CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
EPSS
Percentile
26.9%
A vulnerability in the SFTP server implementation for Cisco Nexus 3000 Series Switches and 9000 Series Switches in standalone NX-OS mode could allow an authenticated, remote attacker to download or overwrite files from the underlying operating system of an affected device.
This vulnerability is due to a logic error when verifying the user role when an SFTP connection is opened to an affected device. An attacker could exploit this vulnerability by connecting and authenticating via SFTP as a valid, non-administrator user. A successful exploit could allow the attacker to read or overwrite files from the underlying operating system with the privileges of the authenticated user.
There are workarounds that address this vulnerability.
[
{
"vendor": "Cisco",
"product": "Cisco NX-OS Software",
"versions": [
{
"version": "9.2(1)",
"status": "affected"
},
{
"version": "9.2(2)",
"status": "affected"
},
{
"version": "9.2(2t)",
"status": "affected"
},
{
"version": "9.2(3)",
"status": "affected"
},
{
"version": "9.2(4)",
"status": "affected"
},
{
"version": "9.2(2v)",
"status": "affected"
},
{
"version": "9.3(1)",
"status": "affected"
},
{
"version": "9.3(2)",
"status": "affected"
},
{
"version": "9.3(3)",
"status": "affected"
},
{
"version": "9.3(4)",
"status": "affected"
},
{
"version": "9.3(5)",
"status": "affected"
},
{
"version": "9.3(6)",
"status": "affected"
},
{
"version": "9.3(7)",
"status": "affected"
},
{
"version": "9.3(7a)",
"status": "affected"
},
{
"version": "9.3(8)",
"status": "affected"
},
{
"version": "9.3(9)",
"status": "affected"
},
{
"version": "9.3(10)",
"status": "affected"
},
{
"version": "9.3(11)",
"status": "affected"
},
{
"version": "10.1(1)",
"status": "affected"
},
{
"version": "10.1(2)",
"status": "affected"
},
{
"version": "10.1(2t)",
"status": "affected"
},
{
"version": "10.2(1)",
"status": "affected"
},
{
"version": "10.2(1q)",
"status": "affected"
},
{
"version": "10.2(2)",
"status": "affected"
},
{
"version": "10.2(3)",
"status": "affected"
},
{
"version": "10.2(3t)",
"status": "affected"
},
{
"version": "10.2(4)",
"status": "affected"
},
{
"version": "10.2(5)",
"status": "affected"
},
{
"version": "10.3(1)",
"status": "affected"
},
{
"version": "10.3(2)",
"status": "affected"
}
]
}
]