Show plain JSON{"id": "CVE-2019-1812", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Secondary", "source": "ykramarz@cisco.com", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 6.7, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 0.8}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.7, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 0.8}]}, "published": "2019-05-15T23:29:01.277", "references": [{"url": "http://www.securityfocus.com/bid/108425", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "source": "ykramarz@cisco.com"}, {"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-sisv2", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}, {"url": "http://www.securityfocus.com/bid/108425", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-sisv2", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "ykramarz@cisco.com", "description": [{"lang": "en", "value": "CWE-347"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-347"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability exists because software digital signatures are not properly verified during CLI command execution. An attacker could exploit this vulnerability to install an unsigned software image on an affected device."}, {"lang": "es", "value": "Una vulnerabilidad en la funci\u00f3n Image Signature Verification del software Cisco NX-OS podr\u00eda permitir que un atacante local autenticado con credenciales de administrador para instalar una imagen de software malintencionado en un dispositivo afectado. La vulnerabilidad se debe a que las firmas digitales del software no se verifican correctamente durante la ejecuci\u00f3n del comando CLI. Un atacante podr\u00eda aprovechar esta vulnerabilidad para instalar una imagen de software sin firmar en un dispositivo afectado."}], "lastModified": "2024-11-21T04:37:26.070", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5EBDB710-2B63-4219-8B3D-A930008C0122", "versionEndExcluding": "7.0\\(3\\)i7\\(5\\)", "versionStartIncluding": "6.0\\(2\\)"}, {"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F38F5064-F7E2-4B6F-BB50-32DBC205E164", "versionEndExcluding": "9.2\\(2\\)", "versionStartIncluding": "9.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D"}, {"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2"}, {"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B"}, {"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3"}, {"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4"}, {"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336"}, {"criteria": "cpe:2.3:h:cisco:nexus_3132q-x\\/3132q-xl:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E142C18F-9FB5-4D96-866A-141D7D16CAF7"}, {"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384"}, {"criteria": "cpe:2.3:h:cisco:nexus_3172pq\\/pq-xl:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8EFC116A-627F-4E05-B631-651D161217C8"}, {"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB"}, {"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33"}, {"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937"}, {"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137"}, {"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2"}, {"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201"}, {"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0"}, {"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D"}, {"criteria": "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E505C0B1-2119-4C6A-BF96-C282C633D169"}, {"criteria": "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "915EF8F6-6039-4DD0-B875-30D911752B74"}, {"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233"}, {"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "96BFEE5D-EF9F-4C21-BC51-FBA71029A6A7", "versionEndExcluding": "7.0\\(3\\)f3\\(5\\)", "versionStartIncluding": "7.0\\(3\\)"}, {"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F38F5064-F7E2-4B6F-BB50-32DBC205E164", "versionEndExcluding": "9.2\\(2\\)", "versionStartIncluding": "9.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:n9k-c9504-fm-r:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "91595E9E-BF7A-4438-9D25-05AB29DD16ED"}, {"criteria": "cpe:2.3:h:cisco:n9k-c9508-fm-r:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4818B000-7022-445A-8B0F-6B2E937AAEA3"}, {"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233"}, {"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "13870733-AF0E-4453-AA0D-4A624F5AF2DD", "versionEndExcluding": "7.0\\(3\\)i7\\(5\\)"}, {"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F38F5064-F7E2-4B6F-BB50-32DBC205E164", "versionEndExcluding": "9.2\\(2\\)", "versionStartIncluding": "9.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:9432pq:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5E88418C-0BC4-4D90-A14D-0B89F8399AA5"}, {"criteria": "cpe:2.3:h:cisco:9536pq:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4AB93AD1-B5DD-4A69-B1A3-3F163BD2D8BA"}, {"criteria": "cpe:2.3:h:cisco:9636pq:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "19F88FB2-1A75-4166-A4F5-039D67EAA1D9"}, {"criteria": "cpe:2.3:h:cisco:9736pq:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A01B0559-5632-4658-AA3A-221DD28D963F"}, {"criteria": "cpe:2.3:h:cisco:n9k-x9432c-s:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "082A5A44-DC9A-4B48-8F28-1D0EC7F82410"}, {"criteria": "cpe:2.3:h:cisco:n9k-x9464px:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "19BCB669-5CC8-4C67-B34C-3F5ADDD4C232"}, {"criteria": "cpe:2.3:h:cisco:n9k-x9464tx2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D5E693D2-F1D5-4D22-885B-AE853221ABA9"}, {"criteria": "cpe:2.3:h:cisco:n9k-x9564px:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C63F63AD-94EC-4A6D-92AF-7FBF6275746A"}, {"criteria": "cpe:2.3:h:cisco:n9k-x9564tx:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "490EAB88-A0F3-4A88-9A81-B414CE78B34B"}, {"criteria": "cpe:2.3:h:cisco:n9k-x9636c-r:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7A9CE53D-E8B7-46CD-9B8B-C746A2524BA8"}, {"criteria": "cpe:2.3:h:cisco:n9k-x9636c-rx:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C6782DA1-5568-410D-86E6-2C2B909693DD"}, {"criteria": "cpe:2.3:h:cisco:n9k-x97160yc-ex:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "04A26215-DEB3-4337-AFE0-5E23C760060D"}, {"criteria": "cpe:2.3:h:cisco:n9k-x9732c-ex:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6B8F7177-147E-47C0-ADFB-4CD0768D52CD"}, {"criteria": "cpe:2.3:h:cisco:n9k-x9732c-fx:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "06A72F9F-773A-463D-8BEB-6B316DF21CFD"}, {"criteria": "cpe:2.3:h:cisco:n9k-x9736c-ex:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8FC94E7D-84AF-4D2A-85A7-264CED2D107B"}, {"criteria": "cpe:2.3:h:cisco:n9k-x9736c-fx:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BC0082AD-1EFB-4AFE-9974-EAAB926553F3"}, {"criteria": "cpe:2.3:h:cisco:n9k-x9788tc-fx:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4BFAAE41-AD17-4F69-9029-8DD90D824E6F"}, {"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811"}, {"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210"}, {"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871"}, {"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901"}, {"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3"}, {"criteria": "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "102F91CD-DFB6-43D4-AE5B-DA157A696230"}, {"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650"}, {"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873"}, {"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9"}, {"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26"}, {"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5"}, {"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB"}, {"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0"}, {"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730"}, {"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9"}, {"criteria": "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2CF467E2-4567-426E-8F48-39669E0F514C"}, {"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3"}, {"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "31B9D1E4-10B9-4B6F-B848-D93ABF6486D6"}, {"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_a\\+:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CB270C45-756E-400A-979F-D07D750C881A"}, {"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_b:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4E8A085C-2DBA-4269-AB01-B16019FBB4DA"}, {"criteria": "cpe:2.3:h:cisco:nexus_9500_supervisor_b\\+:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A79DD582-AF68-44F1-B640-766B46EF2BE2"}, {"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1"}, {"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6"}, {"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A"}, {"criteria": "cpe:2.3:h:cisco:x9636q-r:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "90F30A43-9E4F-4A03-8060-A38B0925DBD2"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "ykramarz@cisco.com"}