CVE-2019-1727

{"id": "CVE-2019-1727", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Secondary", "source": "ykramarz@cisco.com", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 4.2, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "HIGH", "confidentialityImpact": "LOW"}, "impactScore": 3.4, "exploitabilityScore": 0.8}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.7, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 0.8}]}, "published": "2019-05-15T17:29:01.530", "references": [{"url": "http://www.securityfocus.com/bid/108341", "tags": ["Third Party Advisory", "VDB Entry"], "source": "ykramarz@cisco.com"}, {"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-pyth-escal", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}, {"url": "http://www.securityfocus.com/bid/108341", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-pyth-escal", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "ykramarz@cisco.com", "description": [{"lang": "en", "value": "CWE-264"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-78"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the Python scripting subsystem of Cisco NX-OS Software could allow an authenticated, local attacker to escape the Python parser and issue arbitrary commands to elevate the attacker's privilege level. The vulnerability is due to insufficient sanitization of user-supplied parameters that are passed to certain Python functions in the scripting sandbox of the affected device. An attacker could exploit this vulnerability to escape the scripting sandbox and execute arbitrary commands to elevate the attacker's privilege level. To exploit this vulnerability, the attacker must have local access and be authenticated to the targeted device with administrative or Python execution privileges. These requirements could limit the possibility of a successful exploit."}, {"lang": "es", "value": "Una vulnerabilidad en el subsistema scripting Python del programa NX-OS de Cisco, podr\u00eda permitir a un atacante local autorizado evadir el analizador Python y emitir comandos arbitrarios para elevar el nivel de privilegio del atacante. La vulnerabilidad es debido a la falta de saneamiento de los par\u00e1metros proporcionados por el usuario que se pasan a ciertas funciones de Python en el entorno de pruebas del dispositivo afectado. Un atacante podr\u00eda explotar esta vulnerabilidad para escapar del entorno de pruebas y ejecutar comandos arbitrarios para escalar el nivel de privilegio del atacante. Para explotar esta vulnerabilidad, el atacante deber contar con acceso local y estar autorizado en el dispositivo de destino con privilegios administrativos o de ejecuci\u00f3n de Python. Estos requisitos podr\u00edan limitar la posibilidad de una explotaci\u00f3n con \u00e9xito"}], "lastModified": "2024-11-21T04:37:11.413", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FF6977F4-3F04-4CA8-B8F4-DAB5AA03FE84", "versionEndExcluding": "8.1\\(1b\\)", "versionStartIncluding": "5.2"}, {"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F4863FC5-6578-48DE-838D-E5D2EEFF27B1", "versionEndExcluding": "8.3\\(1\\)", "versionStartIncluding": "8.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:mds_9000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1FD00AB9-F2DD-4D07-8DFF-E7B34824D66A"}, {"criteria": "cpe:2.3:h:cisco:mds_9100:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "54C0D908-D7BA-48C3-9963-14A3A32A2662"}, {"criteria": "cpe:2.3:h:cisco:mds_9200:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B25B92ED-37C0-4653-9C5E-B4C13C46464C"}, {"criteria": "cpe:2.3:h:cisco:mds_9500:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2374E02D-46FE-477F-A74D-49E72149E6EC"}, {"criteria": "cpe:2.3:h:cisco:mds_9700:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C44335D8-8A78-486C-A325-9691FA4C3271"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F809C85E-BC8C-4650-B7C9-7A15315AE2BD", "versionEndExcluding": "7.0\\(3\\)i4\\(8\\)", "versionStartIncluding": "7.0\\(3\\)i4"}, {"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C340CA0D-D6E4-4978-BD4F-4D447DD8C66E", "versionEndExcluding": "7.0\\(3\\)i7\\(3\\)", "versionStartIncluding": "7.0\\(3\\)i5"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_3000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "10FFC5E8-CC5A-4D31-A63A-19E72EC442AB"}, {"criteria": "cpe:2.3:h:cisco:nexus_3100:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "41C14CC9-C244-4B86-AEA6-C50BAD5DA9A6"}, {"criteria": "cpe:2.3:h:cisco:nexus_3100-z:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D14D4B4E-120E-4607-A4F1-447C7BF3052E"}, {"criteria": "cpe:2.3:h:cisco:nexus_3100v:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "15702ACB-29F3-412D-8805-E107E0729E35"}, {"criteria": "cpe:2.3:h:cisco:nexus_3200:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "32A532C0-B0E3-484A-B356-88970E7D0248"}, {"criteria": "cpe:2.3:h:cisco:nexus_3400:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "43913A0E-50D5-47DD-94D8-DD3391633619"}, {"criteria": "cpe:2.3:h:cisco:nexus_3500:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A8E1073F-D374-4311-8F12-AD8C72FAA293"}, {"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2"}, {"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94"}, {"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34"}, {"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C"}, {"criteria": "cpe:2.3:h:cisco:nexus_3600:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "97217080-455C-48E4-8CE1-6D5B9485864F"}, {"criteria": "cpe:2.3:h:cisco:nexus_9000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8EBEBA5B-5589-417B-BF3B-976083E9FE54"}, {"criteria": "cpe:2.3:h:cisco:nexus_9200:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "532CE4B0-A3C9-4613-AAAF-727817D06FB4"}, {"criteria": "cpe:2.3:h:cisco:nexus_9300:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "92E2CB2B-DA11-4CF7-9D57-3D4D48990DC0"}, {"criteria": "cpe:2.3:h:cisco:nexus_9500:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "63BE0266-1C00-4D6A-AD96-7F82532ABAA7"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9588B23A-8C0E-4734-AFF6-254F8A2C8AA1", "versionEndExcluding": "7.3\\(4\\)n1\\(1\\)", "versionStartIncluding": "7.3"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_5500:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BFC8699E-81C0-4374-B827-71B3916B910D"}, {"criteria": "cpe:2.3:h:cisco:nexus_5600:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "870F4379-68F6-4B34-B99B-107DFE0DBD63"}, {"criteria": "cpe:2.3:h:cisco:nexus_6000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6A58223F-3B15-420B-A6D4-841451CF0380"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5EF03BE3-F920-4ECD-8B28-AA0700270CD3", "versionEndExcluding": "7.3\\(3\\)d1\\(1\\)", "versionStartIncluding": "6.2"}, {"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "02E6779A-5759-4A83-B884-1B47FC124A22", "versionEndExcluding": "8.3\\(1\\)", "versionStartIncluding": "8.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3"}, {"criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "ykramarz@cisco.com"}