Cisco Multiple Vulnerabilities in NX-OS-Based Products (CVE-2013-1191)

2023-07-2500:00:00

www.tenable.com

cisco

nx-os

vulnerabilities

remote authenticated users

ssh

ssh key

management interface

cve-2013-1191.

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:S/C:C/I:C/A:C

6.8 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

44.2%

JSON

Cisco NX-OS 6.1 before 6.1(5) on Nexus 7000 devices, when local authentication and multiple VDCs are enabled, allows remote authenticated users to gain privileges within an unintended VDC via crafted SSH key data in an SSH session to a management interface, aka Bug ID CSCud88400.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(501392);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/12/14");

  script_cve_id("CVE-2013-1191");

  script_name(english:"Cisco Multiple Vulnerabilities in NX-OS-Based Products (CVE-2013-1191)");

  script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
  script_set_attribute(attribute:"description", value:
"Cisco NX-OS 6.1 before 6.1(5) on Nexus 7000 devices, when local
authentication and multiple VDCs are enabled, allows remote
authenticated users to gain privileges within an unintended VDC via
crafted SSH key data in an SSH session to a management interface, aka
Bug ID CSCud88400.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.");
  # http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140521-nxos
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?5f6099be");
  script_set_attribute(attribute:"solution", value:
"Refer to the vendor advisory.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:S/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2013-1191");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(264);

  script_set_attribute(attribute:"vuln_publication_date", value:"2014/05/26");
  script_set_attribute(attribute:"patch_publication_date", value:"2014/05/26");
  script_set_attribute(attribute:"plugin_publication_date", value:"2023/07/25");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:nx-os:6.1");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:nx-os:6.1%281%29");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:nx-os:6.1%282%29");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:nx-os:6.1%283%29");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:nx-os:6.1%284%29");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:nx-os:6.1%284a%29");
  script_set_attribute(attribute:"generated_plugin", value:"former");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Tenable.ot");

  script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("tenable_ot_api_integration.nasl");
  script_require_keys("Tenable.ot/Cisco");

  exit(0);
}


include('tenable_ot_cve_funcs.inc');

get_kb_item_or_exit('Tenable.ot/Cisco');

var asset = tenable_ot::assets::get(vendor:'Cisco');

var vuln_cpes = {
    "cpe:/o:cisco:nx-os:6.1" :
        {"versionEndIncluding" : "6.1", "versionStartIncluding" : "6.1", "family" : "NXOS"},
    "cpe:/o:cisco:nx-os:6.1%281%29" :
        {"versionEndIncluding" : "6.1%281%29", "versionStartIncluding" : "6.1%281%29", "family" : "NXOS"},
    "cpe:/o:cisco:nx-os:6.1%282%29" :
        {"versionEndIncluding" : "6.1%282%29", "versionStartIncluding" : "6.1%282%29", "family" : "NXOS"},
    "cpe:/o:cisco:nx-os:6.1%283%29" :
        {"versionEndIncluding" : "6.1%283%29", "versionStartIncluding" : "6.1%283%29", "family" : "NXOS"},
    "cpe:/o:cisco:nx-os:6.1%284%29" :
        {"versionEndIncluding" : "6.1%284%29", "versionStartIncluding" : "6.1%284%29", "family" : "NXOS"},
    "cpe:/o:cisco:nx-os:6.1%284a%29" :
        {"versionEndIncluding" : "6.1%284a%29", "versionStartIncluding" : "6.1%284a%29", "family" : "NXOS"}
};

tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_HOLE);

VendorProductVersionCPE
cisconx-os6.1cpe:/o:cisco:nx-os:6.1
cisconx-os6.1%281%29cpe:/o:cisco:nx-os:6.1%281%29
cisconx-os6.1%282%29cpe:/o:cisco:nx-os:6.1%282%29
cisconx-os6.1%283%29cpe:/o:cisco:nx-os:6.1%283%29
cisconx-os6.1%284%29cpe:/o:cisco:nx-os:6.1%284%29
cisconx-os6.1%284a%29cpe:/o:cisco:nx-os:6.1%284a%29

Vendor	Product	Version	CPE
cisco	nx-os	6.1	cpe:/o:cisco:nx-os:6.1
cisco	nx-os	6.1%281%29	cpe:/o:cisco:nx-os:6.1%281%29
cisco	nx-os	6.1%282%29	cpe:/o:cisco:nx-os:6.1%282%29
cisco	nx-os	6.1%283%29	cpe:/o:cisco:nx-os:6.1%283%29
cisco	nx-os	6.1%284%29	cpe:/o:cisco:nx-os:6.1%284%29
cisco	nx-os	6.1%284a%29	cpe:/o:cisco:nx-os:6.1%284a%29