Lucene search
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.TENABLE_OT_CISCO_CVE-2019-1615.NASLHistoryJul 25, 2023 - 12:00 a.m.
Cisco NX-OS Software Image Signature Verification (CVE-2019-1615)
2023-07-2500:00:00
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
3
cisco
nx-os
image signature verification
vulnerability
digital signatures
software image
threat
nexus 3000 series
nexus 9000 series
tenable.ot
A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability is due to improper verification of digital signatures for software images. An attacker could exploit this vulnerability by loading an unsigned software image on an affected device. A successful exploit could allow the attacker to boot a malicious software image. Note: The fix for this vulnerability requires a BIOS upgrade as part of the software upgrade.
For additional information, see the Details section of this advisory.
Nexus 3000 Series Switches are affected running software versions prior to 7.0(3)I7(5). Nexus 9000 Series Fabric Switches in ACI Mode are affected running software versions prior to 13.2(1l). Nexus 9000 Series Switches in Standalone NX-OS Mode are affected running software versions prior to 7.0(3)I7(5). Nexus 9500 R-Series Line Cards and Fabric Modules are affected running software versions prior to 7.0(3)F3(5).
This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(501423);
script_version("1.1");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/07/26");
script_cve_id("CVE-2019-1615");
script_name(english:"Cisco NX-OS Software Image Signature Verification (CVE-2019-1615)");
script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
script_set_attribute(attribute:"description", value:
"A vulnerability in the Image Signature Verification feature of Cisco
NX-OS Software could allow an authenticated, local attacker with
administrator-level credentials to install a malicious software image
on an affected device. The vulnerability is due to improper
verification of digital signatures for software images. An attacker
could exploit this vulnerability by loading an unsigned software image
on an affected device. A successful exploit could allow the attacker
to boot a malicious software image. Note: The fix for this
vulnerability requires a BIOS upgrade as part of the software upgrade.
For additional information, see the Details section of this advisory.
Nexus 3000 Series Switches are affected running software versions
prior to 7.0(3)I7(5). Nexus 9000 Series Fabric Switches in ACI Mode
are affected running software versions prior to 13.2(1l). Nexus 9000
Series Switches in Standalone NX-OS Mode are affected running software
versions prior to 7.0(3)I7(5). Nexus 9500 R-Series Line Cards and
Fabric Modules are affected running software versions prior to
7.0(3)F3(5).
This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.");
script_set_attribute(attribute:"see_also", value:"http://www.securityfocus.com/bid/107397");
# https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-sig-verif
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?bf14d312");
script_set_attribute(attribute:"solution", value:
"Refer to the vendor advisory.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-1615");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_cwe_id(347);
script_set_attribute(attribute:"vuln_publication_date", value:"2019/03/11");
script_set_attribute(attribute:"patch_publication_date", value:"2019/03/11");
script_set_attribute(attribute:"plugin_publication_date", value:"2023/07/25");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:nx-os:12.3%280.97%29");
script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:nx-os:7.0%283%29i7%283%29");
script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:nx-os:7.0%283%29i7%285%29");
script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:nx-os:9.2%281%29");
script_set_attribute(attribute:"generated_plugin", value:"former");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Tenable.ot");
script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("tenable_ot_api_integration.nasl");
script_require_keys("Tenable.ot/Cisco");
exit(0);
}
include('tenable_ot_cve_funcs.inc');
get_kb_item_or_exit('Tenable.ot/Cisco');
var asset = tenable_ot::assets::get(vendor:'Cisco');
var vuln_cpes = {
"cpe:/o:cisco:nx-os:7.0%283%29i7%283%29" :
{"versionEndIncluding" : "7.0%283%29i7%283%29", "versionStartIncluding" : "7.0%283%29i7%283%29", "family" : "NXOS"},
"cpe:/o:cisco:nx-os:9.2%281%29" :
{"versionEndIncluding" : "9.2%281%29", "versionStartIncluding" : "9.2%281%29", "family" : "NXOS"},
"cpe:/o:cisco:nx-os:12.3%280.97%29" :
{"versionEndIncluding" : "12.3%280.97%29", "versionStartIncluding" : "12.3%280.97%29", "family" : "NXOS"},
"cpe:/o:cisco:nx-os:7.0%283%29i7%285%29" :
{"versionEndIncluding" : "7.0%283%29i7%285%29", "versionStartIncluding" : "7.0%283%29i7%285%29", "family" : "NXOS"}
};
tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_WARNING);
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | nx-os | 12.3%280.97%29 | cpe:/o:cisco:nx-os:12.3%280.97%29 |
| cisco | nx-os | 7.0%283%29i7%283%29 | cpe:/o:cisco:nx-os:7.0%283%29i7%283%29 |
| cisco | nx-os | 7.0%283%29i7%285%29 | cpe:/o:cisco:nx-os:7.0%283%29i7%285%29 |
| cisco | nx-os | 9.2%281%29 | cpe:/o:cisco:nx-os:9.2%281%29 |
Related
cve
cve
CVE-2019-1615
2019-03-11 21:29:00
prion
prion
Input validation
2019-03-11 21:29:00
nessus
nessus
cvelist
cvelist
cisco
cisco
Cisco NX-OS Software Image Signature Verification Vulnerability
2019-03-06 16:00:00
Related for TENABLE_OT_CISCO_CVE-2019-1615.NASL