CVE-2019-1890

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2019-1890
A vulnerability in the fabric infrastructure VLAN connection establishment of the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, adjacent attacker to bypass security validations and connect an unauthorized server to the infrastructure VLAN. The vulnerability is due to insufficient security requirements during the Link Layer Discovery Protocol (LLDP) setup phase of the infrastructure VLAN. An attacker could exploit this vulnerability by sending a malicious LLDP packet on the adjacent subnet to the Cisco Nexus 9000 Series Switch in ACI mode. A successful exploit could allow the attacker to connect an unauthorized server to the infrastructure VLAN, which is highly privileged. With a connection to the infrastructure VLAN, the attacker can make unauthorized connections to Cisco Application Policy Infrastructure Controller (APIC) services or join other host endpoints.

6.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

3.3 /10

CVSS v2.0 : LOW

V2 Legend

Vector : AV:A/AC:L/Au:N/C:N/I:P/A:N

Exploitability : 6.5 / Impact : 2.9

Access Vector ADJACENT_NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References
Link Resource
http://www.securityfocus.com/bid/109052 Third Party Advisory VDB Entry
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-n9kaci-bypass Vendor Advisory
http://www.securityfocus.com/bid/109052 Third Party Advisory VDB Entry
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-n9kaci-bypass Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:cisco:application_policy_infrastructure_controller:7.3\(0\)zn\(0.113\):*:*:*:*:*:*:*
OR cpe:2.3:h:cisco:9432pq:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:9536pq:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:9636pq:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:9736pq:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:n9k-x9432c-s:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:n9k-x9464px:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:n9k-x9464tx2:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:n9k-x9564px:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:n9k-x9564tx:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:n9k-x9636c-r:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:n9k-x9636c-rx:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:n9k-x97160yc-ex:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:n9k-x9732c-ex:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:n9k-x9732c-fx:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:n9k-x9736c-ex:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:n9k-x9736c-fx:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:n9k-x9788tc-fx:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:x9636q-r:-:*:*:*:*:*:*:*
History

21 Nov 2024, 04:37

Type Values Removed Values Added
References () http://www.securityfocus.com/bid/109052 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/109052 - Third Party Advisory, VDB Entry
References () https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-n9kaci-bypass - Vendor Advisory () https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-n9kaci-bypass - Vendor Advisory
Information

Published : 2019-07-04 20:15

Updated : 2024-11-21 04:37

NVD link : CVE-2019-1890

Mitre link : CVE-2019-1890

CVE.ORG link : CVE-2019-1890

JSON object : View

Products Affected

cisco

  • nexus_9348gc-fxp
  • n9k-x9732c-fx
  • nexus_9316d-gx
  • nexus_93360yc-fx2
  • nexus_93180yc-fx
  • 9736pq
  • 9536pq
  • nexus_9332c
  • nexus_92160yc-x
  • nexus_93216tc-fx2
  • nexus_9364c
  • n9k-x9736c-ex
  • nexus_93108tc-fx
  • n9k-x97160yc-ex
  • nexus_93240yc-fx2
  • n9k-x9732c-ex
  • n9k-x9564tx
  • n9k-x9432c-s
  • n9k-x9464tx2
  • application_policy_infrastructure_controller
  • n9k-x9788tc-fx
  • nexus_93180yc-ex
  • n9k-x9736c-fx
  • n9k-x9464px
  • nexus_93600cd-gx
  • n9k-x9564px
  • n9k-x9636c-rx
  • x9636q-r
  • nexus_93120tx
  • n9k-x9636c-r
  • nexus_93108tc-ex
  • 9636pq
  • 9432pq
  • nexus_9336c-fx2
CWE
CWE-284

Improper Access Control

NVD-CWE-Other

NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024