CVE-2019-1811
Published May 15, 2019
Last updated 2 years ago
Overview
- Description
- A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability exists because software digital signatures are not properly verified during CLI command execution. An attacker could exploit this vulnerability to install an unsigned software image on an affected device.
- Source
- ykramarz@cisco.com
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 6.7
- Impact score
- 5.9
- Exploitability score
- 0.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
- Severity
- MEDIUM
CVSS 3.0
- Type
- Secondary
- Base score
- 6.7
- Impact score
- 5.9
- Exploitability score
- 0.8
- Vector string
- CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 7.2
- Impact score
- 10
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:C/I:C/A:C
Configurations
[ { "nodes": [ { "negate": false, "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5EBDB710-2B63-4219-8B3D-A930008C0122", "versionEndExcluding": "7.0\\(3\\)i7\\(5\\)", "versionStartIncluding": "6.0\\(2\\)" }, { "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F38F5064-F7E2-4B6F-BB50-32DBC205E164", "versionEndExcluding": "9.2\\(2\\)", "versionStartIncluding": "9.2" } ], "operator": "OR" }, { "negate": false, "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D" }, { "criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2" }, { "criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B" }, { "criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3" }, { "criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4" }, { "criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336" }, { "criteria": "cpe:2.3:h:cisco:nexus_3132q-x\\/3132q-xl:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E142C18F-9FB5-4D96-866A-141D7D16CAF7" }, { "criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384" }, { "criteria": "cpe:2.3:h:cisco:nexus_3172pq\\/pq-xl:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8EFC116A-627F-4E05-B631-651D161217C8" }, { "criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB" }, { "criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33" }, { "criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937" }, { "criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137" }, { "criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2" }, { "criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201" }, { "criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0" }, { "criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D" }, { "criteria": "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E505C0B1-2119-4C6A-BF96-C282C633D169" }, { "criteria": "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "915EF8F6-6039-4DD0-B875-30D911752B74" }, { "criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233" }, { "criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612" } ], "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "negate": false, "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "96BFEE5D-EF9F-4C21-BC51-FBA71029A6A7", "versionEndExcluding": "7.0\\(3\\)f3\\(5\\)", "versionStartIncluding": "7.0\\(3\\)" }, { "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F38F5064-F7E2-4B6F-BB50-32DBC205E164", "versionEndExcluding": "9.2\\(2\\)", "versionStartIncluding": "9.2" } ], "operator": "OR" }, { "negate": false, "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:n9k-c9504-fm-r:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "91595E9E-BF7A-4438-9D25-05AB29DD16ED" }, { "criteria": "cpe:2.3:h:cisco:n9k-c9508-fm-r:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4818B000-7022-445A-8B0F-6B2E937AAEA3" }, { "criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233" }, { "criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612" } ], "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "negate": false, "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "13870733-AF0E-4453-AA0D-4A624F5AF2DD", "versionEndExcluding": "7.0\\(3\\)i7\\(5\\)" }, { "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F38F5064-F7E2-4B6F-BB50-32DBC205E164", "versionEndExcluding": "9.2\\(2\\)", "versionStartIncluding": "9.2" } ], "operator": "OR" }, { "negate": false, "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:9432pq:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5E88418C-0BC4-4D90-A14D-0B89F8399AA5" }, { "criteria": "cpe:2.3:h:cisco:9536pq:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4AB93AD1-B5DD-4A69-B1A3-3F163BD2D8BA" }, { "criteria": "cpe:2.3:h:cisco:9636pq:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "19F88FB2-1A75-4166-A4F5-039D67EAA1D9" }, { "criteria": "cpe:2.3:h:cisco:9736pq:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A01B0559-5632-4658-AA3A-221DD28D963F" }, { "criteria": "cpe:2.3:h:cisco:n9k-x9432c-s:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "082A5A44-DC9A-4B48-8F28-1D0EC7F82410" }, { "criteria": "cpe:2.3:h:cisco:n9k-x9464px:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "19BCB669-5CC8-4C67-B34C-3F5ADDD4C232" }, { "criteria": "cpe:2.3:h:cisco:n9k-x9464tx2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D5E693D2-F1D5-4D22-885B-AE853221ABA9" }, { "criteria": "cpe:2.3:h:cisco:n9k-x9564px:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C63F63AD-94EC-4A6D-92AF-7FBF6275746A" }, { "criteria": "cpe:2.3:h:cisco:n9k-x9564tx:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "490EAB88-A0F3-4A88-9A81-B414CE78B34B" }, { "criteria": "cpe:2.3:h:cisco:n9k-x9636c-r:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7A9CE53D-E8B7-46CD-9B8B-C746A2524BA8" }, { "criteria": "cpe:2.3:h:cisco:n9k-x9636c-rx:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C6782DA1-5568-410D-86E6-2C2B909693DD" }, { "criteria": "cpe:2.3:h:cisco:n9k-x97160yc-ex:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "04A26215-DEB3-4337-AFE0-5E23C760060D" }, { "criteria": "cpe:2.3:h:cisco:n9k-x9732c-ex:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6B8F7177-147E-47C0-ADFB-4CD0768D52CD" }, { "criteria": "cpe:2.3:h:cisco:n9k-x9732c-fx:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "06A72F9F-773A-463D-8BEB-6B316DF21CFD" }, { "criteria": "cpe:2.3:h:cisco:n9k-x9736c-ex:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8FC94E7D-84AF-4D2A-85A7-264CED2D107B" }, { "criteria": "cpe:2.3:h:cisco:n9k-x9736c-fx:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BC0082AD-1EFB-4AFE-9974-EAAB926553F3" }, { "criteria": "cpe:2.3:h:cisco:n9k-x9788tc-fx:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4BFAAE41-AD17-4F69-9029-8DD90D824E6F" }, { "criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811" }, { "criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210" }, { "criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871" }, { "criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901" }, { "criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3" }, { "criteria": "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "102F91CD-DFB6-43D4-AE5B-DA157A696230" }, { "criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650" }, { "criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873" }, { "criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9" }, { "criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26" }, { "criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5" }, { "criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB" }, { "criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0" }, { "criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730" }, { "criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9" }, { "criteria": "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2CF467E2-4567-426E-8F48-39669E0F514C" }, { "criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3" }, { "criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "31B9D1E4-10B9-4B6F-B848-D93ABF6486D6" }, { "criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_a\\+:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CB270C45-756E-400A-979F-D07D750C881A" }, { "criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_b:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4E8A085C-2DBA-4269-AB01-B16019FBB4DA" }, { "criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_b\\+:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A79DD582-AF68-44F1-B640-766B46EF2BE2" }, { "criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1" }, { "criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6" }, { "criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A" }, { "criteria": "cpe:2.3:h:cisco:x9636q-r:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "90F30A43-9E4F-4A03-8060-A38B0925DBD2" } ], "operator": "OR" } ], "operator": "AND" } ]