CVE-2019-1593

🗓️ 06 Mar 2019 22:00:00Reported by ciscoType

Vulnerability in Cisco NX-OS Software allows local attacker to escalate privilege level by bypassing role-based access control (RBAC)

Reporter	Title	Published	Views	Family All 10
Cisco	Cisco NX-OS Software Bash Shell Role-Based Access Control Bypass Privilege Escalation Vulnerability	6 Mar 201916:00	–	cisco
Tenable Nessus	Cisco NX-OS Software Bash Shell Role-Based Access Control Bypass Privilege Escalation Vulnerability	5 Jul 201900:00	–	nessus
Tenable Nessus	Cisco NX-OS Software Bash Shell Role-Based Access Control Bypass Privilege Escalation (CVE-2019-1593)	25 Jul 202300:00	–	nessus
CNVD	Cisco NX-OS Elevation of Privilege Vulnerability	7 Mar 201900:00	–	cnvd
Cvelist	CVE-2019-1593 Cisco NX-OS Software Bash Shell Role-Based Access Control Bypass Privilege Escalation Vulnerability	6 Mar 201922:00	–	cvelist
EUVD	EUVD-2019-10150	7 Oct 202500:30	–	euvd
NVD	CVE-2019-1593	6 Mar 201922:29	–	nvd
OSV	CVE-2019-1593	6 Mar 201922:29	–	osv
Prion	Design/Logic Flaw	6 Mar 201922:29	–	prion
Vulnrichment	CVE-2019-1593 Cisco NX-OS Software Bash Shell Role-Based Access Control Bypass Privilege Escalation Vulnerability	6 Mar 201922:00	–	vulnrichment

NVD

Vulners

Node

cisco nx-osRange7.0(3)i5–7.0(3)i7(4)

AND

cisco nexus_3000Match-

Node

cisco nx-osRange7.0(3)i4–7.0(3)i4(9)

AND

cisco nexus_3000Match-

Node

cisco nx-osRange7.0(3)–7.0(3)i7(4)

AND

cisco nexus_3500Match-

Node

cisco nx-osRange7.0(3)–7.0(3)f3(5)

AND

cisco nexus_3600Match-

Node

cisco nx-osRange8.1–8.2(3)

cisco nx-osRange8.3–8.3(1)

AND

cisco nexus_7000Match-

cisco nexus_7700Match-

Node

cisco nx-osRange<13.2(4d)

cisco nx-osRange14.0–14.0(1h)

AND

cisco nexus_9000_in_aci_modeMatch-

Node

cisco nx-osRange7.0(3)i4–7.0(3)i4(9)

cisco nx-osRange7.0(3)i5–7.0(3)i7(4)

AND

cisco nexus_9000_in_standaloneMatch-

Node

cisco nx-osRange7.0(3)–7.0(3)f3(5)

AND

cisco nexus_9500

[
  {
    "product": "Nexus 3000 Series Switches",
    "vendor": "Cisco",
    "versions": [
      {
        "lessThan": "7.0(3)I7(4)",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "Nexus 3500 Platform Switches",
    "vendor": "Cisco",
    "versions": [
      {
        "lessThan": "7.0(3)I7(4)",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "Nexus 3600 Platform Switches",
    "vendor": "Cisco",
    "versions": [
      {
        "lessThan": "7.0(3)F3(5)",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "Nexus 7000 and 7700 Series Switches",
    "vendor": "Cisco",
    "versions": [
      {
        "lessThan": "8.2(3)",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "Nexus 9000 Series Fabric Switches in ACI Mode",
    "vendor": "Cisco",
    "versions": [
      {
        "lessThan": "13.2(4d)",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "14.0(1h)",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "Nexus 9000 Series Switches in Standalone NX-OS Mode",
    "vendor": "Cisco",
    "versions": [
      {
        "lessThan": "7.0(3)I4(9)",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "7.0(3)I7(4)",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
tools	www.tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nx-os-bash-escal
securityfocus	www.securityfocus.com/bid/107324

21 Nov 2024 04:36Current

7.7High risk

Vulners AI Score7.7

CVSS 27.2

CVSS 3.17.8

CVSS 37.8

EPSS0.00148

SSVC

CWE-264