) Cisco NX-OS N/A CSCvj63667 N/A CSCvj63270 CSCvk50889 CSCvk50876 N/A Software CSCvk50873 Command Injection Vulnerability (CVE-2019-1791) Cisco FXOS and CSCvh66259 CSCvh20359 CSCvh66257 CSCvh20029 CSCvh66202 CSCvh66214 CSCvh66243 NX-OS Software CSCvk30761 CSCvh66219 ^2 Command Injection Vulnerability (CVE-2019-1795) 1. CSCvh75867, CSCvi42281, and CSCvi42292 apply to only Nexus 7000 Series and Nexus 7700 Series Switches. The MDS 9000 Series Multilayer Switches are not affected by these vulnerabilities. 2. CSCvk52975 applies to UCS 6200, 6300, and 6400. For all other UCS defects, only UCS 6200 and 6300 are affected (and UCS 6400 is not affected). Workarounds o There are no workarounds that address this vulnerability. Fixed Software o Cisco has released free software updates that address the vulnerability described in this advisory. Customers may only install and expect support for software versions and feature sets for which they have purchased a license. By installing, downloading, accessing, or otherwise using such software upgrades, customers agree to follow the terms of the Cisco software license: https://www.cisco.com/c/en/us/products/ end-user-license-agreement.html Additionally, customers may only download software for which they have a valid license, procured from Cisco directly, or through a Cisco authorized reseller or partner. In most cases this will be a maintenance upgrade to software that was previously purchased. Free security software updates do not entitle customers to a new software license, additional software feature sets, or major revision upgrades. When considering software upgrades, customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories and Alerts page , to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Customers Without Service Contracts Customers who purchase directly from Cisco but do not hold a Cisco service contract and customers who make purchases through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c /en/us/support/web/tsd-cisco-worldwide-contacts.html Customers should have the product serial number available and be prepared to provide the URL of this advisory as evidence of entitlement to a free upgrade. Fixed Releases No upgrade action is necessary for customers who have already applied a recommended release to address the March 2019 Cisco FXOS and NX-OS Software bundle. See Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication for a list of advisories in the bundle. Customers who have not applied a recommended release to address the March 2019 bundle are advised to upgrade to an appropriate release as indicated in the applicable table in this section. In the following tables, the left column lists Cisco NX-OS Software releases. The right column indicates the first release that includes the fix for this vulnerability. Nexus 5500, 5600, and 6000 Series Switches: CSCvj03966 Cisco NX-OS Software Release First Fixed Release for This Vulnerability Prior to 7.3 7.3(4)N1(1) 7.3 7.3(4)N1(1) Nexus 7000 and 7700 Series Switches: CSCvi42281 Cisco NX-OS Software Release First Fixed Release for This Vulnerability 6.2 Not vulnerable 7.2 7.3(3)D1(1) 7.3 7.3(3)D1(1) 8.0 8.3(1) 8.1 8.3(1) 8.2 8.3(1) 8.3 8.3(1) Additional Resources For help determining the best Cisco NX-OS Software release for a Cisco Nexus Switch, administrators can refer to the following Recommended Releases documents. If a security advisory recommends a later release, Cisco recommends following the advisory guidance. Cisco MDS Series Switches Cisco Nexus 1000V for VMware Switch Cisco Nexus 3000 Series and 3500 Series Switches Cisco Nexus 5000 Series Switches Cisco Nexus 5500 Platform Switches Cisco Nexus 6000 Series Switches Cisco Nexus 7000 Series Switches Cisco Nexus 9000 Series Switches Cisco Nexus 9000 Series ACI-Mode Switches For help determining the best Cisco NX-OS Software release for Cisco UCS, refer to the Recommended Releases documents in the release notes for the device. Exploitation and Public Announcements o The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. Source o This vulnerability was found during internal security testing. Cisco Security Vulnerability Policy o To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy . This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco. URL o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/ cisco-sa-20190515-nxos-cmdinj-1783 Revision History o +---------+----------------------------+----------+--------+--------------+ | Version | Description | Section | Status | Date | +---------+----------------------------+----------+--------+--------------+ | 1.1 | Updated the Fixed Releases | Fixed | Final | 2019-July-18 | | | for the Nexus 7000/7700. | Software | | | +---------+----------------------------+----------+--------+--------------+ | 1.0 | Initial public release. | - | Final | 2019-May-15 | +---------+----------------------------+----------+--------+--------------+ - ------------------------------------------------------------------------------- Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1784) Priority: Medium Advisory ID: cisco-sa-20190515-nxos-cmd-inject-1784 First Published: 2019 May 15 16:00 GMT Last Updated: 2019 July 18 00:00 GMT Version 1.1: Final Workarounds: No workarounds availableCisco Bug IDs: CSCvi42292CSCvj12273CSCvj12274 CVE-2019-1784 CWE-77 CVSS Score: 6.7 AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X Summary o A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with the privilege level of root . The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/ cisco-sa-20190515-nxos-cmd-inject-1784 Affected Products o Vulnerable Products This vulnerability affects the following Cisco products if they are running a vulnerable release of Cisco NX-OS Software: Nexus 5500 Platform Switches Nexus 5600 Platform Switches Nexus 6000 Series Switches Nexus 7000 Series Switches Nexus 7700 Series Switches UCS 6200 Series Fabric Interconnects UCS 6300 Series Fabric Interconnects For information about which Cisco NX-OS Software releases are vulnerable, see the Fixed Software section of this advisory. Products Confirmed Not Vulnerable Only products listed in the Vulnerable Products section of this advisory are known to be affected by this vulnerability. Cisco has confirmed that this vulnerability does not affect the following Cisco products: Firepower 2100 Series Firepower 4100 Series Firepower 9300 Security Appliances MDS 9000 Series Multilayer Switches Nexus 1000V Switch for Microsoft Hyper-V Nexus 1000V Switch for VMware vSphere Nexus 3000 Series Switches Nexus 3500 Platform Switches Nexus 3600 Platform Switches Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode Nexus 9000 Series Switches in standalone NX-OS mode Nexus 9500 R-Series Switching Platform UCS 6400 Series Fabric Interconnects Details o Cisco has disclosed several similar CLI command injection vulnerabilities. They differ primarily in affected products and software versions. This table shows the affected products for each vulnerability by Cisco bug ID and CVE ID. Security FP 4100/ MDS 9K/ N1000V N3K/N3500/ N3600/ N5500K/ UCS 6200/ Advisory 9300 N7K/ MS/VM N9K-NXOS N9500R N5600/ UCS 6300 N7700 ^1 N6K UCS 6400 ^ 2 Cisco NX-OS N/A CSCvj63728 CSCvk52969 CSCvj63877 CSCvk52988 CSCvk52972 CSCvk52975 Software CSCvk52985 CSCvk52971 Command Injection Vulnerability (CVE-2019-1735) Cisco NX-OS N/A N/A N/A CSCvh20032 CSCvj00299 N/A N/A Software Line Card Command Injection Vulnerability (CVE-2019-1769) Cisco NX-OS N/A CSCvh75867 CSCvi92240 CSCvh75958 CSCvi92239 CSCvi92243 N/A Software ^1 CSCvk36294 CSCvi92242 Command Injection Vulnerability (CVE-2019-1770) Cisco NX-OS N/A CSCvh75895 N/A CSCvh75968 CSCvi99195 CSCvi99198 N/A Software CSCvh75909 CSCvh75976 CSCvi92256 CSCvi92260 Command CSCvi99197 Injection CSCvi92258 Vulnerabilities (CVE-2019-1774, CVE-2019-1775) Cisco NX-OS N/A CSCvh20081 N/A CSCvh20076 CSCvi96429 CSCvi96432 CSCvi96433 Software CSCvi96431 ^2 Command Injection Vulnerability (CVE-2019-1776) Cisco NX-OS N/A N/A N/A CSCvh75996 CSCvj03877 N/A N/A Software Command Injection Vulnerability (CVE-2019-1778) Cisco FXOS and CSCvj00418 CSCve51688 N/A CSCvh76126 CSCvj00412 CSCvj00416 N/A NX-OS Software Command Injection Vulnerability (CVE-2019-1779) Cisco FXOS and CSCvi92332 CSCvi01440 N/A CSCvi01431 CSCvi92326 CSCvi92329 N/A NX-OS Software CSCvi92328 Command Injection Vulnerability (CVE-2019-1780) Cisco FXOS and CSCvi96527 CSCvi01448 N/A CSCvi01445 CSCvi96522 CSCvi96525 CSCvi96526 NX-OS Software CSCvi92130 CSCvh20389 CSCvh20027 CSCvi91985 CSCvi92128 ^2 Command CSCvi96524 CSCvi92129 Injection CSCvi92126 ^2 Vulnerabilities (CVE-2019-1781, CVE-2019-1782) Cisco NX-OS N/A CSCvi42281 N/A N/A N/A CSCvj03966 N/A Software ^1 Command Injection Vulnerability (CVE-2019-1783) Cisco NX-OS N/A CSCvi42292 N/A N/A N/A CSCvj12273 CSCvj12274 Software ^1 ^2 Command Injection Vulnerability (CVE-2019-1784) Cisco NX-OS N/A CSCvh20112 N/A CSCvh20096 CSCvi96504 CSCvi96509 CSCvi96510 Software ^2 Command Injection Vulnerability (CVE-2019-1790) Cisco NX-OS N/A CSCvj63667 N/A CSCvj63270 CSCvk50889 CSCvk50876 N/A Software CSCvk50873 Command Injection Vulnerability (CVE-2019-1791) Cisco FXOS and CSCvh66259 CSCvh20359 CSCvh66257 CSCvh20029 CSCvh66202 CSCvh66214 CSCvh66243 NX-OS Software CSCvk30761 CSCvh66219 ^2 Command Injection Vulnerability (CVE-2019-1795) 1. CSCvh75867, CSCvi42281, and CSCvi42292 apply to only Nexus 7000 Series and Nexus 7700 Series Switches. The MDS 9000 Series Multilayer Switches are not affected by these vulnerabilities. 2. CSCvk52975 applies to UCS 6200, 6300, and 6400. For all other UCS defects, only UCS 6200 and 6300 are affected (and UCS 6400 is not affected). Workarounds o There are no workarounds that address this vulnerability. Fixed Software o Cisco has released free software updates that address the vulnerability described in this advisory. Customers may only install and expect support for software versions and feature sets for which they have purchased a license. By installing, downloading, accessing, or otherwise using such software upgrades, customers agree to follow the terms of the Cisco software license: https://www.cisco.com/c/en/us/products/ end-user-license-agreement.html Additionally, customers may only download software for which they have a valid license, procured from Cisco directly, or through a Cisco authorized reseller or partner. In most cases this will be a maintenance upgrade to software that was previously purchased. Free security software updates do not entitle customers to a new software license, additional software feature sets, or major revision upgrades. When considering software upgrades, customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories and Alerts page , to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Customers Without Service Contracts Customers who purchase directly from Cisco but do not hold a Cisco service contract and customers who make purchases through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c /en/us/support/web/tsd-cisco-worldwide-contacts.html Customers should have the product serial number available and be prepared to provide the URL of this advisory as evidence of entitlement to a free upgrade. Fixed Releases No upgrade action is necessary for customers who have already applied a recommended release to address the March 2019 Cisco FXOS and NX-OS Software bundle. See Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication for a list of advisories in the bundle. Customers who have not applied a recommended release to address the March 2019 bundle are advised to upgrade to an appropriate release as indicated in the applicable table in this section. In the following tables, the left column lists Cisco NX-OS Software releases. The right column indicates the first release that includes the fix for this vulnerability. Nexus 5500, 5600, and 6000 Series Switches: CSCvj12273 Cisco NX-OS Software Release First Fixed Release for This Vulnerability Prior to 7.3 7.3(5)N1(1) 7.3 7.3(5)N1(1) Nexus 7000 and 7700 Series Switches: CSCvi42292 Cisco NX-OS Software Release First Fixed Release for This Vulnerability Prior to 6.2 Not vulnerable 6.2 Not vulnerable 7.2 7.3(3)D1(1) 7.3 7.3(3)D1(1) 8.0 8.2(3) 8.1 8.2(3) 8.2 8.2(3) 8.3 8.3(1) UCS 6200 and 6300 Series Fabric Interconnects: CSCvj12274 Cisco NX-OS Software Release First Fixed Release for This Vulnerability Prior to 4.0 4.0(1a) 4.0 4.0(1a) Additional Resources For help determining the best Cisco NX-OS Software release for a Cisco Nexus Switch, administrators can refer to the following Recommended Releases documents. If a security advisory recommends a later release, Cisco recommends following the advisory guidance. Cisco MDS Series Switches Cisco Nexus 1000V for VMware Switch Cisco Nexus 3000 Series and 3500 Series Switches Cisco Nexus 5000 Series Switches Cisco Nexus 5500 Platform Switches Cisco Nexus 6000 Series Switches Cisco Nexus 7000 Series Switches Cisco Nexus 9000 Series Switches Cisco Nexus 9000 Series ACI-Mode Switches For help determining the best Cisco NX-OS Software release for Cisco UCS, refer to the Recommended Releases documents in the release notes for the device. Exploitation and Public Announcements o The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. Source o This vulnerability was found during internal security testing. Cisco Security Vulnerability Policy o To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy . This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco. URL o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/ cisco-sa-20190515-nxos-cmd-inject-1784 Revision History o +---------+----------------------------+----------+--------+--------------+ | Version | Description | Section | Status | Date | +---------+----------------------------+----------+--------+--------------+ | | Updated the release | Fixed | | | | 1.1 | information for the Nexus | Software | Final | 2019-July-18 | | | 7000 and 7700. | | | | +---------+----------------------------+----------+--------+--------------+ | 1.0 | Initial public release. | - | Final | 2019-May-15 | +---------+----------------------------+----------+--------+--------------+ - ------------------------------------------------------------------------------- Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1790) Priority: Medium Advisory ID: cisco-sa-20190515-nxos-cmdinj-1790 First Published: 2019 May 15 16:00 GMT Version 1.0: Final Workarounds: No workarounds availableCisco Bug IDs: CSCvh20096CSCvh20112CSCvi96504CSCvi96509CSCvi96510 CVE-2019-1790 CWE-77 CVSS Score: 6.7 AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X Summary o A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with valid administrator credentials to execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/ cisco-sa-20190515-nxos-cmdinj-1790 Affected Products o Vulnerable Products This vulnerability affects the following Cisco products if they are running a vulnerable release of Cisco NX-OS Software: MDS 9000 Series Multilayer Switches Nexus 3000 Series Switches Nexus 3500 Platform Switches Nexus 3600 Platform Switches Nexus 5500 Platform Switches Nexus 5600 Platform Switches Nexus 6000 Series Switches Nexus 7000 Series Switches Nexus 7700 Series Switches Nexus 9000 Series Switches in standalone NX-OS mode Nexus 9500 R-Series Switching Platform UCS 6200 Series Fabric Interconnects UCS 6300 Series Fabric Interconnects For information about which Cisco NX-OS Software releases are vulnerable, see the Fixed Software section of this advisory. Products Confirmed Not Vulnerable Only products listed in the Vulnerable Products section of this advisory are known to be affected by this vulnerability. Cisco has confirmed that this vulnerability does not affect the following Cisco products: Firepower 2100 Series Firepower 4100 Series Firepower 9300 Security Appliances Nexus 1000V Switch for Microsoft Hyper-V Nexus 1000V Switch for VMware vSphere Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode UCS 6400 Series Fabric Interconnects Details o Cisco has disclosed several similar CLI command injection vulnerabilities. They differ primarily in affected products and software versions. This table shows the affected products for each vulnerability by Cisco bug ID and CVE ID. Security FP 4100/ MDS 9K/ N1000V N3K/N3500/ N3600/ N5500K/ UCS 6200/ Advisory 9300 N7K/ MS/VM N9K-NXOS N9500R N5600/ UCS 6300 N7700 ^1 N6K UCS 6400 ^ 2 Cisco NX-OS N/A CSCvj63728 CSCvk52969 CSCvj63877 CSCvk52988 CSCvk52972 CSCvk52975 Software CSCvk52985 CSCvk52971 Command Injection Vulnerability (CVE-2019-1735) Cisco NX-OS N/A N/A N/A CSCvh20032 CSCvj00299 N/A N/A Software Line Card Command Injection Vulnerability (CVE-2019-1769) Cisco NX-OS N/A CSCvh75867 CSCvi92240 CSCvh75958 CSCvi92239 CSCvi92243 N/A Software ^1 CSCvk36294 CSCvi92242 Command Injection Vulnerability (CVE-2019-1770) Cisco NX-OS N/A CSCvh75895 N/A CSCvh75968 CSCvi99195 CSCvi99198 N/A Software CSCvh75909 CSCvh75976 CSCvi92256 CSCvi92260 Command CSCvi99197 Injection CSCvi92258 Vulnerabilities (CVE-2019-1774, CVE-2019-1775) Cisco NX-OS N/A CSCvh20081 N/A CSCvh20076 CSCvi96429 CSCvi96432 CSCvi96433 Software CSCvi96431 ^2 Command Injection Vulnerability (CVE-2019-1776) Cisco NX-OS N/A N/A N/A CSCvh75996 CSCvj03877 N/A N/A Software Command Injection Vulnerability (CVE-2019-1778) Cisco FXOS and CSCvj00418 CSCve51688 N/A CSCvh76126 CSCvj00412 CSCvj00416 N/A NX-OS Software Command Injection Vulnerability (CVE-2019-1779) Cisco FXOS and CSCvi92332 CSCvi01440 N/A CSCvi01431 CSCvi92326 CSCvi92329 N/A NX-OS Software CSCvi92328 Command Injection Vulnerability (CVE-2019-1780) Cisco FXOS and CSCvi96527 CSCvi01448 N/A CSCvi01445 CSCvi96522 CSCvi96525 CSCvi96526 NX-OS Software CSCvi92130 CSCvh20389 CSCvh20027 CSCvi91985 CSCvi92128 ^2 Command CSCvi96524 CSCvi92129 Injection CSCvi92126 ^2 Vulnerabilities (CVE-2019-1781, CVE-2019-1782) Cisco NX-OS N/A CSCvi42281 N/A N/A N/A CSCvj03966 N/A Software ^1 Command Injection Vulnerability (CVE-2019-1783) Cisco NX-OS N/A CSCvi42292 N/A N/A N/A CSCvj12273 CSCvj12274 Software ^1 ^2 Command Injection Vulnerability (CVE-2019-1784) Cisco NX-OS N/A CSCvh20112 N/A CSCvh20096 CSCvi96504 CSCvi96509 CSCvi96510 Software ^2 Command Injection Vulnerability (CVE-2019-1790) Cisco NX-OS N/A CSCvj63667 N/A CSCvj63270 CSCvk50889 CSCvk50876 N/A Software CSCvk50873 Command Injection Vulnerability (CVE-2019-1791) Cisco FXOS and CSCvh66259 CSCvh20359 CSCvh66257 CSCvh20029 CSCvh66202 CSCvh66214 CSCvh66243 NX-OS Software CSCvk30761 CSCvh66219 ^2 Command Injection Vulnerability (CVE-2019-1795) 1. CSCvh75867, CSCvi42281, and CSCvi42292 apply to only Nexus 7000 Series and Nexus 7700 Series Switches. The MDS 9000 Series Multilayer Switches are not affected by these vulnerabilities. 2. CSCvk52975 applies to UCS 6200, 6300, and 6400. For all other UCS defects, only UCS 6200 and 6300 are affected (and UCS 6400 is not affected). Workarounds o There are no workarounds that address this vulnerability. Fixed Software o Cisco has released free software updates that address the vulnerability described in this advisory. Customers may only install and expect support for software versions and feature sets for which they have purchased a license. By installing, downloading, accessing, or otherwise using such software upgrades, customers agree to follow the terms of the Cisco software license: https://www.cisco.com/c/en/us/products/ end-user-license-agreement.html Additionally, customers may only download software for which they have a valid license, procured from Cisco directly, or through a Cisco authorized reseller or partner. In most cases this will be a maintenance upgrade to software that was previously purchased. Free security software updates do not entitle customers to a new software license, additional software feature sets, or major revision upgrades. When considering software upgrades, customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories and Alerts page , to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Customers Without Service Contracts Customers who purchase directly from Cisco but do not hold a Cisco service contract and customers who make purchases through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c /en/us/support/web/tsd-cisco-worldwide-contacts.html Customers should have the product serial number available and be prepared to provide the URL of this advisory as evidence of entitlement to a free upgrade. Fixed Releases No upgrade action is necessary for customers who have already applied a recommended release to address the March 2019 Cisco FXOS and NX-OS Software bundle. See Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication for a list of advisories in the bundle. Customers who have not applied a recommended release to address the March 2019 bundle are advised to upgrade to an appropriate release as indicated in the applicable table in this section. In the following tables, the left column lists Cisco NX-OS Software releases. The right column indicates the first release that includes the fix for this vulnerability. MDS 9000 Series Multilayer Switches: CSCvh20112 Cisco NX-OS Software Release First Fixed Release for This Vulnerability 5.2 6.2(25) 6.2 6.2(25) 7.3 8.1(1b) 8.1 8.1(1b) 8.2 8.2(3) 8.3 8.3(1) Nexus 3000 Series Switches, Nexus 3500 Platform Switches, and Nexus 9000 Series Switches in Standalone NX-OS Mode: CSCvh20096 Cisco NX-OS Software Release First Fixed Release for This Vulnerability Prior to 7.0(3)I4 7.0(3)I4(8) 7.0(3)I4 7.0(3)I4(8) 7.0(3)I7 7.0(3)I7(3) 9.2(1) Not vulnerable Nexus 3600 Platform Switches and Nexus 9500 R-Series Switching Platform: CSCvi96504 Cisco NX-OS Software Release First Fixed Release for This Vulnerability 7.0(3) 7.0(3)F3(5) 9.2 Not vulnerable Nexus 5500 and 5600 Platform Switches and 6000 Series Switches: CSCvi96509 Cisco NX-OS Software Release First Fixed Release for This Vulnerability Prior to 7.3 7.3(4)N1(1) 7.3 7.3(4)N1(1) Nexus 7000 and 7700 Series Switches: CSCvh20112 Cisco NX-OS Software Release First Fixed Release for This Vulnerability Prior to 6.2 6.2(22) 6.2 6.2(22) 7.2 7.3(3)D1(1) 7.3 7.3(3)D1(1) 8.0 8.2(3) 8.1 8.2(3) 8.2 8.2(3) 8.3 8.3(1) UCS 6200 and 6300 Series Fabric Interconnects: CSCvi96510 Cisco NX-OS Software Release First Fixed Release for This Vulnerability Prior to 4.0 4.0(1a) 4.0 4.0(1a) Additional Resources For help determining the best Cisco NX-OS Software release for a Cisco Nexus Switch, administrators can refer to the following Recommended Releases documents. If a security advisory recommends a later release, Cisco recommends following the advisory guidance. Cisco MDS Series Switches Cisco Nexus 1000V for VMware Switch Cisco Nexus 3000 Series and 3500 Series Switches Cisco Nexus 5000 Series Switches Cisco Nexus 5500 Platform Switches Cisco Nexus 6000 Series Switches Cisco Nexus 7000 Series Switches Cisco Nexus 9000 Series Switches Cisco Nexus 9000 Series ACI-Mode Switches For help determining the best Cisco NX-OS Software release for Cisco UCS, refer to the Recommended Releases documents in the release notes for the device. Exploitation and Public Announcements o The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. Source o This vulnerability was found during internal security testing. Cisco Security Vulnerability Policy o To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy . This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco. URL o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/ cisco-sa-20190515-nxos-cmdinj-1790 Revision History o +----------+---------------------------+----------+--------+--------------+ | Version | Description | Section | Status | Date | +----------+---------------------------+----------+--------+--------------+ | 1.0 | Initial public release. | - | Final | 2019-May-15 | +----------+---------------------------+----------+--------+--------------+ - ------------------------------------------------------------------------------- Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1791) Priority: Medium Advisory ID: cisco-sa-20190515-nxos-cmdinj-1791 First Published: 2019 May 15 16:00 GMT Version 1.0: Final Workarounds: No workarounds availableCisco Bug IDs: CSCvj63270CSCvj63667CSCvk50873CSCvk50876CSCvk50889 CVE-2019-1791 CWE-77 CVSS Score: 6.7 AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X Summary o A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/ cisco-sa-20190515-nxos-cmdinj-1791 Affected Products o Vulnerable Products This vulnerability affects the following Cisco products if they are running a vulnerable release of Cisco NX-OS Software: MDS 9000 Series Multilayer Switches Nexus 3000 Series Switches Nexus 3500 Platform Switches Nexus 3600 Platform Switches Nexus 5500 Platform Switches Nexus 5600 Platform Switches Nexus 6000 Series Switches Nexus 7000 Series Switches Nexus 7700 Series Switches Nexus 9000 Series Switches in standalone NX-OS mode Nexus 9500 R-Series Switching Platform For information about which Cisco NX-OS Software releases are vulnerable, see the Fixed Software section of this advisory. Products Confirmed Not Vulnerable Only products listed in the Vulnerable Products section of this advisory are known to be affected by this vulnerability. Cisco has confirmed that this vulnerability does not affect the following Cisco products: Firepower 2100 Series Firepower 4100 Series Firepower 9300 Security Appliances Nexus 1000V Switch for Microsoft Hyper-V Nexus 1000V Switch for VMware vSphere Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode UCS 6200 Series Fabric Interconnects UCS 6300 Series Fabric Interconnects UCS 6400 Series Fabric Interconnects Details o Cisco has disclosed several similar CLI command injection vulnerabilities. They differ primarily in affected products and software versions. This table shows the affected products for each vulnerability by Cisco bug ID and CVE ID. Security FP 4100/ MDS 9K/ N1000V N3K/N3500/ N3600/ N5500K/ UCS 6200/ Advisory 9300 N7K/ MS/VM N9K-NXOS N9500R N5600/ UCS 6300 N7700 ^1 N6K UCS 6400 ^ 2 Cisco NX-OS N/A CSCvj63728 CSCvk52969 CSCvj63877 CSCvk52988 CSCvk52972 CSCvk52975 Software CSCvk52985 CSCvk52971 Command Injection Vulnerability (CVE-2019-1735) Cisco NX-OS N/A N/A N/A CSCvh20032 CSCvj00299 N/A N/A Software Line Card Command Injection Vulnerability (CVE-2019-1769) Cisco NX-OS N/A CSCvh75867 CSCvi92240 CSCvh75958 CSCvi92239 CSCvi92243 N/A Software ^1 CSCvk36294 CSCvi92242 Command Injection Vulnerability (CVE-2019-1770) Cisco NX-OS N/A CSCvh75895 N/A CSCvh75968 CSCvi99195 CSCvi99198 N/A Software CSCvh75909 CSCvh75976 CSCvi92256 CSCvi92260 Command CSCvi99197 Injection CSCvi92258 Vulnerabilities (CVE-2019-1774, CVE-2019-1775) Cisco NX-OS N/A CSCvh20081 N/A CSCvh20076 CSCvi96429 CSCvi96432 CSCvi96433 Software CSCvi96431 ^2 Command Injection Vulnerability (CVE-2019-1776) Cisco NX-OS N/A N/A N/A CSCvh75996 CSCvj03877 N/A N/A Software Command Injection Vulnerability (CVE-2019-1778) Cisco FXOS and CSCvj00418 CSCve51688 N/A CSCvh76126 CSCvj00412 CSCvj00416 N/A NX-OS Software Command Injection Vulnerability (CVE-2019-1779) Cisco FXOS and CSCvi92332 CSCvi01440 N/A CSCvi01431 CSCvi92326 CSCvi92329 N/A NX-OS Software CSCvi92328 Command Injection Vulnerability (CVE-2019-1780) Cisco FXOS and CSCvi96527 CSCvi01448 N/A CSCvi01445 CSCvi96522 CSCvi96525 CSCvi96526 NX-OS Software CSCvi92130 CSCvh20389 CSCvh20027 CSCvi91985 CSCvi92128 ^2 Command CSCvi96524 CSCvi92129 Injection CSCvi92126 ^2 Vulnerabilities (CVE-2019-1781, CVE-2019-1782) Cisco NX-OS N/A CSCvi42281 N/A N/A N/A CSCvj03966 N/A Software ^1 Command Injection Vulnerability (CVE-2019-1783) Cisco NX-OS N/A CSCvi42292 N/A N/A N/A CSCvj12273 CSCvj12274 Software ^1 ^2 Command Injection Vulnerability (CVE-2019-1784) Cisco NX-OS N/A CSCvh20112 N/A CSCvh20096 CSCvi96504 CSCvi96509 CSCvi96510 Software ^2 Command Injection Vulnerability (CVE-2019-1790) Cisco NX-OS N/A CSCvj63667 N/A CSCvj63270 CSCvk50889 CSCvk50876 N/A Software CSCvk50873 Command Injection Vulnerability (CVE-2019-1791) Cisco FXOS and CSCvh66259 CSCvh20359 CSCvh66257 CSCvh20029 CSCvh66202 CSCvh66214 CSCvh66243 NX-OS Software CSCvk30761 CSCvh66219 ^2 Command Injection Vulnerability (CVE-2019-1795) 1. CSCvh75867, CSCvi42281, and CSCvi42292 apply to only Nexus 7000 Series and Nexus 7700 Series Switches. The MDS 9000 Series Multilayer Switches are not affected by these vulnerabilities. 2. CSCvk52975 applies to UCS 6200, 6300, and 6400. For all other UCS defects, only UCS 6200 and 6300 are affected (and UCS 6400 is not affected). Workarounds o There are no workarounds that address this vulnerability. Fixed Software o Cisco has released free software updates that address the vulnerability described in this advisory. Customers may only install and expect support for software versions and feature sets for which they have purchased a license. By installing, downloading, accessing, or otherwise using such software upgrades, customers agree to follow the terms of the Cisco software license: https://www.cisco.com/c/en/us/products/ end-user-license-agreement.html Additionally, customers may only download software for which they have a valid license, procured from Cisco directly, or through a Cisco authorized reseller or partner. In most cases this will be a maintenance upgrade to software that was previously purchased. Free security software updates do not entitle customers to a new software license, additional software feature sets, or major revision upgrades. When considering software upgrades, customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories and Alerts page , to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Customers Without Service Contracts Customers who purchase directly from Cisco but do not hold a Cisco service contract and customers who make purchases through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c /en/us/support/web/tsd-cisco-worldwide-contacts.html Customers should have the product serial number available and be prepared to provide the URL of this advisory as evidence of entitlement to a free upgrade. Fixed Releases No upgrade action is necessary for customers who have already applied a recommended release to address the March 2019 Cisco FXOS and NX-OS Software bundle. See Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication for a list of advisories in the bundle. Customers who have not applied a recommended release to address the March 2019 bundle are advised to upgrade to an appropriate release as indicated in the applicable table in this section. In the following tables, the left column lists Cisco NX-OS Software releases. The right column indicates the first release that includes the fix for this vulnerability. MDS 9000 Series Multilayer Switches: CSCvj63667 Cisco NX-OS Software Release First Fixed Release for This Vulnerability 5.2 6.2(25) 6.2 6.2(25) 7.3 8.2(3) 8.1 8.2(3) 8.2 8.2(3) 8.3 8.3(1) Nexus 3000 Series Switches and Nexus 9000 Series Switches in Standalone NX-OS Mode: CSCvj63270 Cisco NX-OS Software Release First Fixed Release for This Vulnerability Prior to 7.0(3)I4 7.0(3)I4(9) 7.0(3)I4 7.0(3)I4(9) 7.0(3)I7 7.0(3)I7(6) 9.2(1) Not vulnerable Nexus 3500 Platform Switches: CSCvk50873 Cisco NX-OS Software Release First Fixed Release for This Vulnerability Prior to 6.0(2)A8 6.0(2)A8(11) 6.0(2)A8 6.0(2)A8(11) 7.0(3)I4 7.0(3)I4(9) 7.0(3)I7 7.0(3)I7(6) 9.2 Not vulnerable Nexus 3600 Platform Switches and Nexus 9500 R-Series Switching Platform: CSCvk50889 Cisco NX-OS Software Release First Fixed Release for This Vulnerability 7.0(3) 7.0(3)F3(5) 9.2 Not vulnerable Nexus 5500 and 5600 Platform Switches and 6000 Series Switches: CSCvk50876 Cisco NX-OS Software Release First Fixed Release for This Vulnerability Prior to 7.3 7.3(4)N1(1) 7.3 7.3(4)N1(1) Nexus 7000 and 7700 Series Switches: CSCvj63667 Cisco NX-OS Software Release First Fixed Release for This Vulnerability Prior to 6.2 6.2(22) 6.2 6.2(22) 7.2 7.3(3)D1(1) 7.3 7.3(3)D1(1) 8.0 8.2(3) 8.1 8.2(3) 8.2 8.2(3) 8.3 8.3(1) Additional Resources For help determining the best Cisco NX-OS Software release for a Cisco Nexus Switch, administrators can refer to the following Recommended Releases documents. If a security advisory recommends a later release, Cisco recommends following the advisory guidance. Cisco MDS Series Switches Cisco Nexus 1000V for VMware Switch Cisco Nexus 3000 Series and 3500 Series Switches Cisco Nexus 5000 Series Switches Cisco Nexus 5500 Platform Switches Cisco Nexus 6000 Series Switches Cisco Nexus 7000 Series Switches Cisco Nexus 9000 Series Switches Cisco Nexus 9000 Series ACI-Mode Switches For help determining the best Cisco NX-OS Software release for Cisco UCS, refer to the Recommended Releases documents in the release notes for the device. Exploitation and Public Announcements o The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. Source o This vulnerability was found during internal security testing. Cisco Security Vulnerability Policy o To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy . This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco. URL o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/ cisco-sa-20190515-nxos-cmdinj-1791 Revision History o +----------+---------------------------+----------+--------+--------------+ | Version | Description | Section | Status | Date | +----------+---------------------------+----------+--------+--------------+ | 1.0 | Initial public release. | - | Final | 2019-May-15 | +----------+---------------------------+----------+--------+--------------+ - ------------------------------------------------------------------------------- Cisco NX-OS Software Line Card Command Injection Vulnerability (CVE-2019-1769) Priority: Medium Advisory ID: cisco-sa-20190515-nxos-linecardinj-1769 First Published: 2019 May 15 16:00 GMT Version 1.0: Final Workarounds: No workarounds available Cisco Bug IDs: CSCvh20032CSCvj00299 CVE-2019-1769 CWE-78 CVSS Score: 6.7 AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X Summary o A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying Linux operating system of an attached line card with the privilege level of root . The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system of an attached line card with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/ cisco-sa-20190515-nxos-linecardinj-1769 Affected Products o Vulnerable Products This vulnerability affects the following Cisco products if they are running a vulnerable release of Cisco NX-OS Software: Nexus 3000 Series Switches Nexus 3500 Platform Switches Nexus 3600 Platform Switches Nexus 9000 Series Switches in standalone NX-OS mode Nexus 9500 R-Series Switching Platform For information about which Cisco NX-OS Software releases are vulnerable, see the Fixed Software section of this advisory. Products Confirmed Not Vulnerable Only products listed in the Vulnerable Products section of this advisory are known to be affected by this vulnerability. Cisco has confirmed that this vulnerability does not affect the following Cisco products: Firepower 2100 Series Firepower 4100 Series Firepower 9300 Security Appliances MDS 9000 Series Multilayer Switches Nexus 1000V Switch for Microsoft Hyper-V Nexus 1000V Switch for VMware vSphere Nexus 5500 Platform Switches Nexus 5600 Platform Switches Nexus 6000 Series Switches Nexus 7000 Series Switches Nexus 7700 Series Switches Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode UCS 6200 Series Fabric Interconnects UCS 6300 Series Fabric Interconnects UCS 6400 Series Fabric Interconnects Details o Cisco has disclosed several similar CLI command injection vulnerabilities. They differ primarily in affected products and software versions. This table shows the affected products for each vulnerability by Cisco bug ID and CVE ID. Security FP 4100/ MDS 9K/ N1000V N3K/N3500/ N3600/ N5500K/ UCS 6200/ Advisory 9300 N7K/ MS/VM N9K-NXOS N9500R N5600/ UCS 6300 N7700 ^1 N6K UCS 6400 ^ 2 Cisco NX-OS N/A CSCvj63728 CSCvk52969 CSCvj63877 CSCvk52988 CSCvk52972 CSCvk52975 Software CSCvk52985 CSCvk52971 Command Injection Vulnerability (CVE-2019-1735) Cisco NX-OS N/A N/A N/A CSCvh20032 CSCvj00299 N/A N/A Software Line Card Command Injection Vulnerability (CVE-2019-1769) Cisco NX-OS N/A CSCvh75867 CSCvi92240 CSCvh75958 CSCvi92239 CSCvi92243 N/A Software ^1 CSCvk36294 CSCvi92242 Command Injection Vulnerability (CVE-2019-1770) Cisco NX-OS N/A CSCvh75895 N/A CSCvh75968 CSCvi99195 CSCvi99198 N/A Software CSCvh75909 CSCvh75976 CSCvi92256 CSCvi92260 Command CSCvi99197 Injection CSCvi92258 Vulnerabilities (CVE-2019-1774, CVE-2019-1775) Cisco NX-OS N/A CSCvh20081 N/A CSCvh20076 CSCvi96429 CSCvi96432 CSCvi96433 Software CSCvi96431 ^2 Command Injection Vulnerability (CVE-2019-1776) Cisco NX-OS N/A N/A N/A CSCvh75996 CSCvj03877 N/A N/A Software Command Injection Vulnerability (CVE-2019-1778) Cisco FXOS and CSCvj00418 CSCve51688 N/A CSCvh76126 CSCvj00412 CSCvj00416 N/A NX-OS Software Command Injection Vulnerability (CVE-2019-1779) Cisco FXOS and CSCvi92332 CSCvi01440 N/A CSCvi01431 CSCvi92326 CSCvi92329 N/A NX-OS Software CSCvi92328 Command Injection Vulnerability (CVE-2019-1780) Cisco FXOS and CSCvi96527 CSCvi01448 N/A CSCvi01445 CSCvi96522 CSCvi96525 CSCvi96526 NX-OS Software CSCvi92130 CSCvh20389 CSCvh20027 CSCvi91985 CSCvi92128 ^2 Command CSCvi96524 CSCvi92129 Injection CSCvi92126 ^2 Vulnerabilities (CVE-2019-1781, CVE-2019-1782) Cisco NX-OS N/A CSCvi42281 N/A N/A N/A CSCvj03966 N/A Software ^1 Command Injection Vulnerability (CVE-2019-1783) Cisco NX-OS N/A CSCvi42292 N/A N/A N/A CSCvj12273 CSCvj12274 Software ^1 ^2 Command Injection Vulnerability (CVE-2019-1784) Cisco NX-OS N/A CSCvh20112 N/A CSCvh20096 CSCvi96504 CSCvi96509 CSCvi96510 Software ^2 Command Injection Vulnerability (CVE-2019-1790) Cisco NX-OS N/A CSCvj63667 N/A CSCvj63270 CSCvk50889 CSCvk50876 N/A Software CSCvk50873 Command Injection Vulnerability (CVE-2019-1791) Cisco FXOS and CSCvh66259 CSCvh20359 CSCvh66257 CSCvh20029 CSCvh66202 CSCvh66214 CSCvh66243 NX-OS Software CSCvk30761 CSCvh66219 ^2 Command Injection Vulnerability (CVE-2019-1795) 1. CSCvh75867, CSCvi42281, and CSCvi42292 apply to only Nexus 7000 Series and Nexus 7700 Series Switches. The MDS 9000 Series Multilayer Switches are not affected by these vulnerabilities. 2. CSCvk52975 applies to UCS 6200, 6300, and 6400. For all other UCS defects, only UCS 6200 and 6300 are affected (and UCS 6400 is not affected). Workarounds o There are no workarounds that address this vulnerability. Fixed Software o Cisco has released free software updates that address the vulnerability described in this advisory. Customers may only install and expect support for software versions and feature sets for which they have purchased a license. By installing, downloading, accessing, or otherwise using such software upgrades, customers agree to follow the terms of the Cisco software license: https://www.cisco.com/c/en/us/products/ end-user-license-agreement.html Additionally, customers may only download software for which they have a valid license, procured from Cisco directly, or through a Cisco authorized reseller or partner. In most cases this will be a maintenance upgrade to software that was previously purchased. Free security software updates do not entitle customers to a new software license, additional software feature sets, or major revision upgrades. When considering software upgrades, customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories and Alerts page , to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Customers Without Service Contracts Customers who purchase directly from Cisco but do not hold a Cisco service contract and customers who make purchases through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c /en/us/support/web/tsd-cisco-worldwide-contacts.html Customers should have the product serial number available and be prepared to provide the URL of this advisory as evidence of entitlement to a free upgrade. Fixed Releases No upgrade action is necessary for customers who have already applied a recommended release to address the March 2019 Cisco FXOS and NX-OS Software bundle. See Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication for a list of advisories in the bundle. Customers who have not applied a recommended release to address the March 2019 bundle are advised to upgrade to an appropriate release as indicated in the applicable table in this section. In the following tables, the left column lists Cisco NX-OS Software releases. The right column indicates the first release that includes the fix for this vulnerability. Nexus 3000 Series Switches, Nexus 3500 Platform Switches, and Nexus 9000 Series Switches in Standalone NX-OS Mode: CSCvh20032 Cisco NX-OS Software Release First Fixed Release for This Vulnerability Prior to 7.0(3)I7 7.0(3)I7(6) 7.0(3)I7 7.0(3)I7(6) 9.2(1) Not vulnerable Nexus 3600 Platform Switches and Nexus 9500 R-Series Switching Platform: CSCvj00299 Cisco NX-OS Software Release First Fixed Release for This Vulnerability 7.0(3) 7.0(3)F3(5) 9.2 Not vulnerable Additional Resources For help determining the best Cisco NX-OS Software release for a Cisco Nexus Switch, administrators can refer to the following Recommended Releases documents. If a security advisory recommends a later release, Cisco recommends following the advisory guidance. Cisco MDS Series Switches Cisco Nexus 1000V for VMware Switch Cisco Nexus 3000 Series and 3500 Series Switches Cisco Nexus 5000 Series Switches Cisco Nexus 5500 Platform Switches Cisco Nexus 6000 Series Switches Cisco Nexus 7000 Series Switches Cisco Nexus 9000 Series Switches Cisco Nexus 9000 Series ACI-Mode Switches For help determining the best Cisco NX-OS Software release for Cisco UCS, refer to the Recommended Releases documents in the release notes for the device. Exploitation and Public Announcements o The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. Source o This vulnerability was found during internal security testing. Cisco Security Vulnerability Policy o To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy . This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco. URL o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/ cisco-sa-20190515-nxos-linecardinj-1769 Revision History o +----------+---------------------------+----------+--------+--------------+ | Version | Description | Section | Status | Date | +----------+---------------------------+----------+--------+--------------+ | 1.0 | Initial public release. | - | Final | 2019-May-15 | +----------+---------------------------+----------+--------+--------------+ - ------------------------------------------------------------------------------- Cisco NX-OS Software NX-API Sandbox Cross-Site Scripting Vulnerability Priority: Medium Advisory ID: cisco-sa-20190515-nxos-nxapi-xss First Published: 2019 May 15 16:00 GMT Version 1.0: Final Workarounds: No workarounds availableCisco Bug IDs: CSCvj14814 CVE-2019-1733 CWE-79 CVSS Score: 5.4 AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:X/RL:X/RC:X Summary o A vulnerability in the NX API (NX-API) Sandbox interface for Cisco NX-OS Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the NX-API Sandbox interface of an affected device. The vulnerability is due to insufficient validation of user-supplied input by the NX-API Sandbox interface. An attacker could exploit this vulnerability by persuading a user of the NX-API Sandbox interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected NX-API Sandbox interface. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/ cisco-sa-20190515-nxos-nxapi-xss Affected Products o Vulnerable Products This vulnerability affects the following Cisco products if they are running a vulnerable release of Cisco NX-OS Software: Nexus 3000 Series Switches Nexus 3500 Platform Switches Nexus 9000 Series Switches in standalone NX-OS mode For information about which Cisco NX-OS Software releases are vulnerable, see the Fixed Software section of this advisory. Products Confirmed Not Vulnerable Only products listed in the Vulnerable Products section of this advisory are known to be affected by this vulnerability. Cisco has confirmed that this vulnerability does not affect the following Cisco products: Firepower 2100 Series Firepower 4100 Series Firepower 9300 Security Appliances MDS 9000 Series Multilayer Switches Nexus 1000V Switch for Microsoft Hyper-V Nexus 1000V Switch for VMware vSphere Nexus 3600 Platform Switches Nexus 5500 Platform Switches Nexus 5600 Platform Switches Nexus 6000 Series Switches Nexus 7000 Series Switches Nexus 7700 Series Switches Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode Nexus 9500 R-Series Switching Platform UCS 6200 Series Fabric Interconnects UCS 6300 Series Fabric Interconnects UCS 6400 Series Fabric Interconnects Workarounds o There are no workarounds that address this vulnerability. Fixed Software o Cisco has released free software updates that address the vulnerabilities described in this advisory. Customers may only install and expect support for software versions and feature sets for which they have purchased a license. By installing, downloading, accessing, or otherwise using such software upgrades, customers agree to follow the terms of the Cisco software license: https://www.cisco.com/c/en/us/products/ end-user-license-agreement.html Additionally, customers may only download software for which they have a valid license, procured from Cisco directly, or through a Cisco authorized reseller or partner. In most cases this will be a maintenance upgrade to software that was previously purchased. Free security software updates do not entitle customers to a new software license, additional software feature sets, or major revision upgrades. When considering software upgrades, customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories and Alerts page , to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Customers Without Service Contracts Customers who purchase directly from Cisco but do not hold a Cisco service contract and customers who make purchases through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c /en/us/support/web/tsd-cisco-worldwide-contacts.html Customers should have the product serial number available and be prepared to provide the URL of this advisory as evidence of entitlement to a free upgrade. Fixed Releases No upgrade action is necessary for customers who have already applied a recommended release to address the March 2019 Cisco FXOS and NX-OS Software bundle. See Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication for a list of advisories in the bundle. Customers who have not applied a recommended release to address the March 2019 bundle are advised to upgrade to an appropriate release as indicated in the applicable table in this section. In the following tables, the left column lists Cisco NX-OS Software releases. The right column indicates the first release that includes the fix for this vulnerability. Nexus 3000 Series Switches, Nexus 3500 Platform Switches , and Nexus 9000 Series Switches in Standalone NX-OS Mode: CSCvj14814 Cisco NX-OS Software Release First Fixed Release for This Vulnerability Prior to 7.0(3)I2 Not vulnerable 7.0(3)I7 7.0(3)I7(4) 9.2(1) Not vulnerable Additional Resources For help determining the best Cisco NX-OS Software release for a Cisco Nexus Switch, administrators can refer to the following Recommended Releases documents. If a security advisory recommends a later release, Cisco recommends following the advisory guidance. Cisco MDS Series Switches Cisco Nexus 1000V for VMware Switch Cisco Nexus 3000 Series and 3500 Series Switches Cisco Nexus 5000 Series Switches Cisco Nexus 5500 Platform Switches Cisco Nexus 6000 Series Switches Cisco Nexus 7000 Series Switches Cisco Nexus 9000 Series Switches Cisco Nexus 9000 Series ACI-Mode Switches For help determining the best Cisco NX-OS Software release for Cisco UCS, refer to the Recommended Releases documents in the release notes for the device. Exploitation and Public Announcements o The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. Source o This vulnerability was found during internal security testing. Cisco Security Vulnerability Policy o To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy . This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco. Action Links for This Advisory o Understanding Cross-Site Scripting (XSS) Threat Vectors Related to This Advisory o Cross-Site Scripting URL o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/ cisco-sa-20190515-nxos-nxapi-xss Revision History o +----------+---------------------------+----------+--------+--------------+ | Version | Description | Section | Status | Date | +----------+---------------------------+----------+--------+--------------+ | 1.0 | Initial public release. | - | Final | 2019-May-15 | +----------+---------------------------+----------+--------+--------------+ - ------------------------------------------------------------------------------- Cisco NX-OS Software Patch Signature Verification Bypass Vulnerability Priority: Medium Advisory ID: cisco-sa-20190515-nxos-psvb First Published: 2019 May 15 16:00 GMT Version 1.0: Final Workarounds: No workarounds availableCisco Bug IDs: CSCvi42264CSCvj12239 CVE-2019-1809 CWE-347 CVSS Score: 6.4 AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X Summary o A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software patch on an affected device. The vulnerability is due to improper verification of digital signatures for patch images. An attacker could exploit this vulnerability by crafting an unsigned software patch to bypass signature checks and loading it on an affected device. A successful exploit could allow the attacker to boot a malicious software patch image. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/ cisco-sa-20190515-nxos-psvb Affected Products o Vulnerable Products This vulnerability affects the following Cisco products if they are running a vulnerable release of Cisco NX-OS Software: MDS 9700 Series Multilayer Directors ^ 1 Nexus 7000 Series Switches Nexus 7700 Series Switches UCS 6200 Series Fabric Interconnects UCS 6300 Series Fabric Interconnects 1. For the MDS products, only the MDS 9700 Series Multilayer Directors are affected by this vulnerability. All other MDS 9000 Series Multilayer Switches are not vulnerable. For information about which Cisco NX-OS Software releases are vulnerable, see the Fixed Software section of this advisory. Products Confirmed Not Vulnerable Only products listed in the Vulnerable Products section of this advisory are known to be affected by this vulnerability. Cisco has confirmed that this vulnerability does not affect the following Cisco products: Firepower 2100 Series Firepower 4100 Series Firepower 9300 Security Appliances MDS 9000 Series Multilayer Switches (except MDS 9700) ^ 1 Nexus 1000V Switch for Microsoft Hyper-V Nexus 1000V Switch for VMware vSphere Nexus 3000 Series Switches Nexus 3500 Platform Switches Nexus 3600 Platform Switches Nexus 5500 Platform Switches Nexus 5600 Platform Switches Nexus 6000 Series Switches Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode Nexus 9000 Series Switches in standalone NX-OS mode Nexus 9500 R-Series Switching Platform UCS 6400 Series Fabric Interconnects 1. For the MDS products, only the MDS 9700 Series Multilayer Directors are affected by this vulnerability. All other MDS 9000 Series Multilayer Switches are not vulnerable. Workarounds o There are no workarounds that address this vulnerability. Fixed Software o Cisco has released free software updates that address the vulnerability described in this advisory. Customers may only install and expect support for software versions and feature sets for which they have purchased a license. By installing, downloading, accessing, or otherwise using such software upgrades, customers agree to follow the terms of the Cisco software license: https://www.cisco.com/c/en/us/products/ end-user-license-agreement.html Additionally, customers may only download software for which they have a valid license, procured from Cisco directly, or through a Cisco authorized reseller or partner. In most cases this will be a maintenance upgrade to software that was previously purchased. Free security software updates do not entitle customers to a new software license, additional software feature sets, or major revision upgrades. When considering software upgrades, customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories and Alerts page , to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Customers Without Service Contracts Customers who purchase directly from Cisco but do not hold a Cisco service contract and customers who make purchases through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c /en/us/support/web/tsd-cisco-worldwide-contacts.html Customers should have the product serial number available and be prepared to provide the URL of this advisory as evidence of entitlement to a free upgrade. Fixed Releases No upgrade action is necessary for customers who have already applied a recommended release to address the March 2019 Cisco FXOS and NX-OS Software bundle. See Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication for a list of advisories in the bundle. Customers who have not applied a recommended release to address the March 2019 bundle are advised to upgrade to an appropriate release as indicated in the applicable table in this section. In the following tables, the left column lists Cisco NX-OS Software releases. The right column indicates the first release that includes the fix for this vulnerability. MDS 9700 Series Multilayer Directors: CSCvi42264 Cisco NX-OS Software First Fixed Release for This Release Vulnerability 5.2 Not vulnerable 6.2 Not vulnerable 7.3 8.1(1a) 8.1 8.1(1a) 8.2 8.3(1) 8.3 Not vulnerable Nexus 7000 and 7700 Series Switches: CSCvi42264 Cisco NX-OS Software First Fixed Release for This Release Vulnerability Prior to 6.2 Not vulnerable 6.2 Not vulnerable 7.2 7.3(3)D1(1) 7.3 7.3(3)D1(1) 8.0 8.2(3) 8.1 8.2(3) 8.2 8.2(3) 8.3 Not vulnerable UCS 6200 and 6300 Fabric Interconnects: CSCvj12239 Cisco NX-OS Software First Fixed Release for This Release Vulnerability Prior to 3.1 Not vulnerable 3.1 3.2(3k) 3.2 3.2(3k) 4.0 Not vulnerable Additional Resources For help determining the best Cisco NX-OS Software release for a Cisco Nexus Switch, administrators can refer to the following Recommended Releases documents. If a security advisory recommends a later release, Cisco recommends following the advisory guidance. Cisco MDS Series Switches Cisco Nexus 1000V for VMware Switch Cisco Nexus 3000 Series and 3500 Series Switches Cisco Nexus 5000 Series Switches Cisco Nexus 5500 Platform Switches Cisco Nexus 6000 Series Switches Cisco Nexus 7000 Series Switches Cisco Nexus 9000 Series Switches Cisco Nexus 9000 Series ACI-Mode Switches For help determining the best Cisco NX-OS Software release for Cisco UCS, refer to the Recommended Releases documents in the release notes for the device. Exploitation and Public Announcements o The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. Source o This vulnerability was found during internal security testing. Cisco Security Vulnerability Policy o To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy . This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco. URL o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/ cisco-sa-20190515-nxos-psvb Revision History o +----------+---------------------------+----------+--------+--------------+ | Version | Description | Section | Status | Date | +----------+---------------------------+----------+--------+--------------+ | 1.0 | Initial public release. | - | Final | 2019-May-15 | +----------+---------------------------+----------+--------+--------------+ - ------------------------------------------------------------------------------- Cisco NX-OS Software Python Parser Privilege Escalation Vulnerability Priority: Medium Advisory ID: cisco-sa-20190515-nxos-pyth-escal First Published: 2019 May 15 16:00 GMT Version 1.0: Final Workarounds: No workarounds availableCisco Bug IDs: CSCvh24788CSCvi99282CSCvi99284CSCvi99288 CVE-2019-1727 CWE-264 CVSS Score: 4.2 AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:X/RL:X/RC:X Summary o A vulnerability in the Python scripting subsystem of Cisco NX-OS Software could allow an authenticated, local attacker to escape the Python parser and issue arbitrary commands to elevate the attacker's privilege level. The vulnerability is due to insufficient sanitization of user-supplied parameters that are passed to certain Python functions in the scripting sandbox of the affected device. An attacker could exploit this vulnerability to escape the scripting sandbox and execute arbitrary commands to elevate the attacker's privilege level. To exploit this vulnerability, the attacker must have local access and be authenticated to the targeted device with administrative or Python execution privileges. These requirements could limit the possibility of a successful exploit. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/ cisco-sa-20190515-nxos-pyth-escal Affected Products o Vulnerable Products This vulnerability affects the following Cisco products if they are running a vulnerable release of Cisco NX-OS Software: MDS 9000 Series Multilayer Switches Nexus 3000 Series Switches Nexus 3500 Platform Switches Nexus 3600 Platform Switches Nexus 5500 Platform Switches Nexus 5600 Platform Switches Nexus 6000 Series Switches Nexus 7000 Series Switches Nexus 7700 Series Switches Nexus 9000 Series Switches in standalone NX-OS mode Nexus 9500 R-Series Switching Platform For information about which Cisco NX-OS Software releases are vulnerable, see the Fixed Software section of this advisory. Products Confirmed Not Vulnerable Only products listed in the Vulnerable Products section of this advisory are known to be affected by this vulnerability. Cisco has confirmed that this vulnerability does not affect the following Cisco products: Firepower 2100 Series Firepower 4100 Series Firepower 9300 Security Appliances Nexus 1000V Switch for Microsoft Hyper-V Nexus 1000V Switch for VMware vSphere Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode UCS 6200 Series Fabric Interconnects UCS 6300 Series Fabric Interconnects UCS 6400 Series Fabric Interconnects Workarounds o There are no workarounds that address this vulnerability. However, an administrator can reduce exposure to this vulnerability by ensuring that only highly trusted users are allowed to access the Python sandbox. Fixed Software o Cisco has released free software updates that address the vulnerabilities described in this advisory. Customers may only install and expect support for software versions and feature sets for which they have purchased a license. By installing, downloading, accessing, or otherwise using such software upgrades, customers agree to follow the terms of the Cisco software license: https://www.cisco.com/c/en/us/products/ end-user-license-agreement.html Additionally, customers may only download software for which they have a valid license, procured from Cisco directly, or through a Cisco authorized reseller or partner. In most cases this will be a maintenance upgrade to software that was previously purchased. Free security software updates do not entitle customers to a new software license, additional software feature sets, or major revision upgrades. When considering software upgrades, customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories and Alerts page , to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Customers Without Service Contracts Customers who purchase directly from Cisco but do not hold a Cisco service contract and customers who make purchases through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c /en/us/support/web/tsd-cisco-worldwide-contacts.html Customers should have the product serial number available and be prepared to provide the URL of this advisory as evidence of entitlement to a free upgrade. Fixed Releases No upgrade action is necessary for customers who have already applied a recommended release to address the March 2019 Cisco FXOS and NX-OS Software bundle. See Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication for a list of advisories in the bundle. Customers who have not applied a recommended release to address the March 2019 bundle are advised to upgrade to an appropriate release as indicated in the applicable table in this section. In the following tables, the left column lists Cisco NX-OS Software releases. The right column indicates the first release that includes the fix for this vulnerability. MDS 9000 Series Multilayer Switches: CSCvi99284 Cisco NX-OS Software Release First Fixed Release for This Vulnerability 5.2 8.1(1b) 6.2 8.1(1b) 7.3 8.1(1b) 8.1 8.1(1b) 8.2 8.3(1) 8.3 8.3(1) Nexus 3000 Series Switches, Nexus 3500 Platform Switches , and Nexus 9000 Series Switches in Standalone NX-OS Mode: CSCvh24788 Cisco NX-OS Software Release First Fixed Release for This Vulnerability Prior to 7.0(3)I4 7.0(3)I4(8) 7.0(3)I4 7.0(3)I4(8) 7.0(3)I5 7.0(3)I7(3) 7.0(3)I6 7.0(3)I7(3) 7.0(3)I7 7.0(3)I7(3) 9.2(1) Not vulnerable Nexus 3600 Platform Switches and Nexus 9500 R-Series Switching Platform : CSCvi99282 Cisco NX-OS Software Release First Fixed Release for This Vulnerability 7.0(3) 7.0(3)F3(5) 9.2 Not vulnerable Nexus 5500, 5600, and 6000 Series Switches: CSCvi99288 Cisco NX-OS Software Release First Fixed Release for This Vulnerability Prior to 7.3 7.3(4)N1(1) 7.3 7.3(4)N1(1) Nexus 7000 and 7700 Series Switches: CSCvi99284 Cisco NX-OS Software Release First Fixed Release for This Vulnerability Prior to 6.2 Not vulnerable 6.2 7.3(3)D1(1) 7.2 7.3(3)D1(1) 7.3 7.3(3)D1(1) 8.0 8.3(1) 8.1 8.3(1) 8.2 8.3(1) 8.3 8.3(1) Additional Resources For help determining the best Cisco NX-OS Software release for a Cisco Nexus Switch, administrators can refer to the following Recommended Releases documents. If a security advisory recommends a later release, Cisco recommends following the advisory guidance. Cisco MDS Series Switches Cisco Nexus 1000V for VMware Switch Cisco Nexus 3000 Series and 3500 Series Switches Cisco Nexus 5000 Series Switches Cisco Nexus 5500 Platform Switches Cisco Nexus 6000 Series Switches Cisco Nexus 7000 Series Switches Cisco Nexus 9000 Series Switches Cisco Nexus 9000 Series ACI-Mode Switches For help determining the best Cisco NX-OS Software release for Cisco UCS, refer to the Recommended Releases documents in the release notes for the device. Exploitation and Public Announcements o The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. Source o This vulnerability was found during internal security testing. Cisco Security Vulnerability Policy o To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy . This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco. URL o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/ cisco-sa-20190515-nxos-pyth-escal Revision History o +----------+---------------------------+----------+--------+--------------+ | Version | Description | Section | Status | Date | +----------+---------------------------+----------+--------+--------------+ | 1.0 | Initial public release. | - | Final | 2019-May-15 | +----------+---------------------------+----------+--------+--------------+ - ------------------------------------------------------------------------------- Cisco NX-OS Software Remote Package Manager Command Injection Vulnerability Priority: Medium Advisory ID: cisco-sa-20190515-nxos-rpm-injec First Published: 2019 May 15 16:00 GMT Version 1.0: Final Workarounds: No workarounds availableCisco Bug IDs: CSCvi01453CSCvj00550 CVE-2019-1732 CWE-78 CVSS Score: 6.4 AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X Summary o A vulnerability in the Remote Package Manager (RPM) subsystem of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to leverage a time-of-check, time-of-use (TOCTOU) race condition to corrupt local variables, which could lead to arbitrary command injection. The vulnerability is due to the lack of a proper locking mechanism on critical variables that need to stay static until used. An attacker could exploit this vulnerability by authenticating to an affected device and issuing a set of RPM-related CLI commands. A successful exploit could allow the attacker to perform arbitrary command injection. The attacker would need administrator credentials for the targeted device. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/ cisco-sa-20190515-nxos-rpm-injec Affected Products o Vulnerable Products This vulnerability affects the following Cisco products if they are running a vulnerable release of Cisco NX-OS Software: Nexus 3000 Series Switches Nexus 3500 Platform Switches Nexus 3600 Platform Switches Nexus 9000 Series Switches in standalone NX-OS mode Nexus 9500 R-Series Switching Platform For information about which Cisco NX-OS Software releases are vulnerable, see the Fixed Software section of this advisory. Products Confirmed Not Vulnerable Only products listed in the Vulnerable Products section of this advisory are known to be affected by this vulnerability. Cisco has confirmed that this vulnerability does not affect the following Cisco products: Firepower 2100 Series Firepower 4100 Series Firepower 9300 Security Appliances MDS 9000 Series Multilayer Switches Nexus 1000V Switch for Microsoft Hyper-V Nexus 1000V Switch for VMware vSphere Nexus 5500 Platform Switches Nexus 5600 Platform Switches Nexus 6000 Series Switches Nexus 7000 Series Switches Nexus 7700 Series Switches Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode UCS 6200 Series Fabric Interconnects UCS 6300 Series Fabric Interconnects UCS 6400 Series Fabric Interconnects Workarounds o There are no workarounds that address this vulnerability. Fixed Software o Cisco has released free software updates that address the vulnerability described in this advisory. Customers may only install and expect support for software versions and feature sets for which they have purchased a license. By installing, downloading, accessing, or otherwise using such software upgrades, customers agree to follow the terms of the Cisco software license: https://www.cisco.com/c/en/us/products/ end-user-license-agreement.html Additionally, customers may only download software for which they have a valid license, procured from Cisco directly, or through a Cisco authorized reseller or partner. In most cases this will be a maintenance upgrade to software that was previously purchased. Free security software updates do not entitle customers to a new software license, additional software feature sets, or major revision upgrades. When considering software upgrades, customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories and Alerts page , to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Customers Without Service Contracts Customers who purchase directly from Cisco but do not hold a Cisco service contract and customers who make purchases through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c /en/us/support/web/tsd-cisco-worldwide-contacts.html Customers should have the product serial number available and be prepared to provide the URL of this advisory as evidence of entitlement to a free upgrade. Fixed Releases No upgrade action is necessary for customers who have already applied a recommended release to address the March 2019 Cisco FXOS and NX-OS Software bundle. See Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication for a list of advisories in the bundle. Customers who have not applied a recommended release to address the March 2019 bundle are advised to upgrade to an appropriate release as indicated in the applicable table in this section. In the following tables, the left column lists Cisco NX-OS Software releases. The right column indicates the first release that includes the fix for this vulnerability. Nexus 3000 Series Switches, Nexus 3500 Platform Switches, and Nexus 9000 Series Switches in Standalone NX-OS Mode: CSCvi01453 Cisco NX-OS Software Release First Fixed Release for This Vulnerability Prior to 7.0(3)I4 7.0(3)I4(9) 7.0(3)I4 7.0(3)I4(9) 7.0(3)I7 7.0(3)I7(4) 9.2(1) Not vulnerable Nexus 3600 Platform Switches and Nexus 9500 R-Series Switching Platform: CSCvj00550 Cisco NX-OS Software Release First Fixed Release for This Vulnerability 7.0(3) 7.0(3)F3(5) 9.2 Not vulnerable Additional Resources For help determining the best Cisco NX-OS Software release for a Cisco Nexus Switch, administrators can refer to the following Recommended Releases documents. If a security advisory recommends a later release, Cisco recommends following the advisory guidance. Cisco MDS Series Switches Cisco Nexus 1000V for VMware Switch Cisco Nexus 3000 Series and 3500 Series Switches Cisco Nexus 5000 Series Switches Cisco Nexus 5500 Platform Switches Cisco Nexus 6000 Series Switches Cisco Nexus 7000 Series Switches Cisco Nexus 9000 Series Switches Cisco Nexus 9000 Series ACI-Mode Switches For help determining the best Cisco NX-OS Software release for Cisco UCS, refer to the Recommended Releases documents in the release notes for the device. Exploitation and Public Announcements o The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. Source o This vulnerability was found during internal security testing. Cisco Security Vulnerability Policy o To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy . This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco. URL o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/ cisco-sa-20190515-nxos-rpm-injec Revision History o +----------+---------------------------+----------+--------+--------------+ | Version | Description | Section | Status | Date | +----------+---------------------------+----------+--------+--------------+ | 1.0 | Initial public release. | - | Final | 2019-May-15 | +----------+---------------------------+----------+--------+--------------+ - ------------------------------------------------------------------------------- Cisco NX-OS Software SSH Key Information Disclosure Vulnerability Priority: Medium Advisory ID: cisco-sa-20190515-nxos-ssh-info First Published: 2019 May 15 16:00 GMT Last Updated: 2019 May 16 15:49 GMT Version 1.1: Final Workarounds: No workarounds available Cisco Bug IDs: CSCvh76123CSCvj01385CSCvj01386CSCvj01393 CVE-2019-1731 CWE-200 CVSS Score: 5.1 AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N/E:X/RL:X/RC:X Summary o A vulnerability in the SSH CLI key management functionality of Cisco NX-OS Software could allow an authenticated, local attacker to expose a user's private SSH key to all authenticated users on the targeted device. The attacker must authenticate with valid administrator device credentials. The vulnerability is due to incomplete error handling if a specific error type occurs during the SSH key export. An attacker could exploit this vulnerability by authenticating to the device and entering a crafted command at the CLI. A successful exploit could allow the attacker to expose a user's private SSH key. In addition, a similar type of error in the SSH key import could cause the passphrase-protected private SSH key to be imported unintentionally. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/ cisco-sa-20190515-nxos-ssh-info Affected Products o Vulnerable Products This vulnerability affects the following Cisco products if they are running a vulnerable release of Cisco NX-OS Software: Nexus 3000 Series Switches Nexus 3500 Platform Switches Nexus 3600 Platform Switches Nexus 5500 Platform Switches Nexus 5600 Platform Switches Nexus 6000 Series Switches Nexus 9000 Series Switches in standalone NX-OS mode Nexus 9500 R-Series Switching Platform For information about which Cisco NX-OS Software releases are vulnerable, see the Fixed Software section of this advisory. Products Confirmed Not Vulnerable Only products listed in the Vulnerable Products section of this advisory are known to be affected by this vulnerability. Cisco has confirmed that this vulnerability does not affect the following Cisco products: Firepower 2100 Series Firepower 4100 Series Firepower 9300 Security Appliances MDS 9000 Series Multilayer Switches Nexus 1000V Switch for Microsoft Hyper-V Nexus 1000V Switch for VMware vSphere Nexus 7000 Series Switches Nexus 7700 Series Switches Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode UCS 6200 Series Fabric Interconnects UCS 6300 Series Fabric Interconnects UCS 6400 Series Fabric Interconnects Workarounds o There are no workarounds that address this vulnerability. Fixed Software o Cisco has released free software updates that address the vulnerabilities described in this advisory. Customers may only install and expect support for software versions and feature sets for which they have purchased a license. By installing, downloading, accessing, or otherwise using such software upgrades, customers agree to follow the terms of the Cisco software license: https://www.cisco.com/c/en/us/products/ end-user-license-agreement.html Additionally, customers may only download software for which they have a valid license, procured from Cisco directly, or through a Cisco authorized reseller or partner. In most cases this will be a maintenance upgrade to software that was previously purchased. Free security software updates do not entitle customers to a new software license, additional software feature sets, or major revision upgrades. When considering software upgrades, customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories and Alerts page , to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Customers Without Service Contracts Customers who purchase directly from Cisco but do not hold a Cisco service contract and customers who make purchases through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c /en/us/support/web/tsd-cisco-worldwide-contacts.html Customers should have the product serial number available and be prepared to provide the URL of this advisory as evidence of entitlement to a free upgrade. Fixed Releases No upgrade action is necessary for customers who have already applied a recommended release to address the March 2019 Cisco FXOS and NX-OS Software bundle. See Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication for a list of advisories in the bundle. Customers who have not applied a recommended release to address the March 2019 bundle are advised to upgrade to an appropriate release as indicated in the applicable table in this section. In the following tables, the left column lists Cisco NX-OS Software releases. The right column indicates the first release that includes the fix for this vulnerability. Nexus 3000 Series Switches and Nexus 9000 Series Switches in Standalone NX-OS Mode: CSCvh76123 Cisco NX-OS Software Release First Fixed Release for This Vulnerability Prior to 7.0(3)I4 7.0(3)I4(9) 7.0(3)I4 7.0(3)I4(9) 7.0(3)I7 7.0(3)I7(4) 9.2(1) Not vulnerable Nexus 3500 Platform Switches: CSCvj01385 Cisco NX-OS Software Release First Fixed Release for This Vulnerability Prior to 6.0(2)A8 6.0(2)A8(10) 6.0(2)A8 6.0(2)A8(10) 7.0(3)I4 7.0(3)I4(9) 7.0(3)I7 7.0(3)I7(4) 9.2 Not vulnerable Nexus 3600 Platform Switches and Nexus 9500 R-Series Switching Platform: CSCvj01393 Cisco NX-OS Software Release First Fixed Release for This Vulnerability 7.0(3) 7.0(3)F3(5) 9.2 Not vulnerable Nexus 5500, 5600, and 6000 Series Switches: CSCvj01386 Cisco NX-OS Software Release First Fixed Release for This Vulnerability Prior to 7.3 7.3(4)N1(1) 7.3 7.3(4)N1(1) Additional Resources For help determining the best Cisco NX-OS Software release for a Cisco Nexus Switch, administrators can refer to the following Recommended Releases documents. If a security advisory recommends a later release, Cisco recommends following the advisory guidance. Cisco MDS Series Switches Cisco Nexus 1000V for VMware Switch Cisco Nexus 3000 Series and 3500 Series Switches Cisco Nexus 5000 Series Switches Cisco Nexus 5500 Platform Switches Cisco Nexus 6000 Series Switches Cisco Nexus 7000 Series Switches Cisco Nexus 9000 Series Switches Cisco Nexus 9000 Series ACI-Mode Switches For help determining the best Cisco NX-OS Software release for Cisco UCS, refer to the Recommended Releases documents in the release notes for the device. Exploitation and Public Announcements o The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. Source o This vulnerability was found during internal security testing. Cisco Security Vulnerability Policy o To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy . This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco. URL o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/ cisco-sa-20190515-nxos-ssh-info Revision History o +---------+-----------------------------+----------+--------+-------------+ | Version | Description | Section | Status | Date | +---------+-----------------------------+----------+--------+-------------+ | | Fixed an error in the Fixed | | | | | 1.1 | Release table for the Nexus | Fixed | Final | 2019-May-16 | | | 3000 Series Switches and | Software | | | | | Nexus 9000 Series Switches. | | | | +---------+-----------------------------+----------+--------+-------------+ | 1.0 | Initial public release. | - | Final | 2019-May-15 | +---------+-----------------------------+----------+--------+-------------+ - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBXS/9uGaOgq3Tt24GAQgqkg//a/0mZBtxs7szI40wFRu2BbWk7OkZ+/sz B6HPNTV/ntegYXsiGxAPT1ZEsit1V1WcEW9x/9suDuKbyMnQYasSFJuc14HOppDg 7bAjdiZH66GrkAc7uQRkDOFUYmFd4aTyGpnXSMd7HWzP2XoDj4DzHIbim/CUjPID nmYWj4PbRquReL90K/FzH9VRQ7hj147pQHeImjZqqLKYmPLsrKlbrS1SR/aRvRBM JMRuV294zEBr4qBdRW54r1llFjLH9e0yYPfWDx1m+UAC87QGs+VL3LRnJNncHnpV HcpxvtklfSseG0t4KmYYpI9vjn6N3qacwHIx31CpNkrgnZzPgb7oZLYZnuVVE1Ua k9rwwL3en8ImWfM4W7h+bktC2uKbeR7of8zp01R57jX8056DKmwjYLPwq3NFyXGO y/m/S6EBmlm8gE+H/HQOSedDPxkR8yu0RCJMN9Ze4lC7PDd8JTl2b+bKxnt+fblM 7/Vg6DUshwzL6PgpANP4rc77leV2ajIKpxtYmlbJkl9EIVQ8HNMTuBnxiIey0FKj T1kmsXd3EvPtnedUgZiinOkaBN/Eq5GYf8oVz8rwJ5ODwHsHh94F2CWsV5oGHojb 3eLo97ss7gpm9q+iTFW+aMqH8HeV014fG70kAninFAQufX2EKaCifizm8GpXEz64 s9CTlPaNCT8= =oDcF -----END PGP SIGNATURE-----