CVE-2019-1809

Published May 15, 2019

Last updated 2 years ago

CVSS medium 6.7

Overview

Description: A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software patch on an affected device. The vulnerability is due to improper verification of digital signatures for patch images. An attacker could exploit this vulnerability by crafting an unsigned software patch to bypass signature checks and loading it on an affected device. A successful exploit could allow the attacker to boot a malicious software patch image.
Source: ykramarz@cisco.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 6.7
Impact score: 5.9
Exploitability score: 0.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Severity: MEDIUM

CVSS 3.0

Type: Secondary
Base score: 6.4
Impact score: 5.9
Exploitability score: 0.5
Vector string: CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Severity: MEDIUM

CVSS 2.0

Type: Primary
Base score: 4.6
Impact score: 6.4
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-347
ykramarz@cisco.com: CWE-347

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B38D0244-062F-45FC-AE05-BDC398E7242C",
            "versionEndExcluding": "8.1\\(1a\\)",
            "versionStartIncluding": "7.3"
          },
          {
            "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F4863FC5-6578-48DE-838D-E5D2EEFF27B1",
            "versionEndExcluding": "8.3\\(1\\)",
            "versionStartIncluding": "8.2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:mds_9706:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5182CB50-4D32-4835-B1A8-817D989F919F"
          },
          {
            "criteria": "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "36B3B617-7554-4C36-9B41-19AA3BD2F6E9"
          },
          {
            "criteria": "cpe:2.3:h:cisco:mds_9718:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B88879A9-A7F5-41E0-8A38-0E09E3FD27F4"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3411F8C2-D65A-46CF-9563-0A9866462491",
            "versionEndExcluding": "7.3\\(3\\)d1\\(1\\)",
            "versionStartIncluding": "7.2"
          },
          {
            "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B8882184-A5B1-4F67-B942-FDEE2FFD43F4",
            "versionEndExcluding": "8.2\\(3\\)",
            "versionStartIncluding": "8.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:7000_10-slot:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "489A59F2-D44D-44ED-844C-E0EF83A23C4F"
          },
          {
            "criteria": "cpe:2.3:h:cisco:7000_18-slot:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "79689D81-D8F0-4FB1-9B8F-62407474A042"
          },
          {
            "criteria": "cpe:2.3:h:cisco:7000_4-slot:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BBA5F539-E8AC-44B5-9E9C-2E35F6CAA22E"
          },
          {
            "criteria": "cpe:2.3:h:cisco:7000_9-slot:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D01E7A7E-7111-4C89-8EBD-080B0A3E069C"
          },
          {
            "criteria": "cpe:2.3:h:cisco:7700_10-slot:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "ADCDCAC9-30F2-4EE3-9D02-5AA8BA6A1E99"
          },
          {
            "criteria": "cpe:2.3:h:cisco:7700_18-slot:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "610E21F4-8188-4B5E-A80F-CFE0F2B9D8A6"
          },
          {
            "criteria": "cpe:2.3:h:cisco:7700_2-slot:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "83003054-E458-4405-BA7F-A5EA415D296A"
          },
          {
            "criteria": "cpe:2.3:h:cisco:7700_6-slot:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C7610AAC-D1FE-44A8-9925-31F1CCA8AFEF"
          },
          {
            "criteria": "cpe:2.3:h:cisco:n77-f312ck-26:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F58B1C42-9150-48C9-9203-A2466FC61261"
          },
          {
            "criteria": "cpe:2.3:h:cisco:n77-f324fq-25:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0AD5DA69-09D9-436A-8FC1-A46626DE2789"
          },
          {
            "criteria": "cpe:2.3:h:cisco:n77-f348xp-23:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E0A9CD4D-4659-402D-BDF8-E5EF86449641"
          },
          {
            "criteria": "cpe:2.3:h:cisco:n77-f430cq-36:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5C9DC24E-6B6E-496C-8D8C-09B197B0A77E"
          },
          {
            "criteria": "cpe:2.3:h:cisco:n77-m312cq-26l:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9AFA9BC1-3386-4AAE-A1B6-D81761D3EA9B"
          },
          {
            "criteria": "cpe:2.3:h:cisco:n77-m324fq-25l:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9D753638-4BE8-4BF5-A083-F8360003869D"
          },
          {
            "criteria": "cpe:2.3:h:cisco:n77-m348xp-23l:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "8E6AC35C-29B2-42C7-862D-D9AC3461D8D6"
          },
          {
            "criteria": "cpe:2.3:h:cisco:n7k-f248xp-25e:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C4FD83D1-8ECB-4DB8-A6E0-2F795F83B4CF"
          },
          {
            "criteria": "cpe:2.3:h:cisco:n7k-f306ck-25:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9B875911-E742-427B-AE07-C8A5955DEA62"
          },
          {
            "criteria": "cpe:2.3:h:cisco:n7k-f312fq-25:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "CD0C6431-8EB1-4F69-AF28-8F5C55348AF5"
          },
          {
            "criteria": "cpe:2.3:h:cisco:n7k-m202cf-22l:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "AFCA5EC7-9F36-4473-B0DF-4F0F9C680F10"
          },
          {
            "criteria": "cpe:2.3:h:cisco:n7k-m206fq-23l:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5D0E31D5-9F1D-46EC-824F-352A0098944B"
          },
          {
            "criteria": "cpe:2.3:h:cisco:n7k-m224xp-23l:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E8AD0767-C42B-4BAC-B90C-F4412B661D7A"
          },
          {
            "criteria": "cpe:2.3:h:cisco:n7k-m324fq-25l:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B6BF05BA-E0CC-45D6-963F-27F0BD7B3C4F"
          },
          {
            "criteria": "cpe:2.3:h:cisco:n7k-m348xp-25l:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D409BDF3-9F35-4D94-9DF0-7B58A519A005"
          },
          {
            "criteria": "cpe:2.3:h:cisco:nexus_7000_supervisor_1:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "993AFE99-DFC3-4D92-90C8-D3A6495547BC"
          },
          {
            "criteria": "cpe:2.3:h:cisco:nexus_7000_supervisor_2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7453E0FA-B05D-4888-AFB0-8FE8B8040DFC"
          },
          {
            "criteria": "cpe:2.3:h:cisco:nexus_7000_supervisor_2e:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "108DB6B5-CB29-477F-84FC-52116F295878"
          },
          {
            "criteria": "cpe:2.3:h:cisco:nexus_7700_supervisor_2e:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4FBB9435-1CD4-469E-BF16-AD98ADC99AAB"
          },
          {
            "criteria": "cpe:2.3:h:cisco:nexus_7700_supervisor_3e:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "42ABB93D-2C3A-4029-B545-B638B6C7788E"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "631B6866-7CEC-48F8-AC5A-2CBE4DBFF9A7",
            "versionEndExcluding": "3.2\\(3k\\)",
            "versionStartIncluding": "3.1"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "49112D3F-DFAD-4E71-992B-9E0640FA388C"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B82093C6-B36D-4E4E-AD7F-8C107646B8D9"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E406DDCE-6753-43E9-B6F0-7A038DE84E41"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ucs_6332-16up:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "054D8EB2-97A3-4725-9DFF-27A4D231D90A"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References