Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ciscoCiscoCISCO-SA-20190515-NXOS-SISV2
HistoryMay 15, 2019 - 4:00 p.m.

Cisco NX-OS CLI Command Software Image Signature Verification Vulnerabilities

2019-05-1516:00:00
tools.cisco.com
38

0.0004 Low

EPSS

Percentile

5.1%

JSON

Multiple vulnerabilities in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device.

The vulnerabilities exist because software digital signatures are not properly verified during CLI command execution. An attacker could exploit these vulnerabilities to install an unsigned software image on an affected device.

Note: If the device has not been patched for the vulnerability previously disclosed in the Cisco Security Advisory cisco-sa-20190306-nxos-sig-verif [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-sig-verif”], a successful exploit could allow the attacker to boot a malicious software image.

Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-sisv2 [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-sisv2”]

Affected configurations

Vulners
Node
cisconx-osMatch6.1nexus_9000_series
OR
cisconx-osMatch6.1\(2\)i1nexus_9000_series
OR
cisconx-osMatch6.1\(2\)i2nexus_9000_series
OR
cisconx-osMatch6.1\(2\)i3nexus_9000_series
OR
cisconx-osMatch6.2nexus_9000_series
OR
cisconx-osMatch7.0nexus_9000_series
OR
cisconx-osMatch7.0\(0\)n1nexus_9000_series
OR
cisconx-osMatch7.0\(1\)n1nexus_9000_series
OR
cisconx-osMatch7.0\(2\)i2nexus_9000_series
OR
cisconx-osMatch7.0\(2\)n1nexus_9000_series
OR
cisconx-osMatch7.0\(3\)f1nexus_9000_series
OR
cisconx-osMatch7.0\(3\)f2nexus_9000_series
OR
cisconx-osMatch7.0\(3\)f3nexus_9000_series
OR
cisconx-osMatch7.0\(3\)i1nexus_9000_series
OR
cisconx-osMatch7.0\(3\)i2nexus_9000_series
OR
cisconx-osMatch7.0\(3\)i3nexus_9000_series
OR
cisconx-osMatch7.0\(3\)i4nexus_9000_series
OR
cisconx-osMatch7.0\(3\)i5nexus_9000_series
OR
cisconx-osMatch7.0\(3\)i6nexus_9000_series
OR
cisconx-osMatch7.0\(3\)i7nexus_9000_series
OR
cisconx-osMatch9.2nexus_9000_series
OR
cisconx-osMatch6.1\(1\)nexus_9000_series
OR
cisconx-osMatch6.1\(2\)nexus_9000_series
OR
cisconx-osMatch6.1\(3\)nexus_9000_series
OR
cisconx-osMatch6.1\(4\)nexus_9000_series
OR
cisconx-osMatch6.1\(4a\)nexus_9000_series
OR
cisconx-osMatch6.1\(5\)nexus_9000_series
OR
cisconx-osMatch6.1\(3\)s5nexus_9000_series
OR
cisconx-osMatch6.1\(3\)s6nexus_9000_series
OR
cisconx-osMatch6.1\(5a\)nexus_9000_series
OR
cisconx-osMatch6.1\(2\)i1\(3\)nexus_9000_series
OR
cisconx-osMatch6.1\(2\)i1\(1\)nexus_9000_series
OR
cisconx-osMatch6.1\(2\)i1\(2\)nexus_9000_series
OR
cisconx-osMatch6.1\(2\)i2\(1\)nexus_9000_series
OR
cisconx-osMatch6.1\(2\)i2\(2\)nexus_9000_series
OR
cisconx-osMatch6.1\(2\)i2\(2a\)nexus_9000_series
OR
cisconx-osMatch6.1\(2\)i2\(3\)nexus_9000_series
OR
cisconx-osMatch6.1\(2\)i2\(2b\)nexus_9000_series
OR
cisconx-osMatch6.1\(2\)i3\(1\)nexus_9000_series
OR
cisconx-osMatch6.1\(2\)i3\(2\)nexus_9000_series
OR
cisconx-osMatch6.1\(2\)i3\(3\)nexus_9000_series
OR
cisconx-osMatch6.1\(2\)i3\(3.78\)nexus_9000_series
OR
cisconx-osMatch6.1\(2\)i3\(4\)nexus_9000_series
OR
cisconx-osMatch6.1\(2\)i3\(3a\)nexus_9000_series
OR
cisconx-osMatch6.1\(2\)i3\(4a\)nexus_9000_series
OR
cisconx-osMatch6.1\(2\)i3\(4b\)nexus_9000_series
OR
cisconx-osMatch6.1\(2\)i3\(4c\)nexus_9000_series
OR
cisconx-osMatch6.1\(2\)i3\(4d\)nexus_9000_series
OR
cisconx-osMatch6.1\(2\)i3\(4e\)nexus_9000_series
OR
cisconx-osMatch6.1\(2\)i3\(5\)nexus_9000_series
OR
cisconx-osMatch6.1\(2\)i3\(5a\)nexus_9000_series
OR
cisconx-osMatch6.1\(2\)i3\(5b\)nexus_9000_series
OR
cisconx-osMatch6.1\(2\)i3\(3b\)nexus_9000_series
OR
cisconx-osMatch6.2\(2\)nexus_9000_series
OR
cisconx-osMatch6.2\(2a\)nexus_9000_series
OR
cisconx-osMatch6.2\(6\)nexus_9000_series
OR
cisconx-osMatch6.2\(6b\)nexus_9000_series
OR
cisconx-osMatch6.2\(8\)nexus_9000_series
OR
cisconx-osMatch6.2\(8a\)nexus_9000_series
OR
cisconx-osMatch6.2\(8b\)nexus_9000_series
OR
cisconx-osMatch6.2\(10\)nexus_9000_series
OR
cisconx-osMatch6.2\(12\)nexus_9000_series
OR
cisconx-osMatch6.2\(18\)nexus_9000_series
OR
cisconx-osMatch6.2\(16\)nexus_9000_series
OR
cisconx-osMatch6.2\(14b\)nexus_9000_series
OR
cisconx-osMatch6.2\(14\)nexus_9000_series
OR
cisconx-osMatch6.2\(14a\)nexus_9000_series
OR
cisconx-osMatch6.2\(6a\)nexus_9000_series
OR
cisconx-osMatch6.2\(20\)nexus_9000_series
OR
cisconx-osMatch6.2\(1\)nexus_9000_series
OR
cisconx-osMatch6.2\(3\)nexus_9000_series
OR
cisconx-osMatch6.2\(5\)nexus_9000_series
OR
cisconx-osMatch6.2\(5a\)nexus_9000_series
OR
cisconx-osMatch6.2\(5b\)nexus_9000_series
OR
cisconx-osMatch6.2\(7\)nexus_9000_series
OR
cisconx-osMatch6.2\(9\)nexus_9000_series
OR
cisconx-osMatch6.2\(9a\)nexus_9000_series
OR
cisconx-osMatch6.2\(9b\)nexus_9000_series
OR
cisconx-osMatch6.2\(9c\)nexus_9000_series
OR
cisconx-osMatch6.2\(11\)nexus_9000_series
OR
cisconx-osMatch6.2\(11b\)nexus_9000_series
OR
cisconx-osMatch6.2\(11c\)nexus_9000_series
OR
cisconx-osMatch6.2\(11d\)nexus_9000_series
OR
cisconx-osMatch6.2\(11e\)nexus_9000_series
OR
cisconx-osMatch6.2\(13\)nexus_9000_series
OR
cisconx-osMatch6.2\(13a\)nexus_9000_series
OR
cisconx-osMatch6.2\(13b\)nexus_9000_series
OR
cisconx-osMatch6.2\(15\)nexus_9000_series
OR
cisconx-osMatch6.2\(17\)nexus_9000_series
OR
cisconx-osMatch6.2\(19\)nexus_9000_series
OR
cisconx-osMatch6.2\(21\)nexus_9000_series
OR
cisconx-osMatch6.2\(23\)nexus_9000_series
OR
cisconx-osMatch6.2\(20a\)nexus_9000_series
OR
cisconx-osMatch6.2\(25\)nexus_9000_series
OR
cisconx-osMatch7.0\(3\)nexus_9000_series
OR
cisconx-osMatch7.0\(0\)n1\(1\)nexus_9000_series
OR
cisconx-osMatch7.0\(1\)n1\(1\)nexus_9000_series
OR
cisconx-osMatch7.0\(1\)n1\(3\)nexus_9000_series
OR
cisconx-osMatch7.0\(2\)i2\(2c\)nexus_9000_series
OR
cisconx-osMatch7.0\(2\)n1\(1\)nexus_9000_series
OR
cisconx-osMatch7.0\(2\)n1\(1a\)nexus_9000_series
OR
cisconx-osMatch7.0\(3\)f1\(1\)nexus_9000_series
OR
cisconx-osMatch7.0\(3\)f2\(1\)nexus_9000_series
OR
cisconx-osMatch7.0\(3\)f2\(2\)nexus_9000_series
OR
cisconx-osMatch7.0\(3\)f3\(1\)nexus_9000_series
OR
cisconx-osMatch7.0\(3\)f3\(2\)nexus_9000_series
OR
cisconx-osMatch7.0\(3\)f3\(3\)nexus_9000_series
OR
cisconx-osMatch7.0\(3\)f3\(3a\)nexus_9000_series
OR
cisconx-osMatch7.0\(3\)f3\(4\)nexus_9000_series
OR
cisconx-osMatch7.0\(3\)f3\(3c\)nexus_9000_series
OR
cisconx-osMatch7.0\(3\)f3\(3b\)nexus_9000_series
OR
cisconx-osMatch7.0\(3\)i1\(1\)nexus_9000_series
OR
cisconx-osMatch7.0\(3\)i1\(1a\)nexus_9000_series
OR
cisconx-osMatch7.0\(3\)i1\(1b\)nexus_9000_series
OR
cisconx-osMatch7.0\(3\)i1\(2\)nexus_9000_series
OR
cisconx-osMatch7.0\(3\)i1\(3\)nexus_9000_series
OR
cisconx-osMatch7.0\(3\)i1\(3a\)nexus_9000_series
OR
cisconx-osMatch7.0\(3\)i1\(3b\)nexus_9000_series
OR
cisconx-osMatch7.0\(3\)i2\(2a\)nexus_9000_series
OR
cisconx-osMatch7.0\(3\)i2\(2b\)nexus_9000_series
OR
cisconx-osMatch7.0\(3\)i2\(2c\)nexus_9000_series
OR
cisconx-osMatch7.0\(3\)i2\(2d\)nexus_9000_series
OR
cisconx-osMatch7.0\(3\)i2\(2e\)nexus_9000_series
OR
cisconx-osMatch7.0\(3\)i2\(3\)nexus_9000_series
OR
cisconx-osMatch7.0\(3\)i2\(4\)nexus_9000_series
OR
cisconx-osMatch7.0\(3\)i2\(5\)nexus_9000_series
OR
cisconx-osMatch7.0\(3\)i2\(1\)nexus_9000_series
OR
cisconx-osMatch7.0\(3\)i2\(1a\)nexus_9000_series
OR
cisconx-osMatch7.0\(3\)i2\(2\)nexus_9000_series
OR
cisconx-osMatch7.0\(3\)i3\(1\)nexus_9000_series
OR
cisconx-osMatch7.0\(3\)i4\(1\)nexus_9000_series
OR
cisconx-osMatch7.0\(3\)i4\(2\)nexus_9000_series
OR
cisconx-osMatch7.0\(3\)i4\(3\)nexus_9000_series
OR
cisconx-osMatch7.0\(3\)i4\(4\)nexus_9000_series
OR
cisconx-osMatch7.0\(3\)i4\(5\)nexus_9000_series
OR
cisconx-osMatch7.0\(3\)i4\(6\)nexus_9000_series
OR
cisconx-osMatch7.0\(3\)i4\(7\)nexus_9000_series
OR
cisconx-osMatch7.0\(3\)i4\(8\)nexus_9000_series
OR
cisconx-osMatch7.0\(3\)i4\(8a\)nexus_9000_series
OR
cisconx-osMatch7.0\(3\)i4\(8b\)nexus_9000_series
OR
cisconx-osMatch7.0\(3\)i4\(8z\)nexus_9000_series
OR
cisconx-osMatch7.0\(3\)i7\(5a\)nexus_9000_series
OR
cisconx-osMatch7.0\(3\)i5\(1\)nexus_9000_series
OR
cisconx-osMatch7.0\(3\)i5\(2\)nexus_9000_series
OR
cisconx-osMatch7.0\(3\)i6\(1\)nexus_9000_series
OR
cisconx-osMatch7.0\(3\)i6\(2\)nexus_9000_series
OR
cisconx-osMatch7.0\(3\)i7\(1\)nexus_9000_series
OR
cisconx-osMatch7.0\(3\)i7\(2\)nexus_9000_series
OR
cisconx-osMatch7.0\(3\)i7\(3\)nexus_9000_series
OR
cisconx-osMatch7.0\(3\)i7\(4\)nexus_9000_series
OR
cisconx-osMatch9.2\(1\)nexus_9000_series

Related

nessus 3
nvd 3
cve 3
prion 3
cvelist 3
nessus
nessus
Cisco NX-OS CLI Command Software Image Signature Verification (CVE-2019-1811)
2023-07-25 00:00:00
Cisco NX-OS CLI Command Software Image Signature Verification (CVE-2019-1812)
2023-07-25 00:00:00
Cisco NX-OS CLI Command Software Image Signature Verification (CVE-2019-1813)
2023-07-25 00:00:00
nvd
nvd
CVE-2019-1811
2019-05-15 23:29:01
CVE-2019-1813
2019-05-15 23:29:01
CVE-2019-1812
2019-05-15 23:29:01
cve
cve
CVE-2019-1811
2019-05-15 23:29:01
CVE-2019-1812
2019-05-15 23:29:01
CVE-2019-1813
2019-05-15 23:29:01
prion
prion
Design/Logic Flaw
2019-05-15 23:29:00
Design/Logic Flaw
2019-05-15 23:29:00
Design/Logic Flaw
2019-05-15 23:29:00
cvelist
cvelist
CVE-2019-1813 Cisco NX-OS CLI Command Software Image Signature Verification Vulnerability
2019-05-15 00:00:00
CVE-2019-1812 Cisco NX-OS CLI Command Software Image Signature Verification Vulnerabilities
2019-05-15 00:00:00
CVE-2019-1811 Cisco NX-OS CLI Command Software Image Signature Verification Vulnerabilities
2019-05-15 00:00:00

0.0004 Low

EPSS

Percentile

5.1%

JSON
Related for CISCO-SA-20190515-NXOS-SISV2
nessus3nvd3cve3prion3cvelist3