-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                              ESB-2019.1756.3
                   Cisco NX-OS Software Vulnerabilities
                                21 May 2019

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           Cisco NX-OS Software
Publisher:         Cisco Systems
Operating System:  Cisco
Impact/Access:     Execute Arbitrary Code/Commands -- Existing Account
                   Increased Privileges            -- Existing Account
                   Access Privileged Data          -- Existing Account
                   Overwrite Arbitrary Files       -- Existing Account
                   Cross-site Scripting            -- Existing Account
                   Unauthorised Access             -- Existing Account
Resolution:        Patch/Upgrade
CVE Names:         CVE-2019-1813 CVE-2019-1812 CVE-2019-1811
                   CVE-2019-1809 CVE-2019-1795 CVE-2019-1791
                   CVE-2019-1790 CVE-2019-1784 CVE-2019-1783
                   CVE-2019-1782 CVE-2019-1781 CVE-2019-1780
                   CVE-2019-1779 CVE-2019-1778 CVE-2019-1776
                   CVE-2019-1775 CVE-2019-1774 CVE-2019-1770
                   CVE-2019-1769 CVE-2019-1768 CVE-2019-1767
                   CVE-2019-1735 CVE-2019-1733 CVE-2019-1732
                   CVE-2019-1731 CVE-2019-1730 CVE-2019-1729
                   CVE-2019-1727 CVE-2019-1726 

Original Bulletin: 
   https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-sisv2
   https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-file-write
   https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-bash-bypass
   https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-overflow-inj
   https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cli-bypass
   https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1774-1775
   https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1735
   https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1770
   https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1776
   https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1778
   https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1783
   https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmd-inject-1784
   https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1790
   https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1791
   https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-linecardinj-1769
   https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-nxapi-xss
   https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-psvb
   https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-pyth-escal
   https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-rpm-injec
   https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-ssh-info

Revision History:  May 21 2019: Updated cisco-sa-20190515-nxos-bash-bypass to v1.1
                   May 17 2019: Updated cisco-sa-20190515-nxos-ssh-info to v1.1
                   May 16 2019: Initial Release

- --------------------------BEGIN INCLUDED TEXT--------------------

Cisco NX-OS CLI Command Software Image Signature Verification Vulnerabilities

Priority:        Medium

Advisory ID:     cisco-sa-20190515-nxos-sisv2

First Published: 2019 May 15 16:00 GMT

Version 1.0:     Final

Workarounds:     No workarounds available

CVE-2019-1811    
CVE-2019-1812    
CVE-2019-1813    

CWE-347

CVSS Score:
6.7  AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X

Summary

  o Multiple vulnerabilities in the Image Signature Verification feature of
    Cisco NX-OS Software could allow an authenticated, local attacker with
    administrator-level credentials to install a malicious software image on an
    affected device.

    The vulnerabilities exist because software digital signatures are not
    properly verified during CLI command execution. An attacker could exploit
    these vulnerabilities to install an unsigned software image on an affected
    device.

    Note: If the device has not been patched for the vulnerability previously
    disclosed in the Cisco Security Advisory cisco-sa-20190306-nxos-sig-verif ,
    a successful exploit could allow the attacker to boot a malicious software
    image.

    Cisco has released software updates that address these vulnerabilities.
    There are no workarounds that address these vulnerabilities.

    This advisory is available at the following link:
    https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
    cisco-sa-20190515-nxos-sisv2

Affected Products

  o Vulnerable Products

    These vulnerabilities affect the following Cisco products if they are
    running a vulnerable release of Cisco NX-OS Software:

       Nexus 3000 Series Switches
       Nexus 3600 Platform Switches
       Nexus 9000 Series Switches in standalone NX-OS mode
       Nexus 9500 R-Series Switching Platform

    Note: For the Nexus 3000 Series Switches, only a subset of products
    supports image signature verification. The following Nexus 3000 Series
    product IDs (PIDs) are affected by these vulnerabilities:

       N3K-C31108PC-V
       N3K-C31108TC-V
       N3K-C31128PQ-10GE
       N3K-C3132C-Z
       N3K-C3164Q-40GE
       N3K-C3232C
       N3K-C3264C-E
       N3K-C3264Q
       N3K-C34180YC
       N3K-C3432D-I
       N3K-C3464C

    For information about which Cisco NX-OS Software releases are vulnerable,
    see the Fixed Software section of this advisory.

    Determining the Cisco NX-OS Product ID

    To check the PID, administrators can use the show inventory command in the
    device CLI. The following example shows the output of the command for a
    device that has the PID N3K-C3232C :

        switch# show inventory
                NAME: "Chassis",  DESCR: "Nexus3000 C3232C Chassis"
                PID: N3K-C3232C          ,  VID: V02 ,  SN: FOC20291JA0

                NAME: "Slot 1",  DESCR: "32x40/100G QSFP28 2x10G SFP+ Ethernet Module"
                PID: N3K-C3232C          ,  VID: V02 ,  SN: FOC20291JA0

                NAME: "Power Supply 1",  DESCR: "Nexus3000 C3232C Chassis Power Supply"
                PID: NXA-PAC-650W-PI     ,  VID: V01 ,  SN: LIT20362Z6G  


    Products Confirmed Not Vulnerable

    Only products listed in the Vulnerable Products section of this advisory
    are known to be affected by these vulnerabilities.

    Cisco has confirmed that these vulnerabilities do not affect the following
    Cisco products:
       Firepower 2100 Series
       Firepower 4100 Series
       Firepower 9300 Security Appliances
       MDS 9000 Series Multilayer Switches
       Nexus 1000V Switch for Microsoft Hyper-V
       Nexus 1000V Switch for VMware vSphere
       Nexus 3500 Platform Switches
       Nexus 5500 Platform Switches
       Nexus 5600 Platform Switches
       Nexus 6000 Series Switches
       Nexus 7000 Series Switches
       Nexus 7700 Series Switches
       Nexus 9000 Series Fabric Switches in Application Centric Infrastructure
        (ACI) mode
       UCS 6200 Series Fabric Interconnects
       UCS 6300 Series Fabric Interconnects
       UCS 6400 Series Fabric Interconnects

Workarounds

  o There are no workarounds that address these vulnerabilities.

Fixed Software

  o Cisco has released free software updates that address the vulnerabilities
    described in this advisory. Customers may only install and expect support
    for software versions and feature sets for which they have purchased a
    license. By installing, downloading, accessing, or otherwise using such
    software upgrades, customers agree to follow the terms of the Cisco
    software license: https://www.cisco.com/c/en/us/products/
    end-user-license-agreement.html

    Additionally, customers may only download software for which they have a
    valid license, procured from Cisco directly, or through a Cisco authorized
    reseller or partner. In most cases this will be a maintenance upgrade to
    software that was previously purchased. Free security software updates do
    not entitle customers to a new software license, additional software
    feature sets, or major revision upgrades.

    When considering software upgrades, customers are advised to regularly
    consult the advisories for Cisco products, which are available from the
    Cisco Security Advisories and Alerts page , to determine exposure and a
    complete upgrade solution.

    In all cases, customers should ensure that the devices to be upgraded
    contain sufficient memory and confirm that current hardware and software
    configurations will continue to be supported properly by the new release.
    If the information is not clear, customers are advised to contact the Cisco
    Technical Assistance Center (TAC) or their contracted maintenance
    providers.

    Customers Without Service Contracts

    Customers who purchase directly from Cisco but do not hold a Cisco service
    contract and customers who make purchases through third-party vendors but
    are unsuccessful in obtaining fixed software through their point of sale
    should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c
    /en/us/support/web/tsd-cisco-worldwide-contacts.html

    Customers should have the product serial number available and be prepared
    to provide the URL of this advisory as evidence of entitlement to a free
    upgrade.

    Fixed Releases

    Customers are advised to upgrade to an appropriate release as indicated in
    the applicable table in this section. In the following tables, the left
    column lists Cisco NX-OS Software releases. The right column indicates the
    first release that includes the fix for these vulnerabilities.

    Note: A complete fix for these vulnerabilities requires that a proper BIOS
    version is installed. Customers who are running an affected product that is
    listed in the previously disclosed Cisco advisory
    cisco-sa-20190306-nxos-sig-verif may not have upgraded the BIOS when the
    software was installed even if they are running a fixed software release.
    Customers are advised to confirm that the BIOS is running a fixed BIOS
    version (first fixed or later) as described in the previously disclosed
    advisory .

    Nexus 3000 Series Switches: CSCvj14182 , CSCvj14106 , CSCvj14093

    Cisco NX-OS Software Release First Fixed Release for These Vulnerabilities
    Prior to 6.0(2)              Not vulnerable
    6.0(2)                       Not vulnerable
    Prior to 7.0(3)I4            7.0(3)I7(5)
    7.0(3)I4                     7.0(3)I7(5)
    7.0(3)I5                     7.0(3)I7(5)
    7.0(3)I6                     7.0(3)I7(5)
    7.0(3)I7                     7.0(3)I7(5)
    9.2                          9.2(2)


    Nexus 3600 Platform Switches and Nexus 9500 R-Series Switching Platform: 
    CSCvk53256 , CSCvk53227 , CSCvk53125


    Cisco NX-OS Software Release First Fixed Release for These Vulnerabilities
    7.0(3)F3                     7.0(3)F3(5)
    9.2                          9.2(2)


    Nexus 9000 Series Switches in Standalone NX-OS Mode: CSCvj14182 , 
    CSCvj14106 , CSCvj14093


    Cisco NX-OS Software Release First Fixed Release for These Vulnerabilities
    Prior to 7.0(3)I4            7.0(3)I7(5)
    7.0(3)I4                     7.0(3)I7(5)
    7.0(3)I5                     7.0(3)I7(5)
    7.0(3)I6                     7.0(3)I7(5)
    7.0(3)I7                     7.0(3)I7(5)
    9.2                          9.2(2)

    Additional Resources

    For help determining the best Cisco NX-OS Software release for a Cisco
    Nexus Switch, administrators can refer to the following Recommended
    Releases documents. If a security advisory recommends a later release,
    Cisco recommends following the advisory guidance.

        Cisco MDS Series Switches
        Cisco Nexus 1000V for VMware Switch
        Cisco Nexus 3000 Series and 3500 Series Switches
        Cisco Nexus 5000 Series Switches
        Cisco Nexus 5500 Platform Switches
        Cisco Nexus 6000 Series Switches
        Cisco Nexus 7000 Series Switches
        Cisco Nexus 9000 Series Switches
        Cisco Nexus 9000 Series ACI-Mode Switches

    For help determining the best Cisco NX-OS Software release for Cisco UCS,
    refer to the Recommended Releases documents in the release notes for the
    device.

Exploitation and Public Announcements

  o The Cisco Product Security Incident Response Team (PSIRT) is not aware of
    any public announcements or malicious use of the vulnerabilities that are
    described in this advisory.

Source

  o These vulnerabilities were found during internal security testing.

Cisco Security Vulnerability Policy

  o To learn about Cisco security vulnerability disclosure policies and
    publications, see the Security Vulnerability Policy . This document also
    contains instructions for obtaining fixed software and receiving security
    vulnerability information from Cisco.

URL

  o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
    cisco-sa-20190515-nxos-sisv2

Revision History

  o +----------+---------------------------+----------+--------+--------------+
    | Version  |        Description        | Section  | Status |     Date     |
    +----------+---------------------------+----------+--------+--------------+
    | 1.0      | Initial public release.   | -        | Final  | 2019-May-15  |
    +----------+---------------------------+----------+--------+--------------+

- -------------------------------------------------------------------------------

Cisco NX-OS Software Arbitrary File Overwrite Vulnerability

Priority:        Medium

Advisory ID:     cisco-sa-20190515-nxos-file-write

First Published: 2019 May 15 16:00 GMT

Version 1.0:     Final

Workarounds:     No workarounds availableCisco Bug IDs:   CSCvh76022CSCvj03856

CVE-2019-1729    

CWE-20

CVSS Score:
6.7  AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X

Summary

  o 
    A vulnerability in the CLI implementation of a specific command used for
    image maintenance for Cisco NX-OS Software could allow an authenticated,
    local attacker to overwrite any file on the file system including system
    files. These file overwrites by the attacker are accomplished at the root 
    privilege level.

    The vulnerability occurs because there is no verification of user-input
    parameters and or digital-signature verification for image files when using
    a specific CLI command. An attacker could exploit this vulnerability by
    authenticating to the device and issuing a command at the CLI. Because an
    exploit could allow the attacker to overwrite any file on the disk,
    including system files, a denial of service (DoS) condition could occur.
    The attacker must have valid administrator credentials for the affected
    device to exploit this vulnerability.

    Cisco has released software updates that address this vulnerability. There
    are no workarounds that address this vulnerability.

    This advisory is available at the following link:
    https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
    cisco-sa-20190515-nxos-file-write

Affected Products

  o Vulnerable Products

    This vulnerability affects the following Cisco products if they are running
    a vulnerable release of Cisco NX-OS Software:

       Nexus 3000 Series Switches
       Nexus 3500 Platform Switches
       Nexus 3600 Platform Switches
       Nexus 9000 Series Switches in standalone NX-OS mode
       Nexus 9500 R-Series Switching Platform

    For information about which Cisco NX-OS Software releases are vulnerable,
    see the Fixed Software section of this advisory.

    Products Confirmed Not Vulnerable

    Only products listed in the Vulnerable Products section of this advisory
    are known to be affected by this vulnerability.

    Cisco has confirmed that this vulnerability does not affect the following
    Cisco products:

       Firepower 2100 Series
       Firepower 4100 Series
       Firepower 9300 Security Appliances
       MDS 9000 Series Multilayer Switches
       Nexus 1000V Switch for Microsoft Hyper-V
       Nexus 1000V Switch for VMware vSphere
       Nexus 5500 Platform Switches
       Nexus 5600 Platform Switches
       Nexus 6000 Series Switches
       Nexus 7000 Series Switches
       Nexus 7700 Series Switches
       Nexus 9000 Series Fabric Switches in Application Centric Infrastructure
        (ACI) mode
       UCS 6200 Series Fabric Interconnects
       UCS 6300 Series Fabric Interconnects
       UCS 6400 Series Fabric Interconnects

Workarounds

  o There are no workarounds that address this vulnerability.

Fixed Software

  o Cisco has released free software updates that address the vulnerabilities
    described in this advisory. Customers may only install and expect support
    for software versions and feature sets for which they have purchased a
    license. By installing, downloading, accessing, or otherwise using such
    software upgrades, customers agree to follow the terms of the Cisco
    software license: https://www.cisco.com/c/en/us/products/
    end-user-license-agreement.html

    Additionally, customers may only download software for which they have a
    valid license, procured from Cisco directly, or through a Cisco authorized
    reseller or partner. In most cases this will be a maintenance upgrade to
    software that was previously purchased. Free security software updates do
    not entitle customers to a new software license, additional software
    feature sets, or major revision upgrades.

    When considering software upgrades, customers are advised to regularly
    consult the advisories for Cisco products, which are available from the
    Cisco Security Advisories and Alerts page , to determine exposure and a
    complete upgrade solution.

    In all cases, customers should ensure that the devices to be upgraded
    contain sufficient memory and confirm that current hardware and software
    configurations will continue to be supported properly by the new release.
    If the information is not clear, customers are advised to contact the Cisco
    Technical Assistance Center (TAC) or their contracted maintenance
    providers.

    Customers Without Service Contracts

    Customers who purchase directly from Cisco but do not hold a Cisco service
    contract and customers who make purchases through third-party vendors but
    are unsuccessful in obtaining fixed software through their point of sale
    should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c
    /en/us/support/web/tsd-cisco-worldwide-contacts.html

    Customers should have the product serial number available and be prepared
    to provide the URL of this advisory as evidence of entitlement to a free
    upgrade.

    Fixed Releases

    No upgrade action is necessary for customers who have already applied a
    recommended release to address the March 2019 Cisco FXOS and NX-OS Software
    bundle. See Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software
    Security Advisory Bundled Publication for a list of advisories in the
    bundle.

    Customers who have not applied a recommended release to address the March
    2019 bundle are advised to upgrade to an appropriate release as indicated
    in the applicable table in this section. In the following tables, the left
    column lists Cisco NX-OS Software releases. The right column indicates the
    first release that includes the fix for this vulnerability.

    Nexus 3000 Series Switches, Nexus 3500 Platform Switches, and Nexus 9000
    Series Switches in Standalone NX-OS Mode: CSCvh76022

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    Prior to 7.0(3)I4              7.0(3)I4(9)
    7.0(3)I4                       7.0(3)I4(9)
    7.0(3)I7                       7.0(3)I7(4)
    9.2(1)                         Not vulnerable

    Nexus 3600 Platform Switches and Nexus 9500 R-Series Switching Platform: 
    CSCvj03856

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    7.0(3)                         7.0(3)F3(5)
    9.2                            Not vulnerable


    Additional Resources

    For help determining the best Cisco NX-OS Software release for a Cisco
    Nexus Switch, administrators can refer to the following Recommended
    Releases documents. If a security advisory recommends a later release,
    Cisco recommends following the advisory guidance.

        Cisco MDS Series Switches
        Cisco Nexus 1000V for VMware Switch
        Cisco Nexus 3000 Series and 3500 Series Switches
        Cisco Nexus 5000 Series Switches
        Cisco Nexus 5500 Platform Switches
        Cisco Nexus 6000 Series Switches
        Cisco Nexus 7000 Series Switches
        Cisco Nexus 9000 Series Switches
        Cisco Nexus 9000 Series ACI-Mode Switches

    For help determining the best Cisco NX-OS Software release for Cisco UCS,
    refer to the Recommended Releases documents in the release notes for the
    device.

Exploitation and Public Announcements

  o The Cisco Product Security Incident Response Team (PSIRT) is not aware of
    any public announcements or malicious use of the vulnerability that is
    described in this advisory.

Source

  o This vulnerability was found during internal security testing.

Cisco Security Vulnerability Policy

  o To learn about Cisco security vulnerability disclosure policies and
    publications, see the Security Vulnerability Policy . This document also
    contains instructions for obtaining fixed software and receiving security
    vulnerability information from Cisco.

URL

  o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
    cisco-sa-20190515-nxos-file-write

Revision History

  o +----------+---------------------------+----------+--------+--------------+
    | Version  |        Description        | Section  | Status |     Date     |
    +----------+---------------------------+----------+--------+--------------+
    | 1.0      | Initial public release.   | -        | Final  | 2019-May-15  |
    +----------+---------------------------+----------+--------+--------------+

- -------------------------------------------------------------------------------

Cisco NX-OS Software Bash Bypass Guest Shell Vulnerability

Priority:        Medium

Advisory ID:     cisco-sa-20190515-nxos-bash-bypass

First Published: 2019 May 15 16:00 GMT

Last Updated:    2019 May 20 14:00 GMT

Version 1.1:     Final

Workarounds:     No workarounds availableCisco Bug IDs:   CSCvh76090CSCvj01472CSCvj01497

CVE-2019-1730    

CWE-264

CVSS Score:
6.0  AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H/E:X/RL:X/RC:X

Summary

  o 
    A vulnerability in the Bash shell implementation for Cisco NX-OS Software
    could allow an authenticated, local attacker to bypass the limited command
    set of the restricted Guest Shell and execute commands at the privilege
    level of a network-admin user outside of the Guest Shell. The attacker must
    authenticate with valid administrator device credentials.

    The vulnerability is due to the incorrect implementation of a CLI command
    that allows a Bash command to be incorrectly invoked on the Guest Shell
    CLI. An attacker could exploit this vulnerability by authenticating to the
    device and entering a crafted command at the Guest Shell prompt. A
    successful exploit could allow the attacker to issue commands that should
    be restricted by a Guest Shell account.

    Cisco has released software updates that address this vulnerability. There
    are no workarounds that address this vulnerability.

    This advisory is available at the following link:
    https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
    cisco-sa-20190515-nxos-bash-bypass

Affected Products

  o Vulnerable Products

    This vulnerability affects the following Cisco products if they are running
    a vulnerable release of Cisco NX-OS Software:

       Nexus 3000 Series Switches
       Nexus 3500 Platform Switches
       Nexus 3600 Platform Switches
       Nexus 7000 Series Switches
       Nexus 7700 Series Switches
       Nexus 9000 Series Switches in standalone NX-OS mode
       Nexus 9500 R-Series Switching Platform

    For information about which Cisco NX-OS Software releases are vulnerable,
    see the Fixed Software section of this advisory.

    Products Confirmed Not Vulnerable

    Only products listed in the Vulnerable Products section of this advisory
    are known to be affected by this vulnerability.

    Cisco has confirmed that this vulnerability does not affect the following
    Cisco products:

       Firepower 2100 Series
       Firepower 4100 Series
       Firepower 9300 Security Appliances
       MDS 9000 Series Multilayer Switches
       Nexus 1000V Switch for Microsoft Hyper-V
       Nexus 1000V Switch for VMware vSphere
       Nexus 5500 Platform Switches
       Nexus 5600 Platform Switches
       Nexus 6000 Series Switches
       Nexus 9000 Series Fabric Switches in Application Centric Infrastructure
        (ACI) mode
       UCS 6200 Series Fabric Interconnects
       UCS 6300 Series Fabric Interconnects
       UCS 6400 Series Fabric Interconnects

Details

  o In addition to the NX-OS CLI, Cisco NX-OS Software can support access to
    the Bash shell, which interprets commands that a user enters or that are
    read from a shell script. Bash enables access to and is used to manage the
    underlying Linux system on the device. In Cisco NX-OS Software, the Bash
    shell is accessible from user accounts that are associated with the Cisco
    NX-OS dev-ops role or the Cisco NX-OS network-admin role.

    For additional information, customers can refer to the Bash chapter of the
    Cisco NX-OS Programmability Guide .

Workarounds

  o There are no workarounds that address this vulnerability.

Fixed Software

  o Cisco has released free software updates that address the vulnerability
    described in this advisory. Customers may only install and expect support
    for software versions and feature sets for which they have purchased a
    license. By installing, downloading, accessing, or otherwise using such
    software upgrades, customers agree to follow the terms of the Cisco
    software license: https://www.cisco.com/c/en/us/products/
    end-user-license-agreement.html

    Additionally, customers may only download software for which they have a
    valid license, procured from Cisco directly, or through a Cisco authorized
    reseller or partner. In most cases this will be a maintenance upgrade to
    software that was previously purchased. Free security software updates do
    not entitle customers to a new software license, additional software
    feature sets, or major revision upgrades.

    When considering software upgrades, customers are advised to regularly
    consult the advisories for Cisco products, which are available from the
    Cisco Security Advisories and Alerts page , to determine exposure and a
    complete upgrade solution.

    In all cases, customers should ensure that the devices to be upgraded
    contain sufficient memory and confirm that current hardware and software
    configurations will continue to be supported properly by the new release.
    If the information is not clear, customers are advised to contact the Cisco
    Technical Assistance Center (TAC) or their contracted maintenance
    providers.

    Customers Without Service Contracts

    Customers who purchase directly from Cisco but do not hold a Cisco service
    contract and customers who make purchases through third-party vendors but
    are unsuccessful in obtaining fixed software through their point of sale
    should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c
    /en/us/support/web/tsd-cisco-worldwide-contacts.html

    Customers should have the product serial number available and be prepared
    to provide the URL of this advisory as evidence of entitlement to a free
    upgrade.

    Fixed Releases

    No upgrade action is necessary for customers who have already applied a
    recommended release to address the March 2019 Cisco FXOS and NX-OS Software
    bundle. See Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software
    Security Advisory Bundled Publication for a list of advisories in the
    bundle.

    Customers who have not applied a recommended release to address the March
    2019 bundle are advised to upgrade to an appropriate release as indicated
    in the applicable table in this section. In the following tables, the left
    column lists Cisco NX-OS Software releases. The right column indicates the
    first release that includes the fix for this vulnerability.

    Nexus 3000 Series Switches, Nexus 3500 Platform Switches, and Nexus 9000
    Series Switches in Standalone NX-OS Mode: CSCvh76090

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    Prior to 7.0(3)I2              Not vulnerable
    7.0(3)I4                       7.0(3)I4(9)
    7.0(3)I7                       7.0(3)I7(4)
    9.2(1)                         Not vulnerable

    Nexus 3600 Platform Switches and Nexus 9500 R-Series Switching Platform : 
    CSCvj01497

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    7.0(3)                         7.0(3)F3(5)
    9.2                            Not vulnerable

    Nexus 7000 and 7700 Series Switches: CSCvj01472

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    Prior to 6.2                   Not vulnerable
    6.2                            Not vulnerable
    7.2                            Not vulnerable
    7.3                            Not vulnerable
    8.0                            Not vulnerable
    8.1                            8.2(3)
    8.2                            8.2(3)
    8.3                            8.3(1)


    Additional Resources

    For help determining the best Cisco NX-OS Software release for a Cisco
    Nexus Switch, administrators can refer to the following Recommended
    Releases documents. If a security advisory recommends a later release,
    Cisco recommends following the advisory guidance.

        Cisco MDS Series Switches
        Cisco Nexus 1000V for VMware Switch
        Cisco Nexus 3000 Series and 3500 Series Switches
        Cisco Nexus 5000 Series Switches
        Cisco Nexus 5500 Platform Switches
        Cisco Nexus 6000 Series Switches
        Cisco Nexus 7000 Series Switches
        Cisco Nexus 9000 Series Switches
        Cisco Nexus 9000 Series ACI-Mode Switches

    For help determining the best Cisco NX-OS Software release for Cisco UCS,
    refer to the Recommended Releases documents in the release notes for the
    device.

Exploitation and Public Announcements

  o The Cisco Product Security Incident Response Team (PSIRT) is not aware of
    any public announcements or malicious use of the vulnerability that is
    described in this advisory.

Source

  o This vulnerability was found during internal security testing.

Cisco Security Vulnerability Policy

  o To learn about Cisco security vulnerability disclosure policies and
    publications, see the Security Vulnerability Policy . This document also
    contains instructions for obtaining fixed software and receiving security
    vulnerability information from Cisco.

URL

  o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
    cisco-sa-20190515-nxos-bash-bypass

Revision History

  o +---------+---------------------------+------------+--------+-------------+
    | Version |        Description        |  Section   | Status |    Date     |
    +---------+---------------------------+------------+--------+-------------+
    | 1.1     | Update the N7K fixed      | Fixed      | Final  | 2019-May-20 |
    |         | release table.            | Software   |        |             |
    +---------+---------------------------+------------+--------+-------------+
    | 1.0     | Initial public release.   | -          | Final  | 2019-May-15 |
    +---------+---------------------------+------------+--------+-------------+

- -------------------------------------------------------------------------------

Cisco NX-OS Software Buffer Overflow and Command Injection Vulnerabilities

Priority:        Medium

Advisory ID:     cisco-sa-20190515-nxos-overflow-inj

First Published: 2019 May 15 16:00 GMT

Version 1.0:     Final

Workarounds:     No workarounds availableCisco Bug IDs:   CSCvh76129CSCvh76132CSCvj00497CSCvj10162

CVE-2019-1767    
CVE-2019-1768    

CWE-119
CWE-77

CVSS Score:
6.7  AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X

Summary

  o Multiple vulnerabilities in the implementation of a specific CLI command
    for Cisco NX-OS Software could allow an authenticated, local attacker with
    administrator credentials to cause a buffer overflow condition or perform
    command injection. This could allow the attacker to execute arbitrary
    commands with elevated privileges on the underlying operating system of an
    affected device.

    The vulnerabilities are due to insufficient validation of arguments passed
    to a certain CLI command. An attacker could exploit these vulnerabilities
    by including malicious input as the argument of the affected CLI command. A
    successful exploit could allow the attacker to execute arbitrary commands
    on the underlying operating system with root privileges. An attacker would
    need valid administrator credentials to exploit these vulnerabilities.

    Cisco has released software updates that address these vulnerabilities.
    There are no workarounds that address these vulnerabilities.

    This advisory is available at the following link:
    https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
    cisco-sa-20190515-nxos-overflow-inj

Affected Products

  o Vulnerable Products

    These vulnerabilities affect the following Cisco products if they are
    running a vulnerable release of Cisco NX-OS Software:

       Nexus 3000 Series Switches
       Nexus 3500 Platform Switches
       Nexus 3600 Platform Switches
       Nexus 9000 Series Switches in standalone NX-OS mode
       Nexus 9500 R-Series Switching Platform

    For information about which Cisco NX-OS Software releases are vulnerable,
    see the Fixed Software section of this advisory.

    Products Confirmed Not Vulnerable

    Only products listed in the Vulnerable Products section of this advisory
    are known to be affected by these vulnerabilities.

    Cisco has confirmed that these vulnerabilities do not affect the following
    Cisco products:

       Firepower 2100 Series
       Firepower 4100 Series
       Firepower 9300 Security Appliances
       MDS 9000 Series Multilayer Switches
       Nexus 1000V Switch for Microsoft Hyper-V
       Nexus 1000V Switch for VMware vSphere
       Nexus 5500 Platform Switches
       Nexus 5600 Platform Switches
       Nexus 6000 Series Switches
       Nexus 7000 Series Switches
       Nexus 7700 Series Switches
       Nexus 9000 Series Fabric Switches in Application Centric Infrastructure
        (ACI) mode
       UCS 6200 Series Fabric Interconnects
       UCS 6300 Series Fabric Interconnects
       UCS 6400 Series Fabric Interconnects

Workarounds

  o There are no workarounds that address these vulnerabilities.

Fixed Software

  o Cisco has released free software updates that address the vulnerabilities
    described in this advisory. Customers may only install and expect support
    for software versions and feature sets for which they have purchased a
    license. By installing, downloading, accessing, or otherwise using such
    software upgrades, customers agree to follow the terms of the Cisco
    software license: https://www.cisco.com/c/en/us/products/
    end-user-license-agreement.html

    Additionally, customers may only download software for which they have a
    valid license, procured from Cisco directly, or through a Cisco authorized
    reseller or partner. In most cases this will be a maintenance upgrade to
    software that was previously purchased. Free security software updates do
    not entitle customers to a new software license, additional software
    feature sets, or major revision upgrades.

    When considering software upgrades, customers are advised to regularly
    consult the advisories for Cisco products, which are available from the
    Cisco Security Advisories and Alerts page , to determine exposure and a
    complete upgrade solution.

    In all cases, customers should ensure that the devices to be upgraded
    contain sufficient memory and confirm that current hardware and software
    configurations will continue to be supported properly by the new release.
    If the information is not clear, customers are advised to contact the Cisco
    Technical Assistance Center (TAC) or their contracted maintenance
    providers.

    Customers Without Service Contracts

    Customers who purchase directly from Cisco but do not hold a Cisco service
    contract and customers who make purchases through third-party vendors but
    are unsuccessful in obtaining fixed software through their point of sale
    should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c
    /en/us/support/web/tsd-cisco-worldwide-contacts.html

    Customers should have the product serial number available and be prepared
    to provide the URL of this advisory as evidence of entitlement to a free
    upgrade.

    Fixed Releases

    No upgrade action is necessary for customers who have already applied a
    recommended release to address the March 2019 Cisco FXOS and NX-OS Software
    bundle. See Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software
    Security Advisory Bundled Publication for a list of advisories in the
    bundle.

    Customers who have not applied a recommended release to address the March
    2019 bundle are advised to upgrade to an appropriate release as indicated
    in the applicable table in this section. In the following tables, the left
    column lists Cisco NX-OS Software releases. The right column indicates the
    first release that includes the fix for these vulnerabilities.

    Nexus 3000 Series Switches, Nexus 3500 Platform Switches, and Nexus 9000
    Series Switches in Standalone NX-OS Mode: CSCvh76132 and CSCvh76129

    Cisco NX-OS Software Release First Fixed Release for These Vulnerabilities
    Prior to 7.0(3)I4            7.0(3)I4(8)
    7.0(3)I4                     7.0(3)I4(8)
    7.0(3)I7                     7.0(3)I7(3)
    9.2(1)                       Not vulnerable

    Nexus 3600 Platform Switches and Nexus 9500 R-Series Switching Platform: 
    CSCvj00497 and CSCvj10162

    Cisco NX-OS Software Release First Fixed Release for These Vulnerabilities
    7.0(3)                       7.0(3)F3(5)
    9.2                          Not vulnerable


    Additional Resources

    For help determining the best Cisco NX-OS Software release for a Cisco
    Nexus Switch, administrators can refer to the following Recommended
    Releases documents. If a security advisory recommends a later release,
    Cisco recommends following the advisory guidance.

        Cisco MDS Series Switches
        Cisco Nexus 1000V for VMware Switch
        Cisco Nexus 3000 Series and 3500 Series Switches
        Cisco Nexus 5000 Series Switches
        Cisco Nexus 5500 Platform Switches
        Cisco Nexus 6000 Series Switches
        Cisco Nexus 7000 Series Switches
        Cisco Nexus 9000 Series Switches
        Cisco Nexus 9000 Series ACI-Mode Switches

    For help determining the best Cisco NX-OS Software release for Cisco UCS,
    refer to the Recommended Releases documents in the release notes for the
    device.

Exploitation and Public Announcements

  o The Cisco Product Security Incident Response Team (PSIRT) is not aware of
    any public announcements or malicious use of the vulnerabilities that are
    described in this advisory.

Source

  o These vulnerabilities were found during internal security testing.

Cisco Security Vulnerability Policy

  o To learn about Cisco security vulnerability disclosure policies and
    publications, see the Security Vulnerability Policy . This document also
    contains instructions for obtaining fixed software and receiving security
    vulnerability information from Cisco.

URL

  o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
    cisco-sa-20190515-nxos-overflow-inj

Revision History

  o +----------+---------------------------+----------+--------+--------------+
    | Version  |        Description        | Section  | Status |     Date     |
    +----------+---------------------------+----------+--------+--------------+
    | 1.0      | Initial public release.   | -        | Final  | 2019-May-15  |
    +----------+---------------------------+----------+--------+--------------+

- -------------------------------------------------------------------------------

Cisco NX-OS Software CLI Bypass to Internal Service Vulnerability

Priority:        Medium

Advisory ID:     cisco-sa-20190515-nxos-cli-bypass

First Published: 2019 May 15 16:00 GMT

Version 1.0:     Final

Workarounds:     No workarounds available

CVE-2019-1726    

CWE-20

CVSS Score:
5.3  AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:X/RL:X/RC:X

Summary

  o 
    A vulnerability in the CLI of Cisco NX-OS Software could allow an
    authenticated, local attacker to access internal services that should be
    restricted on an affected device, such as the NX-API.

    The vulnerability is due to insufficient validation of arguments passed to
    a certain CLI command. An attacker could exploit this vulnerability by
    including malicious input as the argument to the affected command. A
    successful exploit could allow the attacker to bypass intended restrictions
    and access internal services of the device. An attacker would need valid
    device credentials to exploit this vulnerability.

    Cisco has released software updates that address this vulnerability. There
    are no workarounds that address this vulnerability.

    This advisory is available at the following link:
    https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
    cisco-sa-20190515-nxos-cli-bypass

Affected Products

  o Vulnerable Products

    This vulnerability affects the following Cisco products if they are running
    a vulnerable release of Cisco NX-OS Software:

       MDS 9000 Series Multilayer Switches
       Nexus 3000 Series Switches
       Nexus 3500 Platform Switches
       Nexus 3600 Platform Switches
       Nexus 5500 Platform Switches
       Nexus 5600 Platform Switches
       Nexus 6000 Series Switches
       Nexus 7000 Series Switches
       Nexus 7700 Series Switches
       Nexus 9000 Series Switches in standalone NX-OS mode
       Nexus 9500 R-Series Switching Platform
       UCS 6200 Series Fabric Interconnects
       UCS 6300 Series Fabric Interconnects
       UCS 6400 Series Fabric Interconnects

    For information about which Cisco NX-OS Software releases are vulnerable,
    see the Fixed Software section of this advisory.

    Products Confirmed Not Vulnerable

    Only products listed in the Vulnerable Products section of this advisory
    are known to be affected by this vulnerability.

    Cisco has confirmed that this vulnerability does not affect the following
    Cisco products:

       Firepower 2100 Series
       Firepower 4100 Series
       Firepower 9300 Security Appliances
       Nexus 1000V Switch for Microsoft Hyper-V
       Nexus 1000V Switch for VMware vSphere
       Nexus 9000 Series Fabric Switches in Application Centric Infrastructure
        (ACI) mode

Workarounds

  o There are no workarounds that address this vulnerability.

Fixed Software

  o Cisco has released free software updates that address the vulnerability
    described in this advisory. Customers may only install and expect support
    for software versions and feature sets for which they have purchased a
    license. By installing, downloading, accessing, or otherwise using such
    software upgrades, customers agree to follow the terms of the Cisco
    software license: https://www.cisco.com/c/en/us/products/
    end-user-license-agreement.html

    Additionally, customers may only download software for which they have a
    valid license, procured from Cisco directly, or through a Cisco authorized
    reseller or partner. In most cases this will be a maintenance upgrade to
    software that was previously purchased. Free security software updates do
    not entitle customers to a new software license, additional software
    feature sets, or major revision upgrades.

    When considering software upgrades, customers are advised to regularly
    consult the advisories for Cisco products, which are available from the
    Cisco Security Advisories and Alerts page , to determine exposure and a
    complete upgrade solution.

    In all cases, customers should ensure that the devices to be upgraded
    contain sufficient memory and confirm that current hardware and software
    configurations will continue to be supported properly by the new release.
    If the information is not clear, customers are advised to contact the Cisco
    Technical Assistance Center (TAC) or their contracted maintenance
    providers.

    Customers Without Service Contracts

    Customers who purchase directly from Cisco but do not hold a Cisco service
    contract and customers who make purchases through third-party vendors but
    are unsuccessful in obtaining fixed software through their point of sale
    should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c
    /en/us/support/web/tsd-cisco-worldwide-contacts.html

    Customers should have the product serial number available and be prepared
    to provide the URL of this advisory as evidence of entitlement to a free
    upgrade.

    Fixed Releases

    No upgrade action is necessary for customers who have already applied a
    recommended release to address the March 2019 Cisco FXOS and NX-OS Software
    bundle. See Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software
    Security Advisory Bundled Publication for a list of advisories in the
    bundle.

    Customers who have not applied a recommended release to address the March
    2019 bundle are advised to upgrade to an appropriate release as indicated
    in the applicable table in this section. In the following tables, the left
    column lists Cisco NX-OS Software releases. The right column indicates the
    first release that includes the fix for this vulnerability.

    MDS 9000 Series Multilayer Switches: CSCvi99248

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    5.2                            6.2(25)
    6.2                            6.2(25)
    7.3                            8.3(2)
    8.1                            8.3(2)
    8.2                            8.3(2)
    8.3                            8.3(2)

    Nexus 3000 Series Switches and Nexus 9000 Series Switches in Standalone
    NX-OS Mode: CSCvh24771

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    Prior to 7.0(3)I7              7.0(3)I7(3)
    7.0(3)I7                       7.0(3)I7(3)
    9.2(1)                         Not vulnerable

    Nexus 3500 Platform Switches: CSCvi99250

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    Prior to 6.0(2)A8              6.0(2)A8(11)
    6.0(2)A8                       6.0(2)A8(11)
    7.0(3)                         7.0(3)I7(3)
    9.2                            Not vulnerable

    Nexus 3600 Platform Switches and Nexus 9500 R-Series Switching Platform: 
    CSCvi99247

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    7.0(3)                         9.2(1)
    9.2                            9.2(1)

    Nexus 5500, 5600, and 6000 Series Switches: CSCvi99251

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    Prior to 7.3                   7.3(4)N1(1)
    7.3                            7.3(4)N1(1)

    Nexus 7000 and 7700 Series Switches: CSCvi99248

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    Prior to 6.2                   6.2(22)
    6.2                            6.2(22)
    7.2                            7.3(3)D1(1)
    7.3                            7.3(3)D1(1)
    8.0                            8.3(2)
    8.1                            8.3(2)
    8.2                            8.3(2)
    8.3                            8.3(2)

    UCS 6200, 6300, and 6400 Series Fabric Interconnects: CSCvi99252 and 
    CSCvn11851

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    Prior to 4.0                   4.0(1d)
    4.0                            4.0(1d)


    Additional Resources

    For help determining the best Cisco NX-OS Software release for a Cisco
    Nexus Switch, administrators can refer to the following Recommended
    Releases documents. If a security advisory recommends a later release,
    Cisco recommends following the advisory guidance.

        Cisco MDS Series Switches
        Cisco Nexus 1000V for VMware Switch
        Cisco Nexus 3000 Series and 3500 Series Switches
        Cisco Nexus 5000 Series Switches
        Cisco Nexus 5500 Platform Switches
        Cisco Nexus 6000 Series Switches
        Cisco Nexus 7000 Series Switches
        Cisco Nexus 9000 Series Switches
        Cisco Nexus 9000 Series ACI-Mode Switches

    For help determining the best Cisco NX-OS Software release for Cisco UCS,
    refer to the Recommended Releases documents in the release notes for the
    device.

Exploitation and Public Announcements

  o The Cisco Product Security Incident Response Team (PSIRT) is not aware of
    any public announcements or malicious use of the vulnerability that is
    described in this advisory.

Source

  o This vulnerability was found during internal security testing.

Cisco Security Vulnerability Policy

  o To learn about Cisco security vulnerability disclosure policies and
    publications, see the Security Vulnerability Policy . This document also
    contains instructions for obtaining fixed software and receiving security
    vulnerability information from Cisco.

URL

  o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
    cisco-sa-20190515-nxos-cli-bypass

Revision History

  o +----------+---------------------------+----------+--------+--------------+
    | Version  |        Description        | Section  | Status |     Date     |
    +----------+---------------------------+----------+--------+--------------+
    | 1.0      | Initial public release.   | -        | Final  | 2019-May-15  |
    +----------+---------------------------+----------+--------+--------------+

- -------------------------------------------------------------------------------

Cisco NX-OS Software Command Injection Vulnerabilities (CVE-2019-1774,
CVE-2019-1775)

Priority:        Medium

Advisory ID:     cisco-sa-20190515-nxos-cmdinj-1774-1775

First Published: 2019 May 15 16:00 GMT

Version 1.0:     Final

Workarounds:     No workarounds availableCisco Bug IDs:   CSCvh75895 CSCvh75909 CSCvh75968 CSCvh75976CSCvi92256 CSCvi92258 CSCvi92260 CSCvi99195CSCvi99197 CSCvi99198

CVE-2019-1774    
CVE-2019-1775    

CWE-78

CVSS Score:
6.7  AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X

Summary

  o Multiple vulnerabilities in the CLI of Cisco NX-OS Software could allow an
    authenticated, local attacker to execute arbitrary commands on the
    underlying operating system of an affected device.

    These vulnerabilities are due to insufficient validation of arguments
    passed to certain CLI commands. An attacker could exploit these
    vulnerabilities by including malicious input as the argument of an affected
    command. A successful exploit could allow the attacker to execute arbitrary
    commands on the underlying operating system with elevated privileges. An
    attacker would need valid administrator credentials to exploit these
    vulnerabilities.

    Cisco has released software updates that address these vulnerabilities.
    There are no workarounds that address these vulnerabilities.

    This advisory is available at the following link:
    https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
    cisco-sa-20190515-nxos-cmdinj-1774-1775

Affected Products

  o Vulnerable Products

    These vulnerabilities affect the following Cisco products if they are
    running a vulnerable release of Cisco NX-OS Software:

       MDS 9000 Series Multilayer Switches
       Nexus 3000 Series Switches
       Nexus 3500 Platform Switches
       Nexus 3600 Platform Switches
       Nexus 5500 Platform Switches
       Nexus 5600 Platform Switches
       Nexus 6000 Series Switches
       Nexus 7000 Series Switches
       Nexus 7700 Series Switches
       Nexus 9000 Series Switches in standalone NX-OS mode
       Nexus 9500 R-Series Switching Platform
    For information about which Cisco NX-OS Software releases are vulnerable,
    see the Fixed Software section of this advisory.

    Products Confirmed Not Vulnerable

    Only products listed in the Vulnerable Products section of this advisory
    are known to be affected by these vulnerabilities.

    Cisco has confirmed that these vulnerabilities do not affect the following
    Cisco products:

       Firepower 2100 Series
       Firepower 4100 Series
       Firepower 9300 Security Appliances
       Nexus 1000V Switch for Microsoft Hyper-V
       Nexus 1000V Switch for VMware vSphere
       Nexus 9000 Series Fabric Switches in Application Centric Infrastructure
        (ACI) mode
       UCS 6200 Series Fabric Interconnects
       UCS 6300 Series Fabric Interconnects
       UCS 6400 Series Fabric Interconnects

Details

  o Cisco has disclosed several similar CLI command injection vulnerabilities.
    They differ primarily in affected products and software versions. This
    table shows the affected products for each vulnerability by Cisco bug ID
    and CVE ID.

    Security        FP 4100/   MDS 9K/    N1000V     N3K/N3500/ N3600/     N5500K/    UCS 6200/
    Advisory        9300       N7K/       MS/VM      N9K-NXOS   N9500R     N5600/     UCS 6300
                               N7700 ^1                                    N6K        UCS 6400 ^
                                                                                      2
    Cisco NX-OS     N/A        CSCvj63728 CSCvk52969 CSCvj63877 CSCvk52988 CSCvk52972 CSCvk52975
    Software                              CSCvk52985 CSCvk52971
    Command
    Injection
    Vulnerability
    (CVE-2019-1735)
    Cisco NX-OS     N/A        N/A        N/A        CSCvh20032 CSCvj00299 N/A        N/A
    Software Line
    Card Command
    Injection
    Vulnerability
    (CVE-2019-1769)
    Cisco NX-OS     N/A        CSCvh75867 CSCvi92240 CSCvh75958 CSCvi92239 CSCvi92243 N/A
    Software                   ^1         CSCvk36294 CSCvi92242
    Command
    Injection
    Vulnerability
    (CVE-2019-1770)
    Cisco NX-OS     N/A        CSCvh75895 N/A        CSCvh75968 CSCvi99195 CSCvi99198 N/A
    Software                   CSCvh75909            CSCvh75976 CSCvi92256 CSCvi92260
    Command                                          CSCvi99197
    Injection                                        CSCvi92258
    Vulnerabilities
    (CVE-2019-1774,
    CVE-2019-1775)
    Cisco NX-OS     N/A        CSCvh20081 N/A        CSCvh20076 CSCvi96429 CSCvi96432 CSCvi96433
    Software                                         CSCvi96431                       ^2
    Command
    Injection
    Vulnerability
    (CVE-2019-1776)
    Cisco NX-OS     N/A        N/A        N/A        CSCvh75996 CSCvj03877 N/A        N/A
    Software
    Command
    Injection
    Vulnerability
    (CVE-2019-1778)
    Cisco FXOS and  CSCvj00418 CSCve51688 N/A        CSCvh76126 CSCvj00412 CSCvj00416 N/A
    NX-OS Software
    Command
    Injection
    Vulnerability
    (CVE-2019-1779)
    Cisco FXOS and  CSCvi92332 CSCvi01440 N/A        CSCvi01431 CSCvi92326 CSCvi92329 N/A
    NX-OS Software                                   CSCvi92328
    Command
    Injection
    Vulnerability
    (CVE-2019-1780)
    Cisco FXOS and  CSCvi96527 CSCvi01448 N/A        CSCvi01445 CSCvi96522 CSCvi96525 CSCvi96526
    NX-OS Software  CSCvi92130 CSCvh20389            CSCvh20027 CSCvi91985 CSCvi92128 ^2
    Command                                          CSCvi96524                       CSCvi92129
    Injection                                        CSCvi92126                       ^2
    Vulnerabilities
    (CVE-2019-1781,
    CVE-2019-1782)
    Cisco NX-OS     N/A        CSCvi42281 N/A        N/A        N/A        CSCvj03966 N/A
    Software                   ^1
    Command
    Injection
    Vulnerability
    (CVE-2019-1783)
    Cisco NX-OS     N/A        CSCvi42292 N/A        N/A        N/A        CSCvj12273 CSCvj12274
    Software                   ^1                                                     ^2
    Command
    Injection
    Vulnerability
    (CVE-2019-1784)
    Cisco NX-OS     N/A        CSCvh20112 N/A        CSCvh20096 CSCvi96504 CSCvi96509 CSCvi96510
    Software                                                                          ^2
    Command
    Injection
    Vulnerability
    (CVE-2019-1790)
    Cisco NX-OS     N/A        CSCvj63667 N/A        CSCvj63270 CSCvk50889 CSCvk50876 N/A
    Software                                         CSCvk50873
    Command
    Injection
    Vulnerability
    (CVE-2019-1791)
    Cisco FXOS and  CSCvh66259 CSCvh20359 CSCvh66257 CSCvh20029 CSCvh66202 CSCvh66214 CSCvh66243
    NX-OS Software                        CSCvk30761 CSCvh66219                       ^2
    Command
    Injection
    Vulnerability
    (CVE-2019-1795)

    1. CSCvh75867, CSCvi42281, and CSCvi42292 apply to only Nexus 7000 Series
    and Nexus 7700 Series Switches. The MDS 9000 Series Multilayer Switches are
    not affected by these vulnerabilities.
    2. CSCvk52975 applies to UCS 6200, 6300, and 6400. For all other UCS
    defects, only UCS 6200 and 6300 are affected (and UCS 6400 is not
    affected).

Workarounds

  o There are no workarounds that address these vulnerabilities.

Fixed Software

  o Cisco has released free software updates that address the vulnerabilities
    described in this advisory. Customers may only install and expect support
    for software versions and feature sets for which they have purchased a
    license. By installing, downloading, accessing, or otherwise using such
    software upgrades, customers agree to follow the terms of the Cisco
    software license: https://www.cisco.com/c/en/us/products/
    end-user-license-agreement.html

    Additionally, customers may only download software for which they have a
    valid license, procured from Cisco directly, or through a Cisco authorized
    reseller or partner. In most cases this will be a maintenance upgrade to
    software that was previously purchased. Free security software updates do
    not entitle customers to a new software license, additional software
    feature sets, or major revision upgrades.

    When considering software upgrades, customers are advised to regularly
    consult the advisories for Cisco products, which are available from the
    Cisco Security Advisories and Alerts page , to determine exposure and a
    complete upgrade solution.

    In all cases, customers should ensure that the devices to be upgraded
    contain sufficient memory and confirm that current hardware and software
    configurations will continue to be supported properly by the new release.
    If the information is not clear, customers are advised to contact the Cisco
    Technical Assistance Center (TAC) or their contracted maintenance
    providers.

    Customers Without Service Contracts

    Customers who purchase directly from Cisco but do not hold a Cisco service
    contract and customers who make purchases through third-party vendors but
    are unsuccessful in obtaining fixed software through their point of sale
    should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c
    /en/us/support/web/tsd-cisco-worldwide-contacts.html

    Customers should have the product serial number available and be prepared
    to provide the URL of this advisory as evidence of entitlement to a free
    upgrade.

    Fixed Releases

    No upgrade action is necessary for customers who have already applied a
    recommended release to address the March 2019 Cisco FXOS and NX-OS Software
    bundle. See Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software
    Security Advisory Bundled Publication for a list of advisories in the
    bundle.

    Customers who have not applied a recommended release to address the March
    2019 bundle are advised to upgrade to an appropriate release as indicated
    in the applicable table in this section. In the following tables, the left
    column lists Cisco NX-OS Software releases. The right column indicates the
    first release that includes the fix for the vulnerabilities that are
    described in this advisory.

    MDS 9000 Series Multilayer Switches: CSCvh75895 and CSCvh75909

    Cisco NX-OS Software Release First Fixed Release for These Vulnerabilities
    5.2                          6.2(25)
    6.2                          6.2(25)
    7.3                          8.1(1b)
    8.1                          8.1(1b)
    8.2                          8.3(1)
    8.3                          8.3(1)

    Nexus 3000 Series Switches and Nexus 9000 Series Switches in Standalone
    NX-OS Mode: CSCvh75968 and CSCvh75976

    Cisco NX-OS Software Release First Fixed Release for These Vulnerabilities
    Prior to 7.0(3)I4            7.0(3)I4(9)
    7.0(3)I4                     7.0(3)I4(9)
    7.0(3)I7                     7.0(3)I7(4)
    9.2(1)                       Not vulnerable

    Nexus 3500 Platform Switches: CSCvi99197 and CSCvi92258

    Cisco NX-OS Software Release First Fixed Release for These Vulnerabilities
    Prior to 6.0(2)A8            6.0(2)A8(11)
    6.0(2)A8                     6.0(2)A8(11)
    7.0(3)I4                     7.0(3)I4(9)
    7.0(3)I7                     7.0(3)I7(4)
    9.2                          Not vulnerable

    Nexus 3600 Platform Switches and Nexus 9500 R-Series Switching Platform: 
    CSCvi99195 and CSCvi92256

    Cisco NX-OS Software Release First Fixed Release for These Vulnerabilities
    7.0(3)                       7.0(3)F3(5)
    9.2                          Not vulnerable

    Nexus 5500, 5600, and 6000 Series Switches: CSCvi99198 and CSCvi92260

    Cisco NX-OS Software Release First Fixed Release for These Vulnerabilities
    Prior to 7.3                 7.3(4)N1(1)
    7.3                          7.3(4)N1(1)

    Nexus 7000 and 7700 Series Switches: CSCvh75895 and CSCvh75909

    Cisco NX-OS Software Release First Fixed Release for These Vulnerabilities
    Prior to 6.2                 6.2(22)
    6.2                          6.2(22)
    7.2                          7.3(3)D1(1)
    7.3                          7.3(3)D1(1)
    8.0                          8.3(1)
    8.1                          8.3(1)
    8.2                          8.3(1)
    8.3                          8.3(1)


    Additional Resources

    For help determining the best Cisco NX-OS Software release for a Cisco
    Nexus Switch, administrators can refer to the following Recommended
    Releases documents. If a security advisory recommends a later release,
    Cisco recommends following the advisory guidance.

        Cisco MDS Series Switches
        Cisco Nexus 1000V for VMware Switch
        Cisco Nexus 3000 Series and 3500 Series Switches
        Cisco Nexus 5000 Series Switches
        Cisco Nexus 5500 Platform Switches
        Cisco Nexus 6000 Series Switches
        Cisco Nexus 7000 Series Switches
        Cisco Nexus 9000 Series Switches
        Cisco Nexus 9000 Series ACI-Mode Switches

    For help determining the best Cisco NX-OS Software release for Cisco UCS,
    refer to the Recommended Releases documents in the release notes for the
    device.

Exploitation and Public Announcements

  o The Cisco Product Security Incident Response Team (PSIRT) is not aware of
    any public announcements or malicious use of the vulnerabilities that are
    described in this advisory.

Source

  o These vulnerabilities were found during internal security testing.

Cisco Security Vulnerability Policy

  o To learn about Cisco security vulnerability disclosure policies and
    publications, see the Security Vulnerability Policy . This document also
    contains instructions for obtaining fixed software and receiving security
    vulnerability information from Cisco.

URL

  o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
    cisco-sa-20190515-nxos-cmdinj-1774-1775

Revision History

  o +----------+---------------------------+----------+--------+--------------+
    | Version  |        Description        | Section  | Status |     Date     |
    +----------+---------------------------+----------+--------+--------------+
    | 1.0      | Initial public release.   | -        | Final  | 2019-May-15  |
    +----------+---------------------------+----------+--------+--------------+

- -------------------------------------------------------------------------------

Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1735)

Priority:        Medium

Advisory ID:     cisco-sa-20190515-nxos-cmdinj-1735

First Published: 2019 May 15 16:00 GMT

Version 1.0:     Final

Workarounds:     No workarounds availableCisco Bug IDs:   CSCvj63728 CSCvj63877 CSCvk52969 CSCvk52971CSCvk52972 CSCvk52975 CSCvk52985 CSCvk52988

CVE-2019-1735    

CWE-77

CVSS Score:
4.4  AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:X/RL:X/RC:X

Summary

  o A vulnerability in the CLI of Cisco NX-OS Software could allow an
    authenticated, local attacker to execute arbitrary commands with elevated
    privileges on the underlying operating system of an affected device.

    The vulnerability is due to insufficient validation of arguments passed to
    certain CLI commands. An attacker could exploit this vulnerability by
    including malicious input as the argument of an affected command. A
    successful exploit could allow the attacker to execute arbitrary commands
    on the underlying operating system with elevated privileges. An attacker
    would need valid user credentials to exploit this vulnerability.

    Cisco has released software updates that address this vulnerability. There
    are no workarounds that address this vulnerability.

    This advisory is available at the following link:
    https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
    cisco-sa-20190515-nxos-cmdinj-1735

Affected Products

  o Vulnerable Products

    This vulnerability affects the following Cisco products if they are running
    a vulnerable release of Cisco NX-OS Software:

       MDS 9000 Series Multilayer Switches
       Nexus 1000 Virtual Edge
       Nexus 1000V Switch for Microsoft Hyper-V
       Nexus 1000V Switch for VMware vSphere
       Nexus 3000 Series Switches
       Nexus 3500 Platform Switches
       Nexus 3600 Platform Switches
       Nexus 5500 Platform Switches
       Nexus 5600 Platform Switches
       Nexus 6000 Series Switches
       Nexus 7000 Series Switches
       Nexus 7700 Series Switches
       Nexus 9000 Series Switches in standalone NX-OS mode
       Nexus 9500 R-Series Switching Platform
       UCS 6200 Series Fabric Interconnects
       UCS 6300 Series Fabric Interconnects
       UCS 6400 Series Fabric Interconnects

    For information about which Cisco NX-OS Software releases are vulnerable,
    see the Fixed Software section of this advisory.

    Products Confirmed Not Vulnerable

    Only products listed in the Vulnerable Products section of this advisory
    are known to be affected by this vulnerability.

    Cisco has confirmed that this vulnerability does not affect the following
    Cisco products:

       Firepower 2100 Series
       Firepower 4100 Series
       Firepower 9300 Security Appliances
       Nexus 9000 Series Fabric Switches in Application Centric Infrastructure
        (ACI) mode

Details

  o Cisco has disclosed several similar CLI command injection vulnerabilities.
    They differ primarily in affected products and software versions. This
    table shows the affected products for each vulnerability by Cisco bug ID
    and CVE ID.

    Security        FP 4100/   MDS 9K/    N1000V     N3K/N3500/ N3600/     N5500K/    UCS 6200/
    Advisory        9300       N7K/       MS/VM      N9K-NXOS   N9500R     N5600/     UCS 6300
                               N7700 ^1                                    N6K        UCS 6400 ^
                                                                                      2
    Cisco NX-OS     N/A        CSCvj63728 CSCvk52969 CSCvj63877 CSCvk52988 CSCvk52972 CSCvk52975
    Software                              CSCvk52985 CSCvk52971
    Command
    Injection
    Vulnerability
    (CVE-2019-1735)
    Cisco NX-OS     N/A        N/A        N/A        CSCvh20032 CSCvj00299 N/A        N/A
    Software Line
    Card Command
    Injection
    Vulnerability
    (CVE-2019-1769)
    Cisco NX-OS     N/A        CSCvh75867 CSCvi92240 CSCvh75958 CSCvi92239 CSCvi92243 N/A
    Software                   ^1         CSCvk36294 CSCvi92242
    Command
    Injection
    Vulnerability
    (CVE-2019-1770)
    Cisco NX-OS     N/A        CSCvh75895 N/A        CSCvh75968 CSCvi99195 CSCvi99198 N/A
    Software                   CSCvh75909            CSCvh75976 CSCvi92256 CSCvi92260
    Command                                          CSCvi99197
    Injection                                        CSCvi92258
    Vulnerabilities
    (CVE-2019-1774,
    CVE-2019-1775)
    Cisco NX-OS     N/A        CSCvh20081 N/A        CSCvh20076 CSCvi96429 CSCvi96432 CSCvi96433
    Software                                         CSCvi96431                       ^2
    Command
    Injection
    Vulnerability
    (CVE-2019-1776)
    Cisco NX-OS     N/A        N/A        N/A        CSCvh75996 CSCvj03877 N/A        N/A
    Software
    Command
    Injection
    Vulnerability
    (CVE-2019-1778)
    Cisco FXOS and  CSCvj00418 CSCve51688 N/A        CSCvh76126 CSCvj00412 CSCvj00416 N/A
    NX-OS Software
    Command
    Injection
    Vulnerability
    (CVE-2019-1779)
    Cisco FXOS and  CSCvi92332 CSCvi01440 N/A        CSCvi01431 CSCvi92326 CSCvi92329 N/A
    NX-OS Software                                   CSCvi92328
    Command
    Injection
    Vulnerability
    (CVE-2019-1780)
    Cisco FXOS and  CSCvi96527 CSCvi01448 N/A        CSCvi01445 CSCvi96522 CSCvi96525 CSCvi96526
    NX-OS Software  CSCvi92130 CSCvh20389            CSCvh20027 CSCvi91985 CSCvi92128 ^2
    Command                                          CSCvi96524                       CSCvi92129
    Injection                                        CSCvi92126                       ^2
    Vulnerabilities
    (CVE-2019-1781,
    CVE-2019-1782)
    Cisco NX-OS     N/A        CSCvi42281 N/A        N/A        N/A        CSCvj03966 N/A
    Software                   ^1
    Command
    Injection
    Vulnerability
    (CVE-2019-1783)
    Cisco NX-OS     N/A        CSCvi42292 N/A        N/A        N/A        CSCvj12273 CSCvj12274
    Software                   ^1                                                     ^2
    Command
    Injection
    Vulnerability
    (CVE-2019-1784)
    Cisco NX-OS     N/A        CSCvh20112 N/A        CSCvh20096 CSCvi96504 CSCvi96509 CSCvi96510
    Software                                                                          ^2
    Command
    Injection
    Vulnerability
    (CVE-2019-1790)
    Cisco NX-OS     N/A        CSCvj63667 N/A        CSCvj63270 CSCvk50889 CSCvk50876 N/A
    Software                                         CSCvk50873
    Command
    Injection
    Vulnerability
    (CVE-2019-1791)
    Cisco FXOS and  CSCvh66259 CSCvh20359 CSCvh66257 CSCvh20029 CSCvh66202 CSCvh66214 CSCvh66243
    NX-OS Software                        CSCvk30761 CSCvh66219                       ^2
    Command
    Injection
    Vulnerability
    (CVE-2019-1795)

    1. CSCvh75867, CSCvi42281, and CSCvi42292 apply to only Nexus 7000 Series
    and Nexus 7700 Series Switches. The MDS 9000 Series Multilayer Switches are
    not affected by these vulnerabilities.
    2. CSCvk52975 applies to UCS 6200, 6300, and 6400. For all other UCS
    defects, only UCS 6200 and 6300 are affected (and UCS 6400 is not
    affected).

Workarounds

  o There are no workarounds that address this vulnerability.

Fixed Software

  o Cisco has released free software updates that address the vulnerability
    described in this advisory. Customers may only install and expect support
    for software versions and feature sets for which they have purchased a
    license. By installing, downloading, accessing, or otherwise using such
    software upgrades, customers agree to follow the terms of the Cisco
    software license: https://www.cisco.com/c/en/us/products/
    end-user-license-agreement.html

    Additionally, customers may only download software for which they have a
    valid license, procured from Cisco directly, or through a Cisco authorized
    reseller or partner. In most cases this will be a maintenance upgrade to
    software that was previously purchased. Free security software updates do
    not entitle customers to a new software license, additional software
    feature sets, or major revision upgrades.

    When considering software upgrades, customers are advised to regularly
    consult the advisories for Cisco products, which are available from the
    Cisco Security Advisories and Alerts page , to determine exposure and a
    complete upgrade solution.

    In all cases, customers should ensure that the devices to be upgraded
    contain sufficient memory and confirm that current hardware and software
    configurations will continue to be supported properly by the new release.
    If the information is not clear, customers are advised to contact the Cisco
    Technical Assistance Center (TAC) or their contracted maintenance
    providers.

    Customers Without Service Contracts

    Customers who purchase directly from Cisco but do not hold a Cisco service
    contract and customers who make purchases through third-party vendors but
    are unsuccessful in obtaining fixed software through their point of sale
    should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c
    /en/us/support/web/tsd-cisco-worldwide-contacts.html

    Customers should have the product serial number available and be prepared
    to provide the URL of this advisory as evidence of entitlement to a free
    upgrade.

    Fixed Releases

    No upgrade action is necessary for customers who have already applied a
    recommended release to address the March 2019 Cisco FXOS and NX-OS Software
    bundle. See Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software
    Security Advisory Bundled Publication for a list of advisories in the
    bundle.

    Customers who have not applied a recommended release to address the March
    2019 bundle are advised to upgrade to an appropriate release as indicated
    in the applicable table in this section. In the following tables, the left
    column lists Cisco NX-OS Software releases. The right column indicates the
    first release that includes the fix for this vulnerability.

    MDS 9000 Series Multilayer Switches: CSCvj63728

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    Prior to 8.3                   8.3(1)
    8.3                            8.3(1)

    Nexus 1000 Virtual Edge: CSCvk52969

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    5.2                            5.2(1)SV5(1.1)

    Nexus 1000V Switch for Microsoft Hyper-V: CSCvk52985

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    Prior to 5.2                   No fix available
    5.2                            No fix available

    Nexus 1000V Switch for VMware vSphere: CSCvk52969

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    Prior to 5.2                   5.2(1)SV3(4.1a)
    5.2                            5.2(1)SV3(4.1a)

    Nexus 3000 Series Switches and Nexus 9000 Series Switches in Standalone
    NX-OS Mode: CSCvj63877

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    Prior to 7.0(3)I4              7.0(3)I4(9)
    7.0(3)I4                       7.0(3)I4(9)
    7.0(3)I7                       7.0(3)I7(6)
    9.2(1)                         Not vulnerable

    Nexus 3500 Platform Switches: CSCvk52971

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    Prior to 6.0(2)A8              6.0(2)A8(11)
    6.0(2)A8                       6.0(2)A8(11)
    7.0(3)I4                       7.0(3)I4(9)
    7.0(3)I7                       7.0(3)I7(6)
    9.2                            Not vulnerable

    Nexus 3600 Platform Switches and Nexus 9500 R-Series Switching Platform: 
    CSCvk52988

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    7.0(3)                         7.0(3)F3(5)
    9.2                            Not vulnerable

    Nexus 5500 and 5600 Platform Switches and 6000 Series Switches: CSCvk52972

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    Prior to 7.3                   7.3(4)N1(1)
    7.3                            7.3(4)N1(1)

    Nexus 7000 and 7700 Series Switches: CSCvj63728

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    Prior to 6.2                   6.2(22)
    6.2                            6.2(22)
    7.2                            7.3(3)D1(1)
    7.3                            7.3(3)D1(1)
    8.0                            8.3(1)
    8.1                            8.3(1)
    8.2                            8.3(1)
    8.3                            8.3(1)

    UCS 6200, 6300, and 6400 Series Fabric Interconnects: CSCvk52975

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    Prior to 4.0                   4.0(2a)
    4.0                            4.0(2a)


    Additional Resources

    For help determining the best Cisco NX-OS Software release for a Cisco
    Nexus Switch, administrators can refer to the following Recommended
    Releases documents. If a security advisory recommends a later release,
    Cisco recommends following the advisory guidance.

        Cisco MDS Series Switches
        Cisco Nexus 1000V for VMware Switch
        Cisco Nexus 3000 Series and 3500 Series Switches
        Cisco Nexus 5000 Series Switches
        Cisco Nexus 5500 Platform Switches
        Cisco Nexus 6000 Series Switches
        Cisco Nexus 7000 Series Switches
        Cisco Nexus 9000 Series Switches
        Cisco Nexus 9000 Series ACI-Mode Switches

    For help determining the best Cisco NX-OS Software release for Cisco UCS,
    refer to the Recommended Releases documents in the release notes for the
    device.

Exploitation and Public Announcements

  o The Cisco Product Security Incident Response Team (PSIRT) is not aware of
    any public announcements or malicious use of the vulnerability that is
    described in this advisory.

Source

  o This vulnerability was found during internal security testing.

Cisco Security Vulnerability Policy

  o To learn about Cisco security vulnerability disclosure policies and
    publications, see the Security Vulnerability Policy . This document also
    contains instructions for obtaining fixed software and receiving security
    vulnerability information from Cisco.

URL

  o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
    cisco-sa-20190515-nxos-cmdinj-1735

Revision History

  o +----------+---------------------------+----------+--------+--------------+
    | Version  |        Description        | Section  | Status |     Date     |
    +----------+---------------------------+----------+--------+--------------+
    | 1.0      | Initial public release.   | -        | Final  | 2019-May-15  |
    +----------+---------------------------+----------+--------+--------------+

- -------------------------------------------------------------------------------

Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1770)

Priority:        Medium

Advisory ID:     cisco-sa-20190515-nxos-cmdinj-1770

First Published: 2019 May 15 16:00 GMT

Version 1.0:     Final

Workarounds:     No workarounds available

CVE-2019-1770    

CWE-78

CVSS Score:
4.2  AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:X/RL:X/RC:X

Summary

  o 
    A vulnerability in the CLI of Cisco NX-OS Software could allow an
    authenticated, local attacker with administrator credentials to execute
    arbitrary commands on the underlying Linux operating system with the
    privilege level of root .

    The vulnerability is due to insufficient validation of arguments passed to
    a specific CLI command on the affected device. An attacker could exploit
    this vulnerability by including malicious input as the argument of an
    affected command. A successful exploit could allow the attacker to execute
    arbitrary commands on the underlying Linux operating system with elevated
    privileges. An attacker would need valid administrator credentials to
    exploit this vulnerability.

    Cisco has released software updates that address this vulnerability. There
    are no workarounds that address this vulnerability.

    This advisory is available at the following link:
    https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
    cisco-sa-20190515-nxos-cmdinj-1770

Affected Products

  o Vulnerable Products

    This vulnerability affects the following Cisco products if they are running
    a vulnerable release of Cisco NX-OS Software:

       Nexus 1000V Switch for Microsoft Hyper-V
       Nexus 1000V Switch for VMware vSphere
       Nexus 3000 Series Switches
       Nexus 3500 Platform Switches
       Nexus 3600 Platform Switches
       Nexus 5500 Platform Switches
       Nexus 5600 Platform Switches
       Nexus 6000 Series Switches
       Nexus 7000 Series Switches
       Nexus 7700 Series Switches
       Nexus 9000 Series Switches in standalone NX-OS mode
       Nexus 9500 R-Series Switching Platform

    For information about which Cisco NX-OS Software releases are vulnerable,
    see the Fixed Software section of this advisory.

    Products Confirmed Not Vulnerable

    Only products listed in the Vulnerable Products section of this advisory
    are known to be affected by this vulnerability.

    Cisco has confirmed that this vulnerability does not affect the following
    Cisco products:

       Firepower 2100 Series
       Firepower 4100 Series
       Firepower 9300 Security Appliances
       MDS 9000 Series Multilayer Switches
       Nexus 9000 Series Fabric Switches in Application Centric Infrastructure
        (ACI) mode
       UCS 6200 Series Fabric Interconnects
       UCS 6300 Series Fabric Interconnects
       UCS 6400 Series Fabric Interconnects

Details

  o Cisco has disclosed several similar CLI command injection vulnerabilities.
    They differ primarily in affected products and software versions. This
    table shows the affected products for each vulnerability by Cisco bug ID
    and CVE ID.

    Security        FP 4100/   MDS 9K/    N1000V     N3K/N3500/ N3600/     N5500K/    UCS 6200/
    Advisory        9300       N7K/       MS/VM      N9K-NXOS   N9500R     N5600/     UCS 6300
                               N7700 ^1                                    N6K        UCS 6400 ^
                                                                                      2
    Cisco NX-OS     N/A        CSCvj63728 CSCvk52969 CSCvj63877 CSCvk52988 CSCvk52972 CSCvk52975
    Software                              CSCvk52985 CSCvk52971
    Command
    Injection
    Vulnerability
    (CVE-2019-1735)
    Cisco NX-OS     N/A        N/A        N/A        CSCvh20032 CSCvj00299 N/A        N/A
    Software Line
    Card Command
    Injection
    Vulnerability
    (CVE-2019-1769)
    Cisco NX-OS     N/A        CSCvh75867 CSCvi92240 CSCvh75958 CSCvi92239 CSCvi92243 N/A
    Software                   ^1         CSCvk36294 CSCvi92242
    Command
    Injection
    Vulnerability
    (CVE-2019-1770)
    Cisco NX-OS     N/A        CSCvh75895 N/A        CSCvh75968 CSCvi99195 CSCvi99198 N/A
    Software                   CSCvh75909            CSCvh75976 CSCvi92256 CSCvi92260
    Command                                          CSCvi99197
    Injection                                        CSCvi92258
    Vulnerabilities
    (CVE-2019-1774,
    CVE-2019-1775)
    Cisco NX-OS     N/A        CSCvh20081 N/A        CSCvh20076 CSCvi96429 CSCvi96432 CSCvi96433
    Software                                         CSCvi96431                       ^2
    Command
    Injection
    Vulnerability
    (CVE-2019-1776)
    Cisco NX-OS     N/A        N/A        N/A        CSCvh75996 CSCvj03877 N/A        N/A
    Software
    Command
    Injection
    Vulnerability
    (CVE-2019-1778)
    Cisco FXOS and  CSCvj00418 CSCve51688 N/A        CSCvh76126 CSCvj00412 CSCvj00416 N/A
    NX-OS Software
    Command
    Injection
    Vulnerability
    (CVE-2019-1779)
    Cisco FXOS and  CSCvi92332 CSCvi01440 N/A        CSCvi01431 CSCvi92326 CSCvi92329 N/A
    NX-OS Software                                   CSCvi92328
    Command
    Injection
    Vulnerability
    (CVE-2019-1780)
    Cisco FXOS and  CSCvi96527 CSCvi01448 N/A        CSCvi01445 CSCvi96522 CSCvi96525 CSCvi96526
    NX-OS Software  CSCvi92130 CSCvh20389            CSCvh20027 CSCvi91985 CSCvi92128 ^2
    Command                                          CSCvi96524                       CSCvi92129
    Injection                                        CSCvi92126                       ^2
    Vulnerabilities
    (CVE-2019-1781,
    CVE-2019-1782)
    Cisco NX-OS     N/A        CSCvi42281 N/A        N/A        N/A        CSCvj03966 N/A
    Software                   ^1
    Command
    Injection
    Vulnerability
    (CVE-2019-1783)
    Cisco NX-OS     N/A        CSCvi42292 N/A        N/A        N/A        CSCvj12273 CSCvj12274
    Software                   ^1                                                     ^2
    Command
    Injection
    Vulnerability
    (CVE-2019-1784)
    Cisco NX-OS     N/A        CSCvh20112 N/A        CSCvh20096 CSCvi96504 CSCvi96509 CSCvi96510
    Software                                                                          ^2
    Command
    Injection
    Vulnerability
    (CVE-2019-1790)
    Cisco NX-OS     N/A        CSCvj63667 N/A        CSCvj63270 CSCvk50889 CSCvk50876 N/A
    Software                                         CSCvk50873
    Command
    Injection
    Vulnerability
    (CVE-2019-1791)
    Cisco FXOS and  CSCvh66259 CSCvh20359 CSCvh66257 CSCvh20029 CSCvh66202 CSCvh66214 CSCvh66243
    NX-OS Software                        CSCvk30761 CSCvh66219                       ^2
    Command
    Injection
    Vulnerability
    (CVE-2019-1795)

    1. CSCvh75867, CSCvi42281, and CSCvi42292 apply to only Nexus 7000 Series
    and Nexus 7700 Series Switches. The MDS 9000 Series Multilayer Switches are
    not affected by these vulnerabilities.
    2. CSCvk52975 applies to UCS 6200, 6300, and 6400. For all other UCS
    defects, only UCS 6200 and 6300 are affected (and UCS 6400 is not
    affected).

Workarounds

  o There are no workarounds that address this vulnerability.

Fixed Software

  o Cisco has released free software updates that address the vulnerability
    described in this advisory. Customers may only install and expect support
    for software versions and feature sets for which they have purchased a
    license. By installing, downloading, accessing, or otherwise using such
    software upgrades, customers agree to follow the terms of the Cisco
    software license: https://www.cisco.com/c/en/us/products/
    end-user-license-agreement.html

    Additionally, customers may only download software for which they have a
    valid license, procured from Cisco directly, or through a Cisco authorized
    reseller or partner. In most cases this will be a maintenance upgrade to
    software that was previously purchased. Free security software updates do
    not entitle customers to a new software license, additional software
    feature sets, or major revision upgrades.

    When considering software upgrades, customers are advised to regularly
    consult the advisories for Cisco products, which are available from the
    Cisco Security Advisories and Alerts page , to determine exposure and a
    complete upgrade solution.

    In all cases, customers should ensure that the devices to be upgraded
    contain sufficient memory and confirm that current hardware and software
    configurations will continue to be supported properly by the new release.
    If the information is not clear, customers are advised to contact the Cisco
    Technical Assistance Center (TAC) or their contracted maintenance
    providers.

    Customers Without Service Contracts

    Customers who purchase directly from Cisco but do not hold a Cisco service
    contract and customers who make purchases through third-party vendors but
    are unsuccessful in obtaining fixed software through their point of sale
    should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c
    /en/us/support/web/tsd-cisco-worldwide-contacts.html

    Customers should have the product serial number available and be prepared
    to provide the URL of this advisory as evidence of entitlement to a free
    upgrade.

    Fixed Releases

    No upgrade action is necessary for customers who have already applied a
    recommended release to address the March 2019 Cisco FXOS and NX-OS Software
    bundle. See Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software
    Security Advisory Bundled Publication for a list of advisories in the
    bundle.

    Customers who have not applied a recommended release to address the March
    2019 bundle are advised to upgrade to an appropriate release as indicated
    in the applicable table in this section. In the following tables, the left
    column lists Cisco NX-OS Software releases. The right column indicates the
    first release that includes the fix for this vulnerability.

    Nexus 1000V Switch for Microsoft Hyper-V: CSCvk36294

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    Prior to 5.2                   5.2(1)SM3(2.1)
    5.2                            5.2(1)SM3(2.1)


    Nexus 1000V Switch for VMware vSphere: CSCvi92240
     

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    Prior to 5.2                   5.2(1)SV3(4.1)
    5.2                            5.2(1)SV3(4.1)


    Nexus 3000 Series Switches and Nexus 9000 Series Switches in Standalone
    NX-OS Mode: CSCvh75958

     

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    Prior to 7.0(3)I4              7.0(3)I4(9)
    7.0(3)I4                       7.0(3)I4(9)
    7.0(3)I7                       7.0(3)I7(4)
    9.2(1)                         Not vulnerable

    Nexus 3500 Platform Switches: CSCvi92242

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    Prior to 6.0(2)A8              6.0(2)A8(11)
    6.0(2)A8                       6.0(2)A8(11)
    7.0(3)I4                       7.0(3)I4(9)
    7.0(3)I7                       7.0(3)I7(4)
    9.2                            Not vulnerable

    Nexus 3600 Platform Switches and Nexus 9500 R-Series Switching Platform: 
    CSCvi92239

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    7.0(3)                         7.0(3)F3(5)
    9.2                            Not vulnerable

    Nexus 5500, 5600, and 6000 Series Switches: CSCvi92243

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    Prior to 7.3                   7.3(4)N1(1)
    7.3                            7.3(4)N1(1)

    Nexus 7000 and 7700 Series Switches: CSCvh75867

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    Prior to 6.2                   6.2(22)
    6.2                            6.2(22)
    7.2                            7.3(3)D1(1)
    7.3                            7.3(3)D1(1)
    8.0                            8.2(3)
    8.1                            8.2(3)
    8.2                            8.2(3)
    8.3                            8.3(1)


    Additional Resources

    For help determining the best Cisco NX-OS Software release for a Cisco
    Nexus Switch, administrators can refer to the following Recommended
    Releases documents. If a security advisory recommends a later release,
    Cisco recommends following the advisory guidance.

        Cisco MDS Series Switches
        Cisco Nexus 1000V for VMware Switch
        Cisco Nexus 3000 Series and 3500 Series Switches
        Cisco Nexus 5000 Series Switches
        Cisco Nexus 5500 Platform Switches
        Cisco Nexus 6000 Series Switches
        Cisco Nexus 7000 Series Switches
        Cisco Nexus 9000 Series Switches
        Cisco Nexus 9000 Series ACI-Mode Switches

    For help determining the best Cisco NX-OS Software release for Cisco UCS,
    refer to the Recommended Releases documents in the release notes for the
    device.

Exploitation and Public Announcements

  o The Cisco Product Security Incident Response Team (PSIRT) is not aware of
    any public announcements or malicious use of the vulnerability that is
    described in this advisory.

Source

  o This vulnerability was found during internal security testing.

Cisco Security Vulnerability Policy

  o To learn about Cisco security vulnerability disclosure policies and
    publications, see the Security Vulnerability Policy . This document also
    contains instructions for obtaining fixed software and receiving security
    vulnerability information from Cisco.

URL

  o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
    cisco-sa-20190515-nxos-cmdinj-1770

Revision History

  o +----------+---------------------------+----------+--------+--------------+
    | Version  |        Description        | Section  | Status |     Date     |
    +----------+---------------------------+----------+--------+--------------+
    | 1.0      | Initial public release.   | -        | Final  | 2019-May-15  |
    +----------+---------------------------+----------+--------+--------------+

- -------------------------------------------------------------------------------

Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1776)

Priority:        Medium

Advisory ID:     cisco-sa-20190515-nxos-cmdinj-1776

First Published: 2019 May 15 16:00 GMT

Version 1.0:     Final

Workarounds:     No workarounds available

CVE-2019-1776    

CWE-78

CVSS Score:
6.7  AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X

Summary

  o 
    A vulnerability in the CLI of Cisco NX-OS Software could allow an
    authenticated, local attacker to execute arbitrary commands on the
    underlying Linux operating system with a privilege level of root .

    The vulnerability is due to insufficient validation of arguments passed to
    a specific CLI command on the affected device. An attacker could exploit
    this vulnerability by including malicious input as the argument of an
    affected command. A successful exploit could allow the attacker to execute
    arbitrary commands on the underlying Linux operating system with elevated
    privileges. An attacker would need valid administrator credentials to
    exploit this vulnerability.

    Cisco has released software updates that address this vulnerability. There
    are no workarounds that address this vulnerability.

    This advisory is available at the following link:
    https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
    cisco-sa-20190515-nxos-cmdinj-1776

Affected Products

  o Vulnerable Products

    This vulnerability affects the following Cisco products if they are running
    a vulnerable release of Cisco NX-OS Software:

       MDS 9000 Series Multilayer Switches
       Nexus 3000 Series Switches
       Nexus 3500 Platform Switches
       Nexus 3600 Platform Switches
       Nexus 5500 Platform Switches
       Nexus 5600 Platform Switches
       Nexus 6000 Series Switches
       Nexus 7000 Series Switches
       Nexus 7700 Series Switches
       Nexus 9000 Series Switches in standalone NX-OS mode
       Nexus 9500 R-Series Switching Platform
       UCS 6200 Series Fabric Interconnects
       UCS 6300 Series Fabric Interconnects

    For information about which Cisco NX-OS Software releases are vulnerable,
    see the Fixed Software section of this advisory.

    Products Confirmed Not Vulnerable

    Only products listed in the Vulnerable Products section of this advisory
    are known to be affected by this vulnerability.

    Cisco has confirmed that this vulnerability does not affect the following
    Cisco products:

       Firepower 2100 Series
       Firepower 4100 Series
       Firepower 9300 Security Appliances
       Nexus 1000V Switch for Microsoft Hyper-V
       Nexus 1000V Switch for VMware vSphere
       Nexus 9000 Series Fabric Switches in Application Centric Infrastructure
        (ACI) mode
       UCS 6400 Series Fabric Interconnects

Details

  o Cisco has disclosed several similar CLI command injection vulnerabilities.
    They differ primarily in affected products and software versions. This
    table shows the affected products for each vulnerability by Cisco bug ID
    and CVE ID.

    Security        FP 4100/   MDS 9K/    N1000V     N3K/N3500/ N3600/     N5500K/    UCS 6200/
    Advisory        9300       N7K/       MS/VM      N9K-NXOS   N9500R     N5600/     UCS 6300
                               N7700 ^1                                    N6K        UCS 6400 ^
                                                                                      2
    Cisco NX-OS     N/A        CSCvj63728 CSCvk52969 CSCvj63877 CSCvk52988 CSCvk52972 CSCvk52975
    Software                              CSCvk52985 CSCvk52971
    Command
    Injection
    Vulnerability
    (CVE-2019-1735)
    Cisco NX-OS     N/A        N/A        N/A        CSCvh20032 CSCvj00299 N/A        N/A
    Software Line
    Card Command
    Injection
    Vulnerability
    (CVE-2019-1769)
    Cisco NX-OS     N/A        CSCvh75867 CSCvi92240 CSCvh75958 CSCvi92239 CSCvi92243 N/A
    Software                   ^1         CSCvk36294 CSCvi92242
    Command
    Injection
    Vulnerability
    (CVE-2019-1770)
    Cisco NX-OS     N/A        CSCvh75895 N/A        CSCvh75968 CSCvi99195 CSCvi99198 N/A
    Software                   CSCvh75909            CSCvh75976 CSCvi92256 CSCvi92260
    Command                                          CSCvi99197
    Injection                                        CSCvi92258
    Vulnerabilities
    (CVE-2019-1774,
    CVE-2019-1775)
    Cisco NX-OS     N/A        CSCvh20081 N/A        CSCvh20076 CSCvi96429 CSCvi96432 CSCvi96433
    Software                                         CSCvi96431                       ^2
    Command
    Injection
    Vulnerability
    (CVE-2019-1776)
    Cisco NX-OS     N/A        N/A        N/A        CSCvh75996 CSCvj03877 N/A        N/A
    Software
    Command
    Injection
    Vulnerability
    (CVE-2019-1778)
    Cisco FXOS and  CSCvj00418 CSCve51688 N/A        CSCvh76126 CSCvj00412 CSCvj00416 N/A
    NX-OS Software
    Command
    Injection
    Vulnerability
    (CVE-2019-1779)
    Cisco FXOS and  CSCvi92332 CSCvi01440 N/A        CSCvi01431 CSCvi92326 CSCvi92329 N/A
    NX-OS Software                                   CSCvi92328
    Command
    Injection
    Vulnerability
    (CVE-2019-1780)
    Cisco FXOS and  CSCvi96527 CSCvi01448 N/A        CSCvi01445 CSCvi96522 CSCvi96525 CSCvi96526
    NX-OS Software  CSCvi92130 CSCvh20389            CSCvh20027 CSCvi91985 CSCvi92128 ^2
    Command                                          CSCvi96524                       CSCvi92129
    Injection                                        CSCvi92126                       ^2
    Vulnerabilities
    (CVE-2019-1781,
    CVE-2019-1782)
    Cisco NX-OS     N/A        CSCvi42281 N/A        N/A        N/A        CSCvj03966 N/A
    Software                   ^1
    Command
    Injection
    Vulnerability
    (CVE-2019-1783)
    Cisco NX-OS     N/A        CSCvi42292 N/A        N/A        N/A        CSCvj12273 CSCvj12274
    Software                   ^1                                                     ^2
    Command
    Injection
    Vulnerability
    (CVE-2019-1784)
    Cisco NX-OS     N/A        CSCvh20112 N/A        CSCvh20096 CSCvi96504 CSCvi96509 CSCvi96510
    Software                                                                          ^2
    Command
    Injection
    Vulnerability
    (CVE-2019-1790)
    Cisco NX-OS     N/A        CSCvj63667 N/A        CSCvj63270 CSCvk50889 CSCvk50876 N/A
    Software                                         CSCvk50873
    Command
    Injection
    Vulnerability
    (CVE-2019-1791)
    Cisco FXOS and  CSCvh66259 CSCvh20359 CSCvh66257 CSCvh20029 CSCvh66202 CSCvh66214 CSCvh66243
    NX-OS Software                        CSCvk30761 CSCvh66219                       ^2
    Command
    Injection
    Vulnerability
    (CVE-2019-1795)

    1. CSCvh75867, CSCvi42281, and CSCvi42292 apply to only Nexus 7000 Series
    and Nexus 7700 Series Switches. The MDS 9000 Series Multilayer Switches are
    not affected by these vulnerabilities.
    2. CSCvk52975 applies to UCS 6200, 6300, and 6400. For all other UCS
    defects, only UCS 6200 and 6300 are affected (and UCS 6400 is not
    affected).

Workarounds

  o There are no workarounds that address this vulnerability.

Fixed Software

  o Cisco has released free software updates that address the vulnerability
    described in this advisory. Customers may only install and expect support
    for software versions and feature sets for which they have purchased a
    license. By installing, downloading, accessing, or otherwise using such
    software upgrades, customers agree to follow the terms of the Cisco
    software license: https://www.cisco.com/c/en/us/products/
    end-user-license-agreement.html

    Additionally, customers may only download software for which they have a
    valid license, procured from Cisco directly, or through a Cisco authorized
    reseller or partner. In most cases this will be a maintenance upgrade to
    software that was previously purchased. Free security software updates do
    not entitle customers to a new software license, additional software
    feature sets, or major revision upgrades.

    When considering software upgrades, customers are advised to regularly
    consult the advisories for Cisco products, which are available from the
    Cisco Security Advisories and Alerts page , to determine exposure and a
    complete upgrade solution.

    In all cases, customers should ensure that the devices to be upgraded
    contain sufficient memory and confirm that current hardware and software
    configurations will continue to be supported properly by the new release.
    If the information is not clear, customers are advised to contact the Cisco
    Technical Assistance Center (TAC) or their contracted maintenance
    providers.

    Customers Without Service Contracts

    Customers who purchase directly from Cisco but do not hold a Cisco service
    contract and customers who make purchases through third-party vendors but
    are unsuccessful in obtaining fixed software through their point of sale
    should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c
    /en/us/support/web/tsd-cisco-worldwide-contacts.html

    Customers should have the product serial number available and be prepared
    to provide the URL of this advisory as evidence of entitlement to a free
    upgrade.

    Fixed Releases

    No upgrade action is necessary for customers who have already applied a
    recommended release to address the March 2019 Cisco FXOS and NX-OS Software
    bundle. See Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software
    Security Advisory Bundled Publication for a list of advisories in the
    bundle.

    Customers who have not applied a recommended release to address the March
    2019 bundle are advised to upgrade to an appropriate release as indicated
    in the applicable table in this section. In the following tables, the left
    column lists Cisco NX-OS Software releases. The right column indicates the
    first release that includes the fix for this vulnerability.

    MDS 9000 Series Multilayer Switches: CSCvh20081

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    Prior 8.2                      8.2(2)
    8.2                            8.2(2)
    8.3                            8.3(1)

    Nexus 3000 Series Switches and Nexus 9000 Series Switches in Standalone
    NX-OS Mode: CSCvh20076

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    Prior to 7.0(3)I4              7.0(3)I4(9)
    7.0(3)I4                       7.0(3)I4(9)
    7.0(3)I7                       7.0(3)I7(4)
    9.2(1)                         Not vulnerable

    Nexus 3500 Platform Switches:  CSCvi96431

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    Prior to 6.0(2)A8              6.0(2)A8(11)
    6.0(2)A8                       6.0(2)A8(11)
    7.0(3)I4                       7.0(3)I4(9)
    7.0(3)I7                       7.0(3)I7(4)
    9.2                            Not vulnerable

    Nexus 3600 Platform Switches and Nexus 9500 R-Series Switching Platform: 
    CSCvi96429

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    7.0(3)                         7.0(3)F3(5)
    9.2                            Not vulnerable

    Nexus 5500, 5600, and 6000 Series Switches: CSCvi96432

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    Prior to 7.3                   7.3(5)N1(1)
    7.3                            7.3(5)N1(1)

    Nexus 7000 and 7700 Series Switches: CSCvh20081

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    Prior to 7.3                   7.3(3)D1(1)
    7.3                            7.3(3)D1(1)
    8.0                            8.2(2)
    8.1                            8.2(2)
    8.2                            8.2(2)
    8.3                            8.3(1)

    UCS 6200 and 6300 Series Fabric Interconnects:  CSCvi96433

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    Prior to 4.0                   4.0(1a)
    4.0                            4.0(1a)


    Additional Resources

    For help determining the best Cisco NX-OS Software release for a Cisco
    Nexus Switch, administrators can refer to the following Recommended
    Releases documents. If a security advisory recommends a later release,
    Cisco recommends following the advisory guidance.

        Cisco MDS Series Switches
        Cisco Nexus 1000V for VMware Switch
        Cisco Nexus 3000 Series and 3500 Series Switches
        Cisco Nexus 5000 Series Switches
        Cisco Nexus 5500 Platform Switches
        Cisco Nexus 6000 Series Switches
        Cisco Nexus 7000 Series Switches
        Cisco Nexus 9000 Series Switches
        Cisco Nexus 9000 Series ACI-Mode Switches

    For help determining the best Cisco NX-OS Software release for Cisco UCS,
    refer to the Recommended Releases documents in the release notes for the
    device.

Exploitation and Public Announcements

  o The Cisco Product Security Incident Response Team (PSIRT) is not aware of
    any public announcements or malicious use of the vulnerability that is
    described in this advisory.

Source

  o This vulnerability was found during internal security testing.

Cisco Security Vulnerability Policy

  o To learn about Cisco security vulnerability disclosure policies and
    publications, see the Security Vulnerability Policy . This document also
    contains instructions for obtaining fixed software and receiving security
    vulnerability information from Cisco.

URL

  o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
    cisco-sa-20190515-nxos-cmdinj-1776

Revision History

  o +----------+---------------------------+----------+--------+--------------+
    | Version  |        Description        | Section  | Status |     Date     |
    +----------+---------------------------+----------+--------+--------------+
    | 1.0      | Initial public release.   | -        | Final  | 2019-May-15  |
    +----------+---------------------------+----------+--------+--------------+

- -------------------------------------------------------------------------------

Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1778)

Priority:        Medium

Advisory ID:     cisco-sa-20190515-nxos-cmdinj-1778

First Published: 2019 May 15 16:00 GMT

Version 1.0:     Final

Workarounds:     No workarounds availableCisco Bug IDs:   CSCvh75996CSCvj03877

CVE-2019-1778    

CWE-78

CVSS Score:
6.7  AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X

Summary

  o 
    A vulnerability in the CLI of Cisco NX-OS Software could allow an
    authenticated, local attacker to execute arbitrary commands on the
    underlying Linux operating system with the privilege level of root .

    The vulnerability is due to insufficient validation of arguments passed to
    a specific CLI command on the affected device. An attacker could exploit
    this vulnerability by including malicious input as the argument of an
    affected command. A successful exploit could allow the attacker to execute
    arbitrary commands on the underlying Linux operating system with elevated
    privileges. An attacker would need valid administrator credentials to
    exploit this vulnerability.

    Cisco has released software updates that address this vulnerability. There
    are no workarounds that address this vulnerability.

    This advisory is available at the following link:
    https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
    cisco-sa-20190515-nxos-cmdinj-1778

Affected Products

  o Vulnerable Products

    This vulnerability affects the following Cisco products if they are running
    a vulnerable release of Cisco NX-OS Software:

       Nexus 3000 Series Switches
       Nexus 3500 Platform Switches
       Nexus 3600 Platform Switches
       Nexus 9000 Series Switches in standalone NX-OS mode
       Nexus 9500 R-Series Switching Platform

    For information about which Cisco NX-OS Software releases are vulnerable,
    see the Fixed Software section of this advisory.

    Products Confirmed Not Vulnerable

    Only products listed in the Vulnerable Products section of this advisory
    are known to be affected by this vulnerability.

    Cisco has confirmed that this vulnerability does not affect the following
    Cisco products:

       Firepower 2100 Series
       Firepower 4100 Series
       Firepower 9300 Security Appliances
       MDS 9000 Series Multilayer Switches
       Nexus 1000V Switch for Microsoft Hyper-V
       Nexus 1000V Switch for VMware vSphere
       Nexus 5500 Platform Switches
       Nexus 5600 Platform Switches
       Nexus 6000 Series Switches
       Nexus 7000 Series Switches
       Nexus 7700 Series Switches
       Nexus 9000 Series Fabric Switches in Application Centric Infrastructure
        (ACI) mode
       UCS 6200 Series Fabric Interconnects
       UCS 6300 Series Fabric Interconnects
       UCS 6400 Series Fabric Interconnects

Details

  o Cisco has disclosed several similar CLI command injection vulnerabilities.
    They differ primarily in affected products and software versions. This
    table shows the affected products for each vulnerability by Cisco bug ID
    and CVE ID.

    Security        FP 4100/   MDS 9K/    N1000V     N3K/N3500/ N3600/     N5500K/    UCS 6200/
    Advisory        9300       N7K/       MS/VM      N9K-NXOS   N9500R     N5600/     UCS 6300
                               N7700 ^1                                    N6K        UCS 6400 ^
                                                                                      2
    Cisco NX-OS     N/A        CSCvj63728 CSCvk52969 CSCvj63877 CSCvk52988 CSCvk52972 CSCvk52975
    Software                              CSCvk52985 CSCvk52971
    Command
    Injection
    Vulnerability
    (CVE-2019-1735)
    Cisco NX-OS     N/A        N/A        N/A        CSCvh20032 CSCvj00299 N/A        N/A
    Software Line
    Card Command
    Injection
    Vulnerability
    (CVE-2019-1769)
    Cisco NX-OS     N/A        CSCvh75867 CSCvi92240 CSCvh75958 CSCvi92239 CSCvi92243 N/A
    Software                   ^1         CSCvk36294 CSCvi92242
    Command
    Injection
    Vulnerability
    (CVE-2019-1770)
    Cisco NX-OS     N/A        CSCvh75895 N/A        CSCvh75968 CSCvi99195 CSCvi99198 N/A
    Software                   CSCvh75909            CSCvh75976 CSCvi92256 CSCvi92260
    Command                                          CSCvi99197
    Injection                                        CSCvi92258
    Vulnerabilities
    (CVE-2019-1774,
    CVE-2019-1775)
    Cisco NX-OS     N/A        CSCvh20081 N/A        CSCvh20076 CSCvi96429 CSCvi96432 CSCvi96433
    Software                                         CSCvi96431                       ^2
    Command
    Injection
    Vulnerability
    (CVE-2019-1776)
    Cisco NX-OS     N/A        N/A        N/A        CSCvh75996 CSCvj03877 N/A        N/A
    Software
    Command
    Injection
    Vulnerability
    (CVE-2019-1778)
    Cisco FXOS and  CSCvj00418 CSCve51688 N/A        CSCvh76126 CSCvj00412 CSCvj00416 N/A
    NX-OS Software
    Command
    Injection
    Vulnerability
    (CVE-2019-1779)
    Cisco FXOS and  CSCvi92332 CSCvi01440 N/A        CSCvi01431 CSCvi92326 CSCvi92329 N/A
    NX-OS Software                                   CSCvi92328
    Command
    Injection
    Vulnerability
    (CVE-2019-1780)
    Cisco FXOS and  CSCvi96527 CSCvi01448 N/A        CSCvi01445 CSCvi96522 CSCvi96525 CSCvi96526
    NX-OS Software  CSCvi92130 CSCvh20389            CSCvh20027 CSCvi91985 CSCvi92128 ^2
    Command                                          CSCvi96524                       CSCvi92129
    Injection                                        CSCvi92126                       ^2
    Vulnerabilities
    (CVE-2019-1781,
    CVE-2019-1782)
    Cisco NX-OS     N/A        CSCvi42281 N/A        N/A        N/A        CSCvj03966 N/A
    Software                   ^1
    Command
    Injection
    Vulnerability
    (CVE-2019-1783)
    Cisco NX-OS     N/A        CSCvi42292 N/A        N/A        N/A        CSCvj12273 CSCvj12274
    Software                   ^1                                                     ^2
    Command
    Injection
    Vulnerability
    (CVE-2019-1784)
    Cisco NX-OS     N/A        CSCvh20112 N/A        CSCvh20096 CSCvi96504 CSCvi96509 CSCvi96510
    Software                                                                          ^2
    Command
    Injection
    Vulnerability
    (CVE-2019-1790)
    Cisco NX-OS     N/A        CSCvj63667 N/A        CSCvj63270 CSCvk50889 CSCvk50876 N/A
    Software                                         CSCvk50873
    Command
    Injection
    Vulnerability
    (CVE-2019-1791)
    Cisco FXOS and  CSCvh66259 CSCvh20359 CSCvh66257 CSCvh20029 CSCvh66202 CSCvh66214 CSCvh66243
    NX-OS Software                        CSCvk30761 CSCvh66219                       ^2
    Command
    Injection
    Vulnerability
    (CVE-2019-1795)

    1. CSCvh75867, CSCvi42281, and CSCvi42292 apply to only Nexus 7000 Series
    and Nexus 7700 Series Switches. The MDS 9000 Series Multilayer Switches are
    not affected by these vulnerabilities.
    2. CSCvk52975 applies to UCS 6200, 6300, and 6400. For all other UCS
    defects, only UCS 6200 and 6300 are affected (and UCS 6400 is not
    affected).

Workarounds

  o There are no workarounds that address this vulnerability.

Fixed Software

  o Cisco has released free software updates that address the vulnerability
    described in this advisory. Customers may only install and expect support
    for software versions and feature sets for which they have purchased a
    license. By installing, downloading, accessing, or otherwise using such
    software upgrades, customers agree to follow the terms of the Cisco
    software license: https://www.cisco.com/c/en/us/products/
    end-user-license-agreement.html

    Additionally, customers may only download software for which they have a
    valid license, procured from Cisco directly, or through a Cisco authorized
    reseller or partner. In most cases this will be a maintenance upgrade to
    software that was previously purchased. Free security software updates do
    not entitle customers to a new software license, additional software
    feature sets, or major revision upgrades.

    When considering software upgrades, customers are advised to regularly
    consult the advisories for Cisco products, which are available from the
    Cisco Security Advisories and Alerts page , to determine exposure and a
    complete upgrade solution.

    In all cases, customers should ensure that the devices to be upgraded
    contain sufficient memory and confirm that current hardware and software
    configurations will continue to be supported properly by the new release.
    If the information is not clear, customers are advised to contact the Cisco
    Technical Assistance Center (TAC) or their contracted maintenance
    providers.

    Customers Without Service Contracts

    Customers should have the product serial number available and be prepared
    to provide the URL of this advisory as evidence of entitlement to a free
    upgrade.

    Fixed Releases

    No upgrade action is necessary for customers who have already applied a
    recommended release to address the March 2019 Cisco FXOS and NX-OS Software
    bundle. See Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software
    Security Advisory Bundled Publication for a list of advisories in the
    bundle.

    Customers who have not applied a recommended release to address the March
    2019 bundle are advised to upgrade to an appropriate release as indicated
    in the applicable table in this section. In the following tables, the left
    column lists Cisco NX-OS Software releases. The right column indicates the
    first release that includes the fix for this vulnerability.

    Nexus 3000 Series Switches, Nexus 3500 Platform Switches, and Nexus 9000
    Series Switches in Standalone NX-OS Mode: CSCvh75996

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    Prior to 7.0(3)I4              7.0(3)I4(9)
    7.0(3)I4                       7.0(3)I4(9)
    7.0(3)I7                       7.0(3)I7(4)
    9.2(1)                         Not vulnerable


    Nexus 3600 Platform Switches and Nexus 9500 R-Series Switching Platform: 
    CSCvj03877


    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    7.0(3)                         7.0(3)F3(5)
    9.2                            Not vulnerable


    Additional Resources

    For help determining the best Cisco NX-OS Software release for a Cisco
    Nexus Switch, administrators can refer to the following Recommended
    Releases documents. If a security advisory recommends a later release,
    Cisco recommends following the advisory guidance.

        Cisco MDS Series Switches
        Cisco Nexus 1000V for VMware Switch
        Cisco Nexus 3000 Series and 3500 Series Switches
        Cisco Nexus 5000 Series Switches
        Cisco Nexus 5500 Platform Switches
        Cisco Nexus 6000 Series Switches
        Cisco Nexus 7000 Series Switches
        Cisco Nexus 9000 Series Switches
        Cisco Nexus 9000 Series ACI-Mode Switches

    For help determining the best Cisco NX-OS Software release for Cisco UCS,
    refer to the Recommended Releases documents in the release notes for the
    device.

Exploitation and Public Announcements

  o The Cisco Product Security Incident Response Team (PSIRT) is not aware of
    any public announcements or malicious use of the vulnerability that is
    described in this advisory.

Source

  o This vulnerability was found during internal security testing.

Cisco Security Vulnerability Policy

  o To learn about Cisco security vulnerability disclosure policies and
    publications, see the Security Vulnerability Policy . This document also
    contains instructions for obtaining fixed software and receiving security
    vulnerability information from Cisco.

URL

  o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
    cisco-sa-20190515-nxos-cmdinj-1778

Revision History

  o +----------+---------------------------+----------+--------+--------------+
    | Version  |        Description        | Section  | Status |     Date     |
    +----------+---------------------------+----------+--------+--------------+
    | 1.0      | Initial public release.   | -        | Final  | 2019-May-15  |
    +----------+---------------------------+----------+--------+--------------+

- -------------------------------------------------------------------------------

Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1783)

Priority:        Medium

Advisory ID:     cisco-sa-20190515-nxos-cmdinj-1783

First Published: 2019 May 15 16:00 GMT

Version 1.0:     Final

Workarounds:     No workarounds availableCisco Bug IDs:   CSCvi42281CSCvj03966

CVE-2019-1783    

CWE-77

CVSS Score:
6.7  AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X

Summary

  o 
    A vulnerability in the CLI of Cisco NX-OS Software could allow an
    authenticated, local attacker with administrator credentials to execute
    arbitrary commands on the underlying Linux operating system with the
    privilege level of root .

    The vulnerability is due to insufficient validation of arguments passed to
    a specific CLI command on the affected device. An attacker could exploit
    this vulnerability by including malicious input as the argument of an
    affected command. A successful exploit could allow the attacker to execute
    arbitrary commands on the underlying Linux operating system with elevated
    privileges. An attacker would need valid administrator credentials to
    exploit this vulnerability.

    Cisco has released software updates that address this vulnerability. There
    are no workarounds that address this vulnerability.

    This advisory is available at the following link:
    https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
    cisco-sa-20190515-nxos-cmdinj-1783

Affected Products

  o Vulnerable Products

    This vulnerability affects the following Cisco products if they are running
    a vulnerable release of Cisco NX-OS Software:

       Nexus 5500 Platform Switches
       Nexus 5600 Platform Switches
       Nexus 6000 Series Switches
       Nexus 7000 Series Switches
       Nexus 7700 Series Switches

    For information about which Cisco NX-OS Software releases are vulnerable,
    see the Fixed Software section of this advisory.

    Products Confirmed Not Vulnerable

    Only products listed in the Vulnerable Products section of this advisory
    are known to be affected by this vulnerability.

    Cisco has confirmed that this vulnerability does not affect the following
    Cisco products:

       Firepower 2100 Series
       Firepower 4100 Series
       Firepower 9300 Security Appliances
       MDS 9000 Series Multilayer Switches
       Nexus 1000V Switch for Microsoft Hyper-V
       Nexus 1000V Switch for VMware vSphere
       Nexus 3000 Series Switches
       Nexus 3500 Platform Switches
       Nexus 3600 Platform Switches
       Nexus 9000 Series Fabric Switches in Application Centric Infrastructure
        (ACI) mode
       Nexus 9000 Series Switches in standalone NX-OS mode
       Nexus 9500 R-Series Switching Platform
       UCS 6200 Series Fabric Interconnects
       UCS 6300 Series Fabric Interconnects
       UCS 6400 Series Fabric Interconnects

Details

  o Cisco has disclosed several similar CLI command injection vulnerabilities.
    They differ primarily in affected products and software versions. This
    table shows the affected products for each vulnerability by Cisco bug ID
    and CVE ID.

    Security        FP 4100/   MDS 9K/    N1000V     N3K/N3500/ N3600/     N5500K/    UCS 6200/
    Advisory        9300       N7K/       MS/VM      N9K-NXOS   N9500R     N5600/     UCS 6300
                               N7700 ^1                                    N6K        UCS 6400 ^
                                                                                      2
    Cisco NX-OS     N/A        CSCvj63728 CSCvk52969 CSCvj63877 CSCvk52988 CSCvk52972 CSCvk52975
    Software                              CSCvk52985 CSCvk52971
    Command
    Injection
    Vulnerability
    (CVE-2019-1735)
    Cisco NX-OS     N/A        N/A        N/A        CSCvh20032 CSCvj00299 N/A        N/A
    Software Line
    Card Command
    Injection
    Vulnerability
    (CVE-2019-1769)
    Cisco NX-OS     N/A        CSCvh75867 CSCvi92240 CSCvh75958 CSCvi92239 CSCvi92243 N/A
    Software                   ^1         CSCvk36294 CSCvi92242
    Command
    Injection
    Vulnerability
    (CVE-2019-1770)
    Cisco NX-OS     N/A        CSCvh75895 N/A        CSCvh75968 CSCvi99195 CSCvi99198 N/A
    Software                   CSCvh75909            CSCvh75976 CSCvi92256 CSCvi92260
    Command                                          CSCvi99197
    Injection                                        CSCvi92258
    Vulnerabilities
    (CVE-2019-1774,
    CVE-2019-1775)
    Cisco NX-OS     N/A        CSCvh20081 N/A        CSCvh20076 CSCvi96429 CSCvi96432 CSCvi96433
    Software                                         CSCvi96431                       ^2
    Command
    Injection
    Vulnerability
    (CVE-2019-1776)
    Cisco NX-OS     N/A        N/A        N/A        CSCvh75996 CSCvj03877 N/A        N/A
    Software
    Command
    Injection
    Vulnerability
    (CVE-2019-1778)
    Cisco FXOS and  CSCvj00418 CSCve51688 N/A        CSCvh76126 CSCvj00412 CSCvj00416 N/A
    NX-OS Software
    Command
    Injection
    Vulnerability
    (CVE-2019-1779)
    Cisco FXOS and  CSCvi92332 CSCvi01440 N/A        CSCvi01431 CSCvi92326 CSCvi92329 N/A
    NX-OS Software                                   CSCvi92328
    Command
    Injection
    Vulnerability
    (CVE-2019-1780)
    Cisco FXOS and  CSCvi96527 CSCvi01448 N/A        CSCvi01445 CSCvi96522 CSCvi96525 CSCvi96526
    NX-OS Software  CSCvi92130 CSCvh20389            CSCvh20027 CSCvi91985 CSCvi92128 ^2
    Command                                          CSCvi96524                       CSCvi92129
    Injection                                        CSCvi92126                       ^2
    Vulnerabilities
    (CVE-2019-1781,
    CVE-2019-1782)
    Cisco NX-OS     N/A        CSCvi42281 N/A        N/A        N/A        CSCvj03966 N/A
    Software                   ^1
    Command
    Injection
    Vulnerability
    (CVE-2019-1783)
    Cisco NX-OS     N/A        CSCvi42292 N/A        N/A        N/A        CSCvj12273 CSCvj12274
    Software                   ^1                                                     ^2
    Command
    Injection
    Vulnerability
    (CVE-2019-1784)
    Cisco NX-OS     N/A        CSCvh20112 N/A        CSCvh20096 CSCvi96504 CSCvi96509 CSCvi96510
    Software                                                                          ^2
    Command
    Injection
    Vulnerability
    (CVE-2019-1790)
    Cisco NX-OS     N/A        CSCvj63667 N/A        CSCvj63270 CSCvk50889 CSCvk50876 N/A
    Software                                         CSCvk50873
    Command
    Injection
    Vulnerability
    (CVE-2019-1791)
    Cisco FXOS and  CSCvh66259 CSCvh20359 CSCvh66257 CSCvh20029 CSCvh66202 CSCvh66214 CSCvh66243
    NX-OS Software                        CSCvk30761 CSCvh66219                       ^2
    Command
    Injection
    Vulnerability
    (CVE-2019-1795)

    1. CSCvh75867, CSCvi42281, and CSCvi42292 apply to only Nexus 7000 Series
    and Nexus 7700 Series Switches. The MDS 9000 Series Multilayer Switches are
    not affected by these vulnerabilities.
    2. CSCvk52975 applies to UCS 6200, 6300, and 6400. For all other UCS
    defects, only UCS 6200 and 6300 are affected (and UCS 6400 is not
    affected).

Workarounds

  o There are no workarounds that address this vulnerability.

Fixed Software

  o Cisco has released free software updates that address the vulnerability
    described in this advisory. Customers may only install and expect support
    for software versions and feature sets for which they have purchased a
    license. By installing, downloading, accessing, or otherwise using such
    software upgrades, customers agree to follow the terms of the Cisco
    software license: https://www.cisco.com/c/en/us/products/
    end-user-license-agreement.html

    Additionally, customers may only download software for which they have a
    valid license, procured from Cisco directly, or through a Cisco authorized
    reseller or partner. In most cases this will be a maintenance upgrade to
    software that was previously purchased. Free security software updates do
    not entitle customers to a new software license, additional software
    feature sets, or major revision upgrades.

    When considering software upgrades, customers are advised to regularly
    consult the advisories for Cisco products, which are available from the
    Cisco Security Advisories and Alerts page , to determine exposure and a
    complete upgrade solution.

    In all cases, customers should ensure that the devices to be upgraded
    contain sufficient memory and confirm that current hardware and software
    configurations will continue to be supported properly by the new release.
    If the information is not clear, customers are advised to contact the Cisco
    Technical Assistance Center (TAC) or their contracted maintenance
    providers.

    Customers Without Service Contracts

    Customers who purchase directly from Cisco but do not hold a Cisco service
    contract and customers who make purchases through third-party vendors but
    are unsuccessful in obtaining fixed software through their point of sale
    should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c
    /en/us/support/web/tsd-cisco-worldwide-contacts.html

    Customers should have the product serial number available and be prepared
    to provide the URL of this advisory as evidence of entitlement to a free
    upgrade.

    Fixed Releases

    No upgrade action is necessary for customers who have already applied a
    recommended release to address the March 2019 Cisco FXOS and NX-OS Software
    bundle. See Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software
    Security Advisory Bundled Publication for a list of advisories in the
    bundle.

    Customers who have not applied a recommended release to address the March
    2019 bundle are advised to upgrade to an appropriate release as indicated
    in the applicable table in this section. In the following tables, the left
    column lists Cisco NX-OS Software releases. The right column indicates the
    first release that includes the fix for this vulnerability.

    Nexus 5500, 5600, and 6000 Series Switches: CSCvj03966

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    Prior to 7.3                   7.3(4)N1(1)
    7.3                            7.3(4)N1(1)

    Nexus 7000 and 7700 Series Switches: CSCvi42281

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    Prior to 7.3                   7.3(3)D1(1)
    7.3                            7.3(3)D1(1)
    8.0                            8.3(1)
    8.1                            8.3(1)
    8.2                            8.3(1)
    8.3                            8.3(1)


    Additional Resources

    For help determining the best Cisco NX-OS Software release for a Cisco
    Nexus Switch, administrators can refer to the following Recommended
    Releases documents. If a security advisory recommends a later release,
    Cisco recommends following the advisory guidance.

        Cisco MDS Series Switches
        Cisco Nexus 1000V for VMware Switch
        Cisco Nexus 3000 Series and 3500 Series Switches
        Cisco Nexus 5000 Series Switches
        Cisco Nexus 5500 Platform Switches
        Cisco Nexus 6000 Series Switches
        Cisco Nexus 7000 Series Switches
        Cisco Nexus 9000 Series Switches
        Cisco Nexus 9000 Series ACI-Mode Switches

    For help determining the best Cisco NX-OS Software release for Cisco UCS,
    refer to the Recommended Releases documents in the release notes for the
    device.

Exploitation and Public Announcements

  o The Cisco Product Security Incident Response Team (PSIRT) is not aware of
    any public announcements or malicious use of the vulnerability that is
    described in this advisory.

Source

  o This vulnerability was found during internal security testing.

Cisco Security Vulnerability Policy

  o To learn about Cisco security vulnerability disclosure policies and
    publications, see the Security Vulnerability Policy . This document also
    contains instructions for obtaining fixed software and receiving security
    vulnerability information from Cisco.

URL

  o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
    cisco-sa-20190515-nxos-cmdinj-1783

Revision History

  o +----------+---------------------------+----------+--------+--------------+
    | Version  |        Description        | Section  | Status |     Date     |
    +----------+---------------------------+----------+--------+--------------+
    | 1.0      | Initial public release.   | -        | Final  | 2019-May-15  |
    +----------+---------------------------+----------+--------+--------------+

- -------------------------------------------------------------------------------

Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1784)

Priority:        Medium

Advisory ID:     cisco-sa-20190515-nxos-cmd-inject-1784

First Published: 2019 May 15 16:00 GMT

Version 1.0:     Final

Workarounds:     No workarounds availableCisco Bug IDs:   CSCvi42292CSCvj12273CSCvj12274

CVE-2019-1784    

CWE-77

CVSS Score:
6.7  AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X

Summary

  o 
    A vulnerability in the CLI of Cisco NX-OS Software could allow an
    authenticated, local attacker to execute arbitrary commands on the
    underlying Linux operating system with the privilege level of root .

    The vulnerability is due to insufficient validation of arguments passed to
    a specific CLI command on the affected device. An attacker could exploit
    this vulnerability by including malicious input as the argument of an
    affected command. A successful exploit could allow the attacker to execute
    arbitrary commands on the underlying Linux operating system with elevated
    privileges. An attacker would need valid administrator credentials to
    exploit this vulnerability.

    Cisco has released software updates that address this vulnerability. There
    are no workarounds that address this vulnerability.

    This advisory is available at the following link:
    https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
    cisco-sa-20190515-nxos-cmd-inject-1784

Affected Products

  o Vulnerable Products

    This vulnerability affects the following Cisco products if they are running
    a vulnerable release of Cisco NX-OS Software:

       Nexus 5500 Platform Switches
       Nexus 5600 Platform Switches
       Nexus 6000 Series Switches
       Nexus 7000 Series Switches
       Nexus 7700 Series Switches
       UCS 6200 Series Fabric Interconnects
       UCS 6300 Series Fabric Interconnects
    For information about which Cisco NX-OS Software releases are vulnerable,
    see the Fixed Software section of this advisory.

    Products Confirmed Not Vulnerable

    Only products listed in the Vulnerable Products section of this advisory
    are known to be affected by this vulnerability.

    Cisco has confirmed that this vulnerability does not affect the following
    Cisco products:

       Firepower 2100 Series
       Firepower 4100 Series
       Firepower 9300 Security Appliances
       MDS 9000 Series Multilayer Switches
       Nexus 1000V Switch for Microsoft Hyper-V
       Nexus 1000V Switch for VMware vSphere
       Nexus 3000 Series Switches
       Nexus 3500 Platform Switches
       Nexus 3600 Platform Switches
       Nexus 9000 Series Fabric Switches in Application Centric Infrastructure
        (ACI) mode
       Nexus 9000 Series Switches in standalone NX-OS mode
       Nexus 9500 R-Series Switching Platform
       UCS 6400 Series Fabric Interconnects

Details

  o Cisco has disclosed several similar CLI command injection vulnerabilities.
    They differ primarily in affected products and software versions. This
    table shows the affected products for each vulnerability by Cisco bug ID
    and CVE ID.

    Security        FP 4100/   MDS 9K/    N1000V     N3K/N3500/ N3600/     N5500K/    UCS 6200/
    Advisory        9300       N7K/       MS/VM      N9K-NXOS   N9500R     N5600/     UCS 6300
                               N7700 ^1                                    N6K        UCS 6400 ^
                                                                                      2
    Cisco NX-OS     N/A        CSCvj63728 CSCvk52969 CSCvj63877 CSCvk52988 CSCvk52972 CSCvk52975
    Software                              CSCvk52985 CSCvk52971
    Command
    Injection
    Vulnerability
    (CVE-2019-1735)
    Cisco NX-OS     N/A        N/A        N/A        CSCvh20032 CSCvj00299 N/A        N/A
    Software Line
    Card Command
    Injection
    Vulnerability
    (CVE-2019-1769)
    Cisco NX-OS     N/A        CSCvh75867 CSCvi92240 CSCvh75958 CSCvi92239 CSCvi92243 N/A
    Software                   ^1         CSCvk36294 CSCvi92242
    Command
    Injection
    Vulnerability
    (CVE-2019-1770)
    Cisco NX-OS     N/A        CSCvh75895 N/A        CSCvh75968 CSCvi99195 CSCvi99198 N/A
    Software                   CSCvh75909            CSCvh75976 CSCvi92256 CSCvi92260
    Command                                          CSCvi99197
    Injection                                        CSCvi92258
    Vulnerabilities
    (CVE-2019-1774,
    CVE-2019-1775)
    Cisco NX-OS     N/A        CSCvh20081 N/A        CSCvh20076 CSCvi96429 CSCvi96432 CSCvi96433
    Software                                         CSCvi96431                       ^2
    Command
    Injection
    Vulnerability
    (CVE-2019-1776)
    Cisco NX-OS     N/A        N/A        N/A        CSCvh75996 CSCvj03877 N/A        N/A
    Software
    Command
    Injection
    Vulnerability
    (CVE-2019-1778)
    Cisco FXOS and  CSCvj00418 CSCve51688 N/A        CSCvh76126 CSCvj00412 CSCvj00416 N/A
    NX-OS Software
    Command
    Injection
    Vulnerability
    (CVE-2019-1779)
    Cisco FXOS and  CSCvi92332 CSCvi01440 N/A        CSCvi01431 CSCvi92326 CSCvi92329 N/A
    NX-OS Software                                   CSCvi92328
    Command
    Injection
    Vulnerability
    (CVE-2019-1780)
    Cisco FXOS and  CSCvi96527 CSCvi01448 N/A        CSCvi01445 CSCvi96522 CSCvi96525 CSCvi96526
    NX-OS Software  CSCvi92130 CSCvh20389            CSCvh20027 CSCvi91985 CSCvi92128 ^2
    Command                                          CSCvi96524                       CSCvi92129
    Injection                                        CSCvi92126                       ^2
    Vulnerabilities
    (CVE-2019-1781,
    CVE-2019-1782)
    Cisco NX-OS     N/A        CSCvi42281 N/A        N/A        N/A        CSCvj03966 N/A
    Software                   ^1
    Command
    Injection
    Vulnerability
    (CVE-2019-1783)
    Cisco NX-OS     N/A        CSCvi42292 N/A        N/A        N/A        CSCvj12273 CSCvj12274
    Software                   ^1                                                     ^2
    Command
    Injection
    Vulnerability
    (CVE-2019-1784)
    Cisco NX-OS     N/A        CSCvh20112 N/A        CSCvh20096 CSCvi96504 CSCvi96509 CSCvi96510
    Software                                                                          ^2
    Command
    Injection
    Vulnerability
    (CVE-2019-1790)
    Cisco NX-OS     N/A        CSCvj63667 N/A        CSCvj63270 CSCvk50889 CSCvk50876 N/A
    Software                                         CSCvk50873
    Command
    Injection
    Vulnerability
    (CVE-2019-1791)
    Cisco FXOS and  CSCvh66259 CSCvh20359 CSCvh66257 CSCvh20029 CSCvh66202 CSCvh66214 CSCvh66243
    NX-OS Software                        CSCvk30761 CSCvh66219                       ^2
    Command
    Injection
    Vulnerability
    (CVE-2019-1795)

    1. CSCvh75867, CSCvi42281, and CSCvi42292 apply to only Nexus 7000 Series
    and Nexus 7700 Series Switches. The MDS 9000 Series Multilayer Switches are
    not affected by these vulnerabilities.
    2. CSCvk52975 applies to UCS 6200, 6300, and 6400. For all other UCS
    defects, only UCS 6200 and 6300 are affected (and UCS 6400 is not
    affected).

Workarounds

  o There are no workarounds that address this vulnerability.

Fixed Software

  o Cisco has released free software updates that address the vulnerability
    described in this advisory. Customers may only install and expect support
    for software versions and feature sets for which they have purchased a
    license. By installing, downloading, accessing, or otherwise using such
    software upgrades, customers agree to follow the terms of the Cisco
    software license: https://www.cisco.com/c/en/us/products/
    end-user-license-agreement.html

    Additionally, customers may only download software for which they have a
    valid license, procured from Cisco directly, or through a Cisco authorized
    reseller or partner. In most cases this will be a maintenance upgrade to
    software that was previously purchased. Free security software updates do
    not entitle customers to a new software license, additional software
    feature sets, or major revision upgrades.

    When considering software upgrades, customers are advised to regularly
    consult the advisories for Cisco products, which are available from the
    Cisco Security Advisories and Alerts page , to determine exposure and a
    complete upgrade solution.

    In all cases, customers should ensure that the devices to be upgraded
    contain sufficient memory and confirm that current hardware and software
    configurations will continue to be supported properly by the new release.
    If the information is not clear, customers are advised to contact the Cisco
    Technical Assistance Center (TAC) or their contracted maintenance
    providers.

    Customers Without Service Contracts

    Customers who purchase directly from Cisco but do not hold a Cisco service
    contract and customers who make purchases through third-party vendors but
    are unsuccessful in obtaining fixed software through their point of sale
    should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c
    /en/us/support/web/tsd-cisco-worldwide-contacts.html

    Customers should have the product serial number available and be prepared
    to provide the URL of this advisory as evidence of entitlement to a free
    upgrade.

    Fixed Releases

    No upgrade action is necessary for customers who have already applied a
    recommended release to address the March 2019 Cisco FXOS and NX-OS Software
    bundle. See Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software
    Security Advisory Bundled Publication for a list of advisories in the
    bundle.

    Customers who have not applied a recommended release to address the March
    2019 bundle are advised to upgrade to an appropriate release as indicated
    in the applicable table in this section. In the following tables, the left
    column lists Cisco NX-OS Software releases. The right column indicates the
    first release that includes the fix for this vulnerability.

    Nexus 5500, 5600, and 6000 Series Switches: CSCvj12273

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    Prior to 7.3                   7.3(5)N1(1)
    7.3                            7.3(5)N1(1)

    Nexus 7000 and 7700 Series Switches: CSCvi42292

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    Prior to 6.2                   7.3(3)D1(1)
    6.2                            7.3(3)D1(1)
    7.2                            7.3(3)D1(1)
    7.3                            7.3(3)D1(1)
    8.0                            8.2(3)
    8.1                            8.2(3)
    8.2                            8.2(3)
    8.3                            8.3(1)

    UCS 6200 and 6300 Series Fabric Interconnects: CSCvj12274

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    Prior to 4.0                   4.0(1a)
    4.0                            4.0(1a)


    Additional Resources

    For help determining the best Cisco NX-OS Software release for a Cisco
    Nexus Switch, administrators can refer to the following Recommended
    Releases documents. If a security advisory recommends a later release,
    Cisco recommends following the advisory guidance.

        Cisco MDS Series Switches
        Cisco Nexus 1000V for VMware Switch
        Cisco Nexus 3000 Series and 3500 Series Switches
        Cisco Nexus 5000 Series Switches
        Cisco Nexus 5500 Platform Switches
        Cisco Nexus 6000 Series Switches
        Cisco Nexus 7000 Series Switches
        Cisco Nexus 9000 Series Switches
        Cisco Nexus 9000 Series ACI-Mode Switches

    For help determining the best Cisco NX-OS Software release for Cisco UCS,
    refer to the Recommended Releases documents in the release notes for the
    device.

Exploitation and Public Announcements

  o The Cisco Product Security Incident Response Team (PSIRT) is not aware of
    any public announcements or malicious use of the vulnerability that is
    described in this advisory.

Source

  o This vulnerability was found during internal security testing.

Cisco Security Vulnerability Policy

  o To learn about Cisco security vulnerability disclosure policies and
    publications, see the Security Vulnerability Policy . This document also
    contains instructions for obtaining fixed software and receiving security
    vulnerability information from Cisco.

URL

  o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
    cisco-sa-20190515-nxos-cmd-inject-1784

Revision History

  o +----------+---------------------------+----------+--------+--------------+
    | Version  |        Description        | Section  | Status |     Date     |
    +----------+---------------------------+----------+--------+--------------+
    | 1.0      | Initial public release.   | -        | Final  | 2019-May-15  |
    +----------+---------------------------+----------+--------+--------------+

- -------------------------------------------------------------------------------

Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1790)

Priority:        Medium

Advisory ID:     cisco-sa-20190515-nxos-cmdinj-1790

First Published: 2019 May 15 16:00 GMT

Version 1.0:     Final

Workarounds:     No workarounds availableCisco Bug IDs:   CSCvh20096CSCvh20112CSCvi96504CSCvi96509CSCvi96510

CVE-2019-1790    

CWE-77

CVSS Score:
6.7  AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X

Summary

  o A vulnerability in the CLI of Cisco NX-OS Software could allow an
    authenticated, local attacker with valid administrator credentials to
    execute arbitrary commands on the underlying operating system of an
    affected device.

    The vulnerability is due to insufficient validation of arguments passed to
    certain CLI commands. An attacker could exploit this vulnerability by
    including malicious input as the argument of an affected command. A
    successful exploit could allow the attacker to execute arbitrary commands
    on the underlying operating system with elevated privileges. An attacker
    would need valid administrator credentials to exploit this vulnerability.

    Cisco has released software updates that address this vulnerability. There
    are no workarounds that address this vulnerability.

    This advisory is available at the following link:
    https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
    cisco-sa-20190515-nxos-cmdinj-1790

Affected Products

  o Vulnerable Products

    This vulnerability affects the following Cisco products if they are running
    a vulnerable release of Cisco NX-OS Software:

       MDS 9000 Series Multilayer Switches
       Nexus 3000 Series Switches
       Nexus 3500 Platform Switches
       Nexus 3600 Platform Switches
       Nexus 5500 Platform Switches
       Nexus 5600 Platform Switches
       Nexus 6000 Series Switches
       Nexus 7000 Series Switches
       Nexus 7700 Series Switches
       Nexus 9000 Series Switches in standalone NX-OS mode
       Nexus 9500 R-Series Switching Platform
       UCS 6200 Series Fabric Interconnects
       UCS 6300 Series Fabric Interconnects

    For information about which Cisco NX-OS Software releases are vulnerable,
    see the Fixed Software section of this advisory.

    Products Confirmed Not Vulnerable

    Only products listed in the Vulnerable Products section of this advisory
    are known to be affected by this vulnerability.

    Cisco has confirmed that this vulnerability does not affect the following
    Cisco products:

       Firepower 2100 Series
       Firepower 4100 Series
       Firepower 9300 Security Appliances
       Nexus 1000V Switch for Microsoft Hyper-V
       Nexus 1000V Switch for VMware vSphere
       Nexus 9000 Series Fabric Switches in Application Centric Infrastructure
        (ACI) mode
       UCS 6400 Series Fabric Interconnects

Details

  o Cisco has disclosed several similar CLI command injection vulnerabilities.
    They differ primarily in affected products and software versions. This
    table shows the affected products for each vulnerability by Cisco bug ID
    and CVE ID.

    Security        FP 4100/   MDS 9K/    N1000V     N3K/N3500/ N3600/     N5500K/    UCS 6200/
    Advisory        9300       N7K/       MS/VM      N9K-NXOS   N9500R     N5600/     UCS 6300
                               N7700 ^1                                    N6K        UCS 6400 ^
                                                                                      2
    Cisco NX-OS     N/A        CSCvj63728 CSCvk52969 CSCvj63877 CSCvk52988 CSCvk52972 CSCvk52975
    Software                              CSCvk52985 CSCvk52971
    Command
    Injection
    Vulnerability
    (CVE-2019-1735)
    Cisco NX-OS     N/A        N/A        N/A        CSCvh20032 CSCvj00299 N/A        N/A
    Software Line
    Card Command
    Injection
    Vulnerability
    (CVE-2019-1769)
    Cisco NX-OS     N/A        CSCvh75867 CSCvi92240 CSCvh75958 CSCvi92239 CSCvi92243 N/A
    Software                   ^1         CSCvk36294 CSCvi92242
    Command
    Injection
    Vulnerability
    (CVE-2019-1770)
    Cisco NX-OS     N/A        CSCvh75895 N/A        CSCvh75968 CSCvi99195 CSCvi99198 N/A
    Software                   CSCvh75909            CSCvh75976 CSCvi92256 CSCvi92260
    Command                                          CSCvi99197
    Injection                                        CSCvi92258
    Vulnerabilities
    (CVE-2019-1774,
    CVE-2019-1775)
    Cisco NX-OS     N/A        CSCvh20081 N/A        CSCvh20076 CSCvi96429 CSCvi96432 CSCvi96433
    Software                                         CSCvi96431                       ^2
    Command
    Injection
    Vulnerability
    (CVE-2019-1776)
    Cisco NX-OS     N/A        N/A        N/A        CSCvh75996 CSCvj03877 N/A        N/A
    Software
    Command
    Injection
    Vulnerability
    (CVE-2019-1778)
    Cisco FXOS and  CSCvj00418 CSCve51688 N/A        CSCvh76126 CSCvj00412 CSCvj00416 N/A
    NX-OS Software
    Command
    Injection
    Vulnerability
    (CVE-2019-1779)
    Cisco FXOS and  CSCvi92332 CSCvi01440 N/A        CSCvi01431 CSCvi92326 CSCvi92329 N/A
    NX-OS Software                                   CSCvi92328
    Command
    Injection
    Vulnerability
    (CVE-2019-1780)
    Cisco FXOS and  CSCvi96527 CSCvi01448 N/A        CSCvi01445 CSCvi96522 CSCvi96525 CSCvi96526
    NX-OS Software  CSCvi92130 CSCvh20389            CSCvh20027 CSCvi91985 CSCvi92128 ^2
    Command                                          CSCvi96524                       CSCvi92129
    Injection                                        CSCvi92126                       ^2
    Vulnerabilities
    (CVE-2019-1781,
    CVE-2019-1782)
    Cisco NX-OS     N/A        CSCvi42281 N/A        N/A        N/A        CSCvj03966 N/A
    Software                   ^1
    Command
    Injection
    Vulnerability
    (CVE-2019-1783)
    Cisco NX-OS     N/A        CSCvi42292 N/A        N/A        N/A        CSCvj12273 CSCvj12274
    Software                   ^1                                                     ^2
    Command
    Injection
    Vulnerability
    (CVE-2019-1784)
    Cisco NX-OS     N/A        CSCvh20112 N/A        CSCvh20096 CSCvi96504 CSCvi96509 CSCvi96510
    Software                                                                          ^2
    Command
    Injection
    Vulnerability
    (CVE-2019-1790)
    Cisco NX-OS     N/A        CSCvj63667 N/A        CSCvj63270 CSCvk50889 CSCvk50876 N/A
    Software                                         CSCvk50873
    Command
    Injection
    Vulnerability
    (CVE-2019-1791)
    Cisco FXOS and  CSCvh66259 CSCvh20359 CSCvh66257 CSCvh20029 CSCvh66202 CSCvh66214 CSCvh66243
    NX-OS Software                        CSCvk30761 CSCvh66219                       ^2
    Command
    Injection
    Vulnerability
    (CVE-2019-1795)

    1. CSCvh75867, CSCvi42281, and CSCvi42292 apply to only Nexus 7000 Series
    and Nexus 7700 Series Switches. The MDS 9000 Series Multilayer Switches are
    not affected by these vulnerabilities.
    2. CSCvk52975 applies to UCS 6200, 6300, and 6400. For all other UCS
    defects, only UCS 6200 and 6300 are affected (and UCS 6400 is not
    affected).

Workarounds

  o There are no workarounds that address this vulnerability.

Fixed Software

  o Cisco has released free software updates that address the vulnerability
    described in this advisory. Customers may only install and expect support
    for software versions and feature sets for which they have purchased a
    license. By installing, downloading, accessing, or otherwise using such
    software upgrades, customers agree to follow the terms of the Cisco
    software license: https://www.cisco.com/c/en/us/products/
    end-user-license-agreement.html

    Additionally, customers may only download software for which they have a
    valid license, procured from Cisco directly, or through a Cisco authorized
    reseller or partner. In most cases this will be a maintenance upgrade to
    software that was previously purchased. Free security software updates do
    not entitle customers to a new software license, additional software
    feature sets, or major revision upgrades.

    When considering software upgrades, customers are advised to regularly
    consult the advisories for Cisco products, which are available from the
    Cisco Security Advisories and Alerts page , to determine exposure and a
    complete upgrade solution.

    In all cases, customers should ensure that the devices to be upgraded
    contain sufficient memory and confirm that current hardware and software
    configurations will continue to be supported properly by the new release.
    If the information is not clear, customers are advised to contact the Cisco
    Technical Assistance Center (TAC) or their contracted maintenance
    providers.

    Customers Without Service Contracts

    Customers who purchase directly from Cisco but do not hold a Cisco service
    contract and customers who make purchases through third-party vendors but
    are unsuccessful in obtaining fixed software through their point of sale
    should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c
    /en/us/support/web/tsd-cisco-worldwide-contacts.html

    Customers should have the product serial number available and be prepared
    to provide the URL of this advisory as evidence of entitlement to a free
    upgrade.

    Fixed Releases

    No upgrade action is necessary for customers who have already applied a
    recommended release to address the March 2019 Cisco FXOS and NX-OS Software
    bundle. See Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software
    Security Advisory Bundled Publication for a list of advisories in the
    bundle.

    Customers who have not applied a recommended release to address the March
    2019 bundle are advised to upgrade to an appropriate release as indicated
    in the applicable table in this section. In the following tables, the left
    column lists Cisco NX-OS Software releases. The right column indicates the
    first release that includes the fix for this vulnerability.

    MDS 9000 Series Multilayer Switches: CSCvh20112

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    5.2                            6.2(25)
    6.2                            6.2(25)
    7.3                            8.1(1b)
    8.1                            8.1(1b)
    8.2                            8.2(3)
    8.3                            8.3(1)

    Nexus 3000 Series Switches, Nexus 3500 Platform Switches, and Nexus 9000
    Series Switches in Standalone NX-OS Mode: CSCvh20096

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    Prior to 7.0(3)I4              7.0(3)I4(8)
    7.0(3)I4                       7.0(3)I4(8)
    7.0(3)I7                       7.0(3)I7(3)
    9.2(1)                         Not vulnerable

    Nexus 3600 Platform Switches and Nexus 9500 R-Series Switching Platform: 
    CSCvi96504

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    7.0(3)                         7.0(3)F3(5)
    9.2                            Not vulnerable

    Nexus 5500 and 5600 Platform Switches and 6000 Series Switches: CSCvi96509

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    Prior to 7.3                   7.3(4)N1(1)
    7.3                            7.3(4)N1(1)

    Nexus 7000 and 7700 Series Switches: CSCvh20112

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    Prior to 6.2                   6.2(22)
    6.2                            6.2(22)
    7.2                            7.3(3)D1(1)
    7.3                            7.3(3)D1(1)
    8.0                            8.2(3)
    8.1                            8.2(3)
    8.2                            8.2(3)
    8.3                            8.3(1)

    UCS 6200 and 6300 Series Fabric Interconnects: CSCvi96510

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    Prior to 4.0                   4.0(1a)
    4.0                            4.0(1a)


    Additional Resources

    For help determining the best Cisco NX-OS Software release for a Cisco
    Nexus Switch, administrators can refer to the following Recommended
    Releases documents. If a security advisory recommends a later release,
    Cisco recommends following the advisory guidance.

        Cisco MDS Series Switches
        Cisco Nexus 1000V for VMware Switch
        Cisco Nexus 3000 Series and 3500 Series Switches
        Cisco Nexus 5000 Series Switches
        Cisco Nexus 5500 Platform Switches
        Cisco Nexus 6000 Series Switches
        Cisco Nexus 7000 Series Switches
        Cisco Nexus 9000 Series Switches
        Cisco Nexus 9000 Series ACI-Mode Switches

    For help determining the best Cisco NX-OS Software release for Cisco UCS,
    refer to the Recommended Releases documents in the release notes for the
    device.

Exploitation and Public Announcements

  o The Cisco Product Security Incident Response Team (PSIRT) is not aware of
    any public announcements or malicious use of the vulnerability that is
    described in this advisory.

Source

  o This vulnerability was found during internal security testing.

Cisco Security Vulnerability Policy

  o To learn about Cisco security vulnerability disclosure policies and
    publications, see the Security Vulnerability Policy . This document also
    contains instructions for obtaining fixed software and receiving security
    vulnerability information from Cisco.

URL

  o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
    cisco-sa-20190515-nxos-cmdinj-1790

Revision History

  o +----------+---------------------------+----------+--------+--------------+
    | Version  |        Description        | Section  | Status |     Date     |
    +----------+---------------------------+----------+--------+--------------+
    | 1.0      | Initial public release.   | -        | Final  | 2019-May-15  |
    +----------+---------------------------+----------+--------+--------------+

- -------------------------------------------------------------------------------

Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1791)

Priority:        Medium

Advisory ID:     cisco-sa-20190515-nxos-cmdinj-1791

First Published: 2019 May 15 16:00 GMT

Version 1.0:     Final

Workarounds:     No workarounds availableCisco Bug IDs:   CSCvj63270CSCvj63667CSCvk50873CSCvk50876CSCvk50889

CVE-2019-1791    

CWE-77

CVSS Score:
6.7  AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X

Summary

  o A vulnerability in the CLI of Cisco NX-OS Software could allow an
    authenticated, local attacker with administrator credentials to execute
    arbitrary commands with elevated privileges on the underlying operating
    system of an affected device.

    The vulnerability is due to insufficient validation of arguments passed to
    certain CLI commands. An attacker could exploit this vulnerability by
    including malicious input as the argument of an affected command. A
    successful exploit could allow the attacker to execute arbitrary commands
    on the underlying operating system with elevated privileges. An attacker
    would need valid administrator credentials to exploit this vulnerability.

    Cisco has released software updates that address this vulnerability. There
    are no workarounds that address this vulnerability.

    This advisory is available at the following link:
    https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
    cisco-sa-20190515-nxos-cmdinj-1791

Affected Products

  o Vulnerable Products

    This vulnerability affects the following Cisco products if they are running
    a vulnerable release of Cisco NX-OS Software:

       MDS 9000 Series Multilayer Switches
       Nexus 3000 Series Switches
       Nexus 3500 Platform Switches
       Nexus 3600 Platform Switches
       Nexus 5500 Platform Switches
       Nexus 5600 Platform Switches
       Nexus 6000 Series Switches
       Nexus 7000 Series Switches
       Nexus 7700 Series Switches
       Nexus 9000 Series Switches in standalone NX-OS mode
       Nexus 9500 R-Series Switching Platform
    For information about which Cisco NX-OS Software releases are vulnerable,
    see the Fixed Software section of this advisory.

    Products Confirmed Not Vulnerable

    Only products listed in the Vulnerable Products section of this advisory
    are known to be affected by this vulnerability.

    Cisco has confirmed that this vulnerability does not affect the following
    Cisco products:

       Firepower 2100 Series
       Firepower 4100 Series
       Firepower 9300 Security Appliances
       Nexus 1000V Switch for Microsoft Hyper-V
       Nexus 1000V Switch for VMware vSphere
       Nexus 9000 Series Fabric Switches in Application Centric Infrastructure
        (ACI) mode
       UCS 6200 Series Fabric Interconnects
       UCS 6300 Series Fabric Interconnects
       UCS 6400 Series Fabric Interconnects

Details

  o Cisco has disclosed several similar CLI command injection vulnerabilities.
    They differ primarily in affected products and software versions. This
    table shows the affected products for each vulnerability by Cisco bug ID
    and CVE ID.

    Security        FP 4100/   MDS 9K/    N1000V     N3K/N3500/ N3600/     N5500K/    UCS 6200/
    Advisory        9300       N7K/       MS/VM      N9K-NXOS   N9500R     N5600/     UCS 6300
                               N7700 ^1                                    N6K        UCS 6400 ^
                                                                                      2
    Cisco NX-OS     N/A        CSCvj63728 CSCvk52969 CSCvj63877 CSCvk52988 CSCvk52972 CSCvk52975
    Software                              CSCvk52985 CSCvk52971
    Command
    Injection
    Vulnerability
    (CVE-2019-1735)
    Cisco NX-OS     N/A        N/A        N/A        CSCvh20032 CSCvj00299 N/A        N/A
    Software Line
    Card Command
    Injection
    Vulnerability
    (CVE-2019-1769)
    Cisco NX-OS     N/A        CSCvh75867 CSCvi92240 CSCvh75958 CSCvi92239 CSCvi92243 N/A
    Software                   ^1         CSCvk36294 CSCvi92242
    Command
    Injection
    Vulnerability
    (CVE-2019-1770)
    Cisco NX-OS     N/A        CSCvh75895 N/A        CSCvh75968 CSCvi99195 CSCvi99198 N/A
    Software                   CSCvh75909            CSCvh75976 CSCvi92256 CSCvi92260
    Command                                          CSCvi99197
    Injection                                        CSCvi92258
    Vulnerabilities
    (CVE-2019-1774,
    CVE-2019-1775)
    Cisco NX-OS     N/A        CSCvh20081 N/A        CSCvh20076 CSCvi96429 CSCvi96432 CSCvi96433
    Software                                         CSCvi96431                       ^2
    Command
    Injection
    Vulnerability
    (CVE-2019-1776)
    Cisco NX-OS     N/A        N/A        N/A        CSCvh75996 CSCvj03877 N/A        N/A
    Software
    Command
    Injection
    Vulnerability
    (CVE-2019-1778)
    Cisco FXOS and  CSCvj00418 CSCve51688 N/A        CSCvh76126 CSCvj00412 CSCvj00416 N/A
    NX-OS Software
    Command
    Injection
    Vulnerability
    (CVE-2019-1779)
    Cisco FXOS and  CSCvi92332 CSCvi01440 N/A        CSCvi01431 CSCvi92326 CSCvi92329 N/A
    NX-OS Software                                   CSCvi92328
    Command
    Injection
    Vulnerability
    (CVE-2019-1780)
    Cisco FXOS and  CSCvi96527 CSCvi01448 N/A        CSCvi01445 CSCvi96522 CSCvi96525 CSCvi96526
    NX-OS Software  CSCvi92130 CSCvh20389            CSCvh20027 CSCvi91985 CSCvi92128 ^2
    Command                                          CSCvi96524                       CSCvi92129
    Injection                                        CSCvi92126                       ^2
    Vulnerabilities
    (CVE-2019-1781,
    CVE-2019-1782)
    Cisco NX-OS     N/A        CSCvi42281 N/A        N/A        N/A        CSCvj03966 N/A
    Software                   ^1
    Command
    Injection
    Vulnerability
    (CVE-2019-1783)
    Cisco NX-OS     N/A        CSCvi42292 N/A        N/A        N/A        CSCvj12273 CSCvj12274
    Software                   ^1                                                     ^2
    Command
    Injection
    Vulnerability
    (CVE-2019-1784)
    Cisco NX-OS     N/A        CSCvh20112 N/A        CSCvh20096 CSCvi96504 CSCvi96509 CSCvi96510
    Software                                                                          ^2
    Command
    Injection
    Vulnerability
    (CVE-2019-1790)
    Cisco NX-OS     N/A        CSCvj63667 N/A        CSCvj63270 CSCvk50889 CSCvk50876 N/A
    Software                                         CSCvk50873
    Command
    Injection
    Vulnerability
    (CVE-2019-1791)
    Cisco FXOS and  CSCvh66259 CSCvh20359 CSCvh66257 CSCvh20029 CSCvh66202 CSCvh66214 CSCvh66243
    NX-OS Software                        CSCvk30761 CSCvh66219                       ^2
    Command
    Injection
    Vulnerability
    (CVE-2019-1795)

    1. CSCvh75867, CSCvi42281, and CSCvi42292 apply to only Nexus 7000 Series
    and Nexus 7700 Series Switches. The MDS 9000 Series Multilayer Switches are
    not affected by these vulnerabilities.
    2. CSCvk52975 applies to UCS 6200, 6300, and 6400. For all other UCS
    defects, only UCS 6200 and 6300 are affected (and UCS 6400 is not
    affected).

Workarounds

  o There are no workarounds that address this vulnerability.

Fixed Software

  o Cisco has released free software updates that address the vulnerability
    described in this advisory. Customers may only install and expect support
    for software versions and feature sets for which they have purchased a
    license. By installing, downloading, accessing, or otherwise using such
    software upgrades, customers agree to follow the terms of the Cisco
    software license: https://www.cisco.com/c/en/us/products/
    end-user-license-agreement.html

    Additionally, customers may only download software for which they have a
    valid license, procured from Cisco directly, or through a Cisco authorized
    reseller or partner. In most cases this will be a maintenance upgrade to
    software that was previously purchased. Free security software updates do
    not entitle customers to a new software license, additional software
    feature sets, or major revision upgrades.

    When considering software upgrades, customers are advised to regularly
    consult the advisories for Cisco products, which are available from the
    Cisco Security Advisories and Alerts page , to determine exposure and a
    complete upgrade solution.

    In all cases, customers should ensure that the devices to be upgraded
    contain sufficient memory and confirm that current hardware and software
    configurations will continue to be supported properly by the new release.
    If the information is not clear, customers are advised to contact the Cisco
    Technical Assistance Center (TAC) or their contracted maintenance
    providers.

    Customers Without Service Contracts

    Customers who purchase directly from Cisco but do not hold a Cisco service
    contract and customers who make purchases through third-party vendors but
    are unsuccessful in obtaining fixed software through their point of sale
    should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c
    /en/us/support/web/tsd-cisco-worldwide-contacts.html

    Customers should have the product serial number available and be prepared
    to provide the URL of this advisory as evidence of entitlement to a free
    upgrade.

    Fixed Releases

    No upgrade action is necessary for customers who have already applied a
    recommended release to address the March 2019 Cisco FXOS and NX-OS Software
    bundle. See Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software
    Security Advisory Bundled Publication for a list of advisories in the
    bundle.

    Customers who have not applied a recommended release to address the March
    2019 bundle are advised to upgrade to an appropriate release as indicated
    in the applicable table in this section. In the following tables, the left
    column lists Cisco NX-OS Software releases. The right column indicates the
    first release that includes the fix for this vulnerability.

    MDS 9000 Series Multilayer Switches: CSCvj63667

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    5.2                            6.2(25)
    6.2                            6.2(25)
    7.3                            8.2(3)
    8.1                            8.2(3)
    8.2                            8.2(3)
    8.3                            8.3(1)

    Nexus 3000 Series Switches and Nexus 9000 Series Switches in Standalone
    NX-OS Mode: CSCvj63270

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    Prior to 7.0(3)I4              7.0(3)I4(9)
    7.0(3)I4                       7.0(3)I4(9)
    7.0(3)I7                       7.0(3)I7(6)
    9.2(1)                         Not vulnerable

    Nexus 3500 Platform Switches: CSCvk50873

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    Prior to 6.0(2)A8              6.0(2)A8(11)
    6.0(2)A8                       6.0(2)A8(11)
    7.0(3)I4                       7.0(3)I4(9)
    7.0(3)I7                       7.0(3)I7(6)
    9.2                            Not vulnerable

    Nexus 3600 Platform Switches and Nexus 9500 R-Series Switching Platform: 
    CSCvk50889

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    7.0(3)                         7.0(3)F3(5)
    9.2                            Not vulnerable

    Nexus 5500 and 5600 Platform Switches and 6000 Series Switches: CSCvk50876

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    Prior to 7.3                   7.3(4)N1(1)
    7.3                            7.3(4)N1(1)

    Nexus 7000 and 7700 Series Switches: CSCvj63667

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    Prior to 6.2                   6.2(22)
    6.2                            6.2(22)
    7.2                            7.3(3)D1(1)
    7.3                            7.3(3)D1(1)
    8.0                            8.2(3)
    8.1                            8.2(3)
    8.2                            8.2(3)
    8.3                            8.3(1)

    Additional Resources

    For help determining the best Cisco NX-OS Software release for a Cisco
    Nexus Switch, administrators can refer to the following Recommended
    Releases documents. If a security advisory recommends a later release,
    Cisco recommends following the advisory guidance.

        Cisco MDS Series Switches
        Cisco Nexus 1000V for VMware Switch
        Cisco Nexus 3000 Series and 3500 Series Switches
        Cisco Nexus 5000 Series Switches
        Cisco Nexus 5500 Platform Switches
        Cisco Nexus 6000 Series Switches
        Cisco Nexus 7000 Series Switches
        Cisco Nexus 9000 Series Switches
        Cisco Nexus 9000 Series ACI-Mode Switches

    For help determining the best Cisco NX-OS Software release for Cisco UCS,
    refer to the Recommended Releases documents in the release notes for the
    device.

Exploitation and Public Announcements

  o The Cisco Product Security Incident Response Team (PSIRT) is not aware of
    any public announcements or malicious use of the vulnerability that is
    described in this advisory.

Source

  o This vulnerability was found during internal security testing.

Cisco Security Vulnerability Policy

  o To learn about Cisco security vulnerability disclosure policies and
    publications, see the Security Vulnerability Policy . This document also
    contains instructions for obtaining fixed software and receiving security
    vulnerability information from Cisco.

URL

  o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
    cisco-sa-20190515-nxos-cmdinj-1791

Revision History

  o +----------+---------------------------+----------+--------+--------------+
    | Version  |        Description        | Section  | Status |     Date     |
    +----------+---------------------------+----------+--------+--------------+
    | 1.0      | Initial public release.   | -        | Final  | 2019-May-15  |
    +----------+---------------------------+----------+--------+--------------+

- -------------------------------------------------------------------------------

Cisco NX-OS Software Line Card Command Injection Vulnerability (CVE-2019-1769)

Priority:        Medium

Advisory ID:     cisco-sa-20190515-nxos-linecardinj-1769

First Published: 2019 May 15 16:00 GMT

Version 1.0:     Final

Workarounds:     No workarounds available

Cisco Bug IDs:   CSCvh20032CSCvj00299

CVE-2019-1769    

CWE-78

CVSS Score:
6.7  AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X

Summary

  o 
    A vulnerability in the CLI of Cisco NX-OS Software could allow an
    authenticated, local attacker with administrator credentials to execute
    arbitrary commands on the underlying Linux operating system of an attached
    line card with the privilege level of root .

    The vulnerability is due to insufficient validation of arguments passed to
    a specific CLI command on the affected device. An attacker could exploit
    this vulnerability by including malicious input as the argument of an
    affected command. A successful exploit could allow the attacker to execute
    arbitrary commands on the underlying Linux operating system of an attached
    line card with elevated privileges. An attacker would need valid
    administrator credentials to exploit this vulnerability.

    Cisco has released software updates that address this vulnerability. There
    are no workarounds that address this vulnerability.

    This advisory is available at the following link:
    https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
    cisco-sa-20190515-nxos-linecardinj-1769

Affected Products

  o Vulnerable Products

    This vulnerability affects the following Cisco products if they are running
    a vulnerable release of Cisco NX-OS Software:

       Nexus 3000 Series Switches
       Nexus 3500 Platform Switches
       Nexus 3600 Platform Switches
       Nexus 9000 Series Switches in standalone NX-OS mode
       Nexus 9500 R-Series Switching Platform

    For information about which Cisco NX-OS Software releases are vulnerable,
    see the Fixed Software section of this advisory.

    Products Confirmed Not Vulnerable

    Only products listed in the Vulnerable Products section of this advisory
    are known to be affected by this vulnerability.

    Cisco has confirmed that this vulnerability does not affect the following
    Cisco products:

       Firepower 2100 Series
       Firepower 4100 Series
       Firepower 9300 Security Appliances
       MDS 9000 Series Multilayer Switches
       Nexus 1000V Switch for Microsoft Hyper-V
       Nexus 1000V Switch for VMware vSphere
       Nexus 5500 Platform Switches
       Nexus 5600 Platform Switches
       Nexus 6000 Series Switches
       Nexus 7000 Series Switches
       Nexus 7700 Series Switches
       Nexus 9000 Series Fabric Switches in Application Centric Infrastructure
        (ACI) mode
       UCS 6200 Series Fabric Interconnects
       UCS 6300 Series Fabric Interconnects
       UCS 6400 Series Fabric Interconnects

Details

  o Cisco has disclosed several similar CLI command injection vulnerabilities.
    They differ primarily in affected products and software versions. This
    table shows the affected products for each vulnerability by Cisco bug ID
    and CVE ID.

    Security        FP 4100/   MDS 9K/    N1000V     N3K/N3500/ N3600/     N5500K/    UCS 6200/
    Advisory        9300       N7K/       MS/VM      N9K-NXOS   N9500R     N5600/     UCS 6300
                               N7700 ^1                                    N6K        UCS 6400 ^
                                                                                      2
    Cisco NX-OS     N/A        CSCvj63728 CSCvk52969 CSCvj63877 CSCvk52988 CSCvk52972 CSCvk52975
    Software                              CSCvk52985 CSCvk52971
    Command
    Injection
    Vulnerability
    (CVE-2019-1735)
    Cisco NX-OS     N/A        N/A        N/A        CSCvh20032 CSCvj00299 N/A        N/A
    Software Line
    Card Command
    Injection
    Vulnerability
    (CVE-2019-1769)
    Cisco NX-OS     N/A        CSCvh75867 CSCvi92240 CSCvh75958 CSCvi92239 CSCvi92243 N/A
    Software                   ^1         CSCvk36294 CSCvi92242
    Command
    Injection
    Vulnerability
    (CVE-2019-1770)
    Cisco NX-OS     N/A        CSCvh75895 N/A        CSCvh75968 CSCvi99195 CSCvi99198 N/A
    Software                   CSCvh75909            CSCvh75976 CSCvi92256 CSCvi92260
    Command                                          CSCvi99197
    Injection                                        CSCvi92258
    Vulnerabilities
    (CVE-2019-1774,
    CVE-2019-1775)
    Cisco NX-OS     N/A        CSCvh20081 N/A        CSCvh20076 CSCvi96429 CSCvi96432 CSCvi96433
    Software                                         CSCvi96431                       ^2
    Command
    Injection
    Vulnerability
    (CVE-2019-1776)
    Cisco NX-OS     N/A        N/A        N/A        CSCvh75996 CSCvj03877 N/A        N/A
    Software
    Command
    Injection
    Vulnerability
    (CVE-2019-1778)
    Cisco FXOS and  CSCvj00418 CSCve51688 N/A        CSCvh76126 CSCvj00412 CSCvj00416 N/A
    NX-OS Software
    Command
    Injection
    Vulnerability
    (CVE-2019-1779)
    Cisco FXOS and  CSCvi92332 CSCvi01440 N/A        CSCvi01431 CSCvi92326 CSCvi92329 N/A
    NX-OS Software                                   CSCvi92328
    Command
    Injection
    Vulnerability
    (CVE-2019-1780)
    Cisco FXOS and  CSCvi96527 CSCvi01448 N/A        CSCvi01445 CSCvi96522 CSCvi96525 CSCvi96526
    NX-OS Software  CSCvi92130 CSCvh20389            CSCvh20027 CSCvi91985 CSCvi92128 ^2
    Command                                          CSCvi96524                       CSCvi92129
    Injection                                        CSCvi92126                       ^2
    Vulnerabilities
    (CVE-2019-1781,
    CVE-2019-1782)
    Cisco NX-OS     N/A        CSCvi42281 N/A        N/A        N/A        CSCvj03966 N/A
    Software                   ^1
    Command
    Injection
    Vulnerability
    (CVE-2019-1783)
    Cisco NX-OS     N/A        CSCvi42292 N/A        N/A        N/A        CSCvj12273 CSCvj12274
    Software                   ^1                                                     ^2
    Command
    Injection
    Vulnerability
    (CVE-2019-1784)
    Cisco NX-OS     N/A        CSCvh20112 N/A        CSCvh20096 CSCvi96504 CSCvi96509 CSCvi96510
    Software                                                                          ^2
    Command
    Injection
    Vulnerability
    (CVE-2019-1790)
    Cisco NX-OS     N/A        CSCvj63667 N/A        CSCvj63270 CSCvk50889 CSCvk50876 N/A
    Software                                         CSCvk50873
    Command
    Injection
    Vulnerability
    (CVE-2019-1791)
    Cisco FXOS and  CSCvh66259 CSCvh20359 CSCvh66257 CSCvh20029 CSCvh66202 CSCvh66214 CSCvh66243
    NX-OS Software                        CSCvk30761 CSCvh66219                       ^2
    Command
    Injection
    Vulnerability
    (CVE-2019-1795)

    1. CSCvh75867, CSCvi42281, and CSCvi42292 apply to only Nexus 7000 Series
    and Nexus 7700 Series Switches. The MDS 9000 Series Multilayer Switches are
    not affected by these vulnerabilities.
    2. CSCvk52975 applies to UCS 6200, 6300, and 6400. For all other UCS
    defects, only UCS 6200 and 6300 are affected (and UCS 6400 is not
    affected).

Workarounds

  o There are no workarounds that address this vulnerability.

Fixed Software

  o Cisco has released free software updates that address the vulnerability
    described in this advisory. Customers may only install and expect support
    for software versions and feature sets for which they have purchased a
    license. By installing, downloading, accessing, or otherwise using such
    software upgrades, customers agree to follow the terms of the Cisco
    software license: https://www.cisco.com/c/en/us/products/
    end-user-license-agreement.html

    Additionally, customers may only download software for which they have a
    valid license, procured from Cisco directly, or through a Cisco authorized
    reseller or partner. In most cases this will be a maintenance upgrade to
    software that was previously purchased. Free security software updates do
    not entitle customers to a new software license, additional software
    feature sets, or major revision upgrades.

    When considering software upgrades, customers are advised to regularly
    consult the advisories for Cisco products, which are available from the
    Cisco Security Advisories and Alerts page , to determine exposure and a
    complete upgrade solution.

    In all cases, customers should ensure that the devices to be upgraded
    contain sufficient memory and confirm that current hardware and software
    configurations will continue to be supported properly by the new release.
    If the information is not clear, customers are advised to contact the Cisco
    Technical Assistance Center (TAC) or their contracted maintenance
    providers.

    Customers Without Service Contracts

    Customers who purchase directly from Cisco but do not hold a Cisco service
    contract and customers who make purchases through third-party vendors but
    are unsuccessful in obtaining fixed software through their point of sale
    should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c
    /en/us/support/web/tsd-cisco-worldwide-contacts.html

    Customers should have the product serial number available and be prepared
    to provide the URL of this advisory as evidence of entitlement to a free
    upgrade.

    Fixed Releases

    No upgrade action is necessary for customers who have already applied a
    recommended release to address the March 2019 Cisco FXOS and NX-OS Software
    bundle. See Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software
    Security Advisory Bundled Publication for a list of advisories in the
    bundle.

    Customers who have not applied a recommended release to address the March
    2019 bundle are advised to upgrade to an appropriate release as indicated
    in the applicable table in this section. In the following tables, the left
    column lists Cisco NX-OS Software releases. The right column indicates the
    first release that includes the fix for this vulnerability.

    Nexus 3000 Series Switches, Nexus 3500 Platform Switches, and Nexus 9000
    Series Switches in Standalone NX-OS Mode: CSCvh20032

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    Prior to 7.0(3)I7              7.0(3)I7(6)
    7.0(3)I7                       7.0(3)I7(6)
    9.2(1)                         Not vulnerable

    Nexus 3600 Platform Switches and Nexus 9500 R-Series Switching Platform: 
    CSCvj00299

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    7.0(3)                         7.0(3)F3(5)
    9.2                            Not vulnerable


    Additional Resources

    For help determining the best Cisco NX-OS Software release for a Cisco
    Nexus Switch, administrators can refer to the following Recommended
    Releases documents. If a security advisory recommends a later release,
    Cisco recommends following the advisory guidance.

        Cisco MDS Series Switches
        Cisco Nexus 1000V for VMware Switch
        Cisco Nexus 3000 Series and 3500 Series Switches
        Cisco Nexus 5000 Series Switches
        Cisco Nexus 5500 Platform Switches
        Cisco Nexus 6000 Series Switches
        Cisco Nexus 7000 Series Switches
        Cisco Nexus 9000 Series Switches
        Cisco Nexus 9000 Series ACI-Mode Switches

    For help determining the best Cisco NX-OS Software release for Cisco UCS,
    refer to the Recommended Releases documents in the release notes for the
    device.

Exploitation and Public Announcements

  o The Cisco Product Security Incident Response Team (PSIRT) is not aware of
    any public announcements or malicious use of the vulnerability that is
    described in this advisory.

Source

  o This vulnerability was found during internal security testing.

Cisco Security Vulnerability Policy

  o To learn about Cisco security vulnerability disclosure policies and
    publications, see the Security Vulnerability Policy . This document also
    contains instructions for obtaining fixed software and receiving security
    vulnerability information from Cisco.

URL

  o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
    cisco-sa-20190515-nxos-linecardinj-1769

Revision History

  o +----------+---------------------------+----------+--------+--------------+
    | Version  |        Description        | Section  | Status |     Date     |
    +----------+---------------------------+----------+--------+--------------+
    | 1.0      | Initial public release.   | -        | Final  | 2019-May-15  |
    +----------+---------------------------+----------+--------+--------------+

- -------------------------------------------------------------------------------

Cisco NX-OS Software NX-API Sandbox Cross-Site Scripting Vulnerability

Priority:        Medium

Advisory ID:     cisco-sa-20190515-nxos-nxapi-xss

First Published: 2019 May 15 16:00 GMT

Version 1.0:     Final

Workarounds:     No workarounds availableCisco Bug IDs:   CSCvj14814

CVE-2019-1733    

CWE-79

CVSS Score:
5.4  AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:X/RL:X/RC:X

Summary

  o 
    A vulnerability in the NX API (NX-API) Sandbox interface for Cisco NX-OS
    Software could allow an authenticated, remote attacker to conduct a
    cross-site scripting (XSS) attack against a user of the NX-API Sandbox
    interface of an affected device.

    The vulnerability is due to insufficient validation of user-supplied input
    by the NX-API Sandbox interface. An attacker could exploit this
    vulnerability by persuading a user of the NX-API Sandbox interface to click
    a crafted link. A successful exploit could allow the attacker to execute
    arbitrary script code in the context of the affected NX-API Sandbox
    interface.

    Cisco has released software updates that address this vulnerability. There
    are no workarounds that address this vulnerability.

    This advisory is available at the following link:
    https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
    cisco-sa-20190515-nxos-nxapi-xss

Affected Products

  o Vulnerable Products

    This vulnerability affects the following Cisco products if they are running
    a vulnerable release of Cisco NX-OS Software:

       Nexus 3000 Series Switches
       Nexus 3500 Platform Switches
       Nexus 9000 Series Switches in standalone NX-OS mode

    For information about which Cisco NX-OS Software releases are vulnerable,
    see the Fixed Software section of this advisory.

    Products Confirmed Not Vulnerable

    Only products listed in the Vulnerable Products section of this advisory
    are known to be affected by this vulnerability.

    Cisco has confirmed that this vulnerability does not affect the following
    Cisco products:

       Firepower 2100 Series
       Firepower 4100 Series
       Firepower 9300 Security Appliances
       MDS 9000 Series Multilayer Switches
       Nexus 1000V Switch for Microsoft Hyper-V
       Nexus 1000V Switch for VMware vSphere
       Nexus 3600 Platform Switches
       Nexus 5500 Platform Switches
       Nexus 5600 Platform Switches
       Nexus 6000 Series Switches
       Nexus 7000 Series Switches
       Nexus 7700 Series Switches
       Nexus 9000 Series Fabric Switches in Application Centric Infrastructure
        (ACI) mode
       Nexus 9500 R-Series Switching Platform
       UCS 6200 Series Fabric Interconnects
       UCS 6300 Series Fabric Interconnects
       UCS 6400 Series Fabric Interconnects

Workarounds

  o There are no workarounds that address this vulnerability.

Fixed Software

  o Cisco has released free software updates that address the vulnerabilities
    described in this advisory. Customers may only install and expect support
    for software versions and feature sets for which they have purchased a
    license. By installing, downloading, accessing, or otherwise using such
    software upgrades, customers agree to follow the terms of the Cisco
    software license: https://www.cisco.com/c/en/us/products/
    end-user-license-agreement.html

    Additionally, customers may only download software for which they have a
    valid license, procured from Cisco directly, or through a Cisco authorized
    reseller or partner. In most cases this will be a maintenance upgrade to
    software that was previously purchased. Free security software updates do
    not entitle customers to a new software license, additional software
    feature sets, or major revision upgrades.

    When considering software upgrades, customers are advised to regularly
    consult the advisories for Cisco products, which are available from the
    Cisco Security Advisories and Alerts page , to determine exposure and a
    complete upgrade solution.

    In all cases, customers should ensure that the devices to be upgraded
    contain sufficient memory and confirm that current hardware and software
    configurations will continue to be supported properly by the new release.
    If the information is not clear, customers are advised to contact the Cisco
    Technical Assistance Center (TAC) or their contracted maintenance
    providers.

    Customers Without Service Contracts

    Customers who purchase directly from Cisco but do not hold a Cisco service
    contract and customers who make purchases through third-party vendors but
    are unsuccessful in obtaining fixed software through their point of sale
    should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c
    /en/us/support/web/tsd-cisco-worldwide-contacts.html

    Customers should have the product serial number available and be prepared
    to provide the URL of this advisory as evidence of entitlement to a free
    upgrade.

    Fixed Releases

    No upgrade action is necessary for customers who have already applied a
    recommended release to address the March 2019 Cisco FXOS and NX-OS Software
    bundle. See Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software
    Security Advisory Bundled Publication for a list of advisories in the
    bundle.

    Customers who have not applied a recommended release to address the March
    2019 bundle are advised to upgrade to an appropriate release as indicated
    in the applicable table in this section. In the following tables, the left
    column lists Cisco NX-OS Software releases. The right column indicates the
    first release that includes the fix for this vulnerability.

    Nexus 3000 Series Switches, Nexus 3500 Platform Switches , and Nexus 9000
    Series Switches in Standalone NX-OS Mode: CSCvj14814

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    Prior to 7.0(3)I2              Not vulnerable
    7.0(3)I7                       7.0(3)I7(4)
    9.2(1)                         Not vulnerable


    Additional Resources

    For help determining the best Cisco NX-OS Software release for a Cisco
    Nexus Switch, administrators can refer to the following Recommended
    Releases documents. If a security advisory recommends a later release,
    Cisco recommends following the advisory guidance.

        Cisco MDS Series Switches
        Cisco Nexus 1000V for VMware Switch
        Cisco Nexus 3000 Series and 3500 Series Switches
        Cisco Nexus 5000 Series Switches
        Cisco Nexus 5500 Platform Switches
        Cisco Nexus 6000 Series Switches
        Cisco Nexus 7000 Series Switches
        Cisco Nexus 9000 Series Switches
        Cisco Nexus 9000 Series ACI-Mode Switches

    For help determining the best Cisco NX-OS Software release for Cisco UCS,
    refer to the Recommended Releases documents in the release notes for the
    device.

Exploitation and Public Announcements

  o The Cisco Product Security Incident Response Team (PSIRT) is not aware of
    any public announcements or malicious use of the vulnerability that is
    described in this advisory.

Source

  o This vulnerability was found during internal security testing.

Cisco Security Vulnerability Policy

  o To learn about Cisco security vulnerability disclosure policies and
    publications, see the Security Vulnerability Policy . This document also
    contains instructions for obtaining fixed software and receiving security
    vulnerability information from Cisco.

Action Links for This Advisory

  o Understanding Cross-Site Scripting (XSS) Threat Vectors

Related to This Advisory

  o Cross-Site Scripting

URL

  o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
    cisco-sa-20190515-nxos-nxapi-xss

Revision History

  o +----------+---------------------------+----------+--------+--------------+
    | Version  |        Description        | Section  | Status |     Date     |
    +----------+---------------------------+----------+--------+--------------+
    | 1.0      | Initial public release.   | -        | Final  | 2019-May-15  |
    +----------+---------------------------+----------+--------+--------------+

- -------------------------------------------------------------------------------

Cisco NX-OS Software Patch Signature Verification Bypass Vulnerability

Priority:        Medium

Advisory ID:     cisco-sa-20190515-nxos-psvb

First Published: 2019 May 15 16:00 GMT

Version 1.0:     Final

Workarounds:     No workarounds availableCisco Bug IDs:   CSCvi42264CSCvj12239

CVE-2019-1809    

CWE-347

CVSS Score:
6.4  AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X

Summary

  o A vulnerability in the Image Signature Verification feature of Cisco NX-OS
    Software could allow an authenticated, local attacker with
    administrator-level credentials to install a malicious software patch on an
    affected device.

    The vulnerability is due to improper verification of digital signatures for
    patch images. An attacker could exploit this vulnerability by crafting an
    unsigned software patch to bypass signature checks and loading it on an
    affected device. A successful exploit could allow the attacker to boot a
    malicious software patch image.

    Cisco has released software updates that address this vulnerability. There
    are no workarounds that address this vulnerability.

    This advisory is available at the following link:
    https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
    cisco-sa-20190515-nxos-psvb

Affected Products

  o Vulnerable Products

    This vulnerability affects the following Cisco products if they are running
    a vulnerable release of Cisco NX-OS Software:

       MDS 9700 Series Multilayer Directors ^ 1
       Nexus 7000 Series Switches
       Nexus 7700 Series Switches
       UCS 6200 Series Fabric Interconnects
       UCS 6300 Series Fabric Interconnects

        1. For the MDS products, only the MDS 9700 Series Multilayer Directors
        are affected by this vulnerability. All other MDS 9000 Series
        Multilayer Switches are not vulnerable.

    For information about which Cisco NX-OS Software releases are vulnerable,
    see the Fixed Software section of this advisory.

    Products Confirmed Not Vulnerable

    Only products listed in the Vulnerable Products section of this advisory
    are known to be affected by this vulnerability.

    Cisco has confirmed that this vulnerability does not affect the following
    Cisco products:

       Firepower 2100 Series
       Firepower 4100 Series
       Firepower 9300 Security Appliances
       MDS 9000 Series Multilayer Switches (except MDS 9700) ^ 1
       Nexus 1000V Switch for Microsoft Hyper-V
       Nexus 1000V Switch for VMware vSphere
       Nexus 3000 Series Switches
       Nexus 3500 Platform Switches
       Nexus 3600 Platform Switches
       Nexus 5500 Platform Switches
       Nexus 5600 Platform Switches
       Nexus 6000 Series Switches
       Nexus 9000 Series Fabric Switches in Application Centric Infrastructure
        (ACI) mode
       Nexus 9000 Series Switches in standalone NX-OS mode
       Nexus 9500 R-Series Switching Platform
       UCS 6400 Series Fabric Interconnects

        1. For the MDS products, only the MDS 9700 Series Multilayer Directors
        are affected by this vulnerability. All other MDS 9000 Series
        Multilayer Switches are not vulnerable.

Workarounds

  o There are no workarounds that address this vulnerability.

Fixed Software

  o Cisco has released free software updates that address the vulnerability
    described in this advisory. Customers may only install and expect support
    for software versions and feature sets for which they have purchased a
    license. By installing, downloading, accessing, or otherwise using such
    software upgrades, customers agree to follow the terms of the Cisco
    software license: https://www.cisco.com/c/en/us/products/
    end-user-license-agreement.html

    Additionally, customers may only download software for which they have a
    valid license, procured from Cisco directly, or through a Cisco authorized
    reseller or partner. In most cases this will be a maintenance upgrade to
    software that was previously purchased. Free security software updates do
    not entitle customers to a new software license, additional software
    feature sets, or major revision upgrades.

    When considering software upgrades, customers are advised to regularly
    consult the advisories for Cisco products, which are available from the
    Cisco Security Advisories and Alerts page , to determine exposure and a
    complete upgrade solution.

    In all cases, customers should ensure that the devices to be upgraded
    contain sufficient memory and confirm that current hardware and software
    configurations will continue to be supported properly by the new release.
    If the information is not clear, customers are advised to contact the Cisco
    Technical Assistance Center (TAC) or their contracted maintenance
    providers.

    Customers Without Service Contracts

    Customers who purchase directly from Cisco but do not hold a Cisco service
    contract and customers who make purchases through third-party vendors but
    are unsuccessful in obtaining fixed software through their point of sale
    should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c
    /en/us/support/web/tsd-cisco-worldwide-contacts.html

    Customers should have the product serial number available and be prepared
    to provide the URL of this advisory as evidence of entitlement to a free
    upgrade.

    Fixed Releases

    No upgrade action is necessary for customers who have already applied a
    recommended release to address the March 2019 Cisco FXOS and NX-OS Software
    bundle. See Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software
    Security Advisory Bundled Publication for a list of advisories in the
    bundle.

    Customers who have not applied a recommended release to address the March
    2019 bundle are advised to upgrade to an appropriate release as indicated
    in the applicable table in this section. In the following tables, the left
    column lists Cisco NX-OS Software releases. The right column indicates the
    first release that includes the fix for this vulnerability.

    MDS 9700 Series Multilayer Directors: CSCvi42264

    Cisco NX-OS Software First Fixed Release for This
    Release              Vulnerability
    5.2                  Not vulnerable
    6.2                  Not vulnerable
    7.3                  8.1(1a)
    8.1                  8.1(1a)
    8.2                  8.3(1)
    8.3                  Not vulnerable


    Nexus 7000 and 7700 Series Switches: CSCvi42264


    Cisco NX-OS Software First Fixed Release for This
    Release              Vulnerability
    Prior to 6.2         Not vulnerable
    6.2                  Not vulnerable
    7.2                  7.3(3)D1(1)
    7.3                  7.3(3)D1(1)
    8.0                  8.2(3)
    8.1                  8.2(3)
    8.2                  8.2(3)
    8.3                  Not vulnerable


    UCS 6200 and 6300 Fabric Interconnects: CSCvj12239


    Cisco NX-OS Software First Fixed Release for This
    Release              Vulnerability
    Prior to 3.1         Not vulnerable
    3.1                  3.2(3k)
    3.2                  3.2(3k)
    4.0                  Not vulnerable

    Additional Resources

    For help determining the best Cisco NX-OS Software release for a Cisco
    Nexus Switch, administrators can refer to the following Recommended
    Releases documents. If a security advisory recommends a later release,
    Cisco recommends following the advisory guidance.

        Cisco MDS Series Switches
        Cisco Nexus 1000V for VMware Switch
        Cisco Nexus 3000 Series and 3500 Series Switches
        Cisco Nexus 5000 Series Switches
        Cisco Nexus 5500 Platform Switches
        Cisco Nexus 6000 Series Switches
        Cisco Nexus 7000 Series Switches
        Cisco Nexus 9000 Series Switches
        Cisco Nexus 9000 Series ACI-Mode Switches

    For help determining the best Cisco NX-OS Software release for Cisco UCS,
    refer to the Recommended Releases documents in the release notes for the
    device.

Exploitation and Public Announcements

  o The Cisco Product Security Incident Response Team (PSIRT) is not aware of
    any public announcements or malicious use of the vulnerability that is
    described in this advisory.

Source

  o This vulnerability was found during internal security testing.

Cisco Security Vulnerability Policy

  o To learn about Cisco security vulnerability disclosure policies and
    publications, see the Security Vulnerability Policy . This document also
    contains instructions for obtaining fixed software and receiving security
    vulnerability information from Cisco.

URL

  o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
    cisco-sa-20190515-nxos-psvb

Revision History

  o +----------+---------------------------+----------+--------+--------------+
    | Version  |        Description        | Section  | Status |     Date     |
    +----------+---------------------------+----------+--------+--------------+
    | 1.0      | Initial public release.   | -        | Final  | 2019-May-15  |
    +----------+---------------------------+----------+--------+--------------+

- -------------------------------------------------------------------------------

Cisco NX-OS Software Python Parser Privilege Escalation Vulnerability

Priority:        Medium

Advisory ID:     cisco-sa-20190515-nxos-pyth-escal

First Published: 2019 May 15 16:00 GMT

Version 1.0:     Final

Workarounds:     No workarounds availableCisco Bug IDs:   CSCvh24788CSCvi99282CSCvi99284CSCvi99288

CVE-2019-1727    

CWE-264

CVSS Score:
4.2  AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:X/RL:X/RC:X

Summary

  o 
    A vulnerability in the Python scripting subsystem of Cisco NX-OS Software
    could allow an authenticated, local attacker to escape the Python parser
    and issue arbitrary commands to elevate the attacker's privilege level.

    The vulnerability is due to insufficient sanitization of user-supplied
    parameters that are passed to certain Python functions in the scripting
    sandbox of the affected device. An attacker could exploit this
    vulnerability to escape the scripting sandbox and execute arbitrary
    commands to elevate the attacker's privilege level.

    To exploit this vulnerability, the attacker must have local access and be
    authenticated to the targeted device with administrative or Python
    execution privileges. These requirements could limit the possibility of a
    successful exploit.

    Cisco has released software updates that address this vulnerability. There
    are no workarounds that address this vulnerability.

    This advisory is available at the following link:
    https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
    cisco-sa-20190515-nxos-pyth-escal

Affected Products

  o Vulnerable Products

    This vulnerability affects the following Cisco products if they are running
    a vulnerable release of Cisco NX-OS Software:

       MDS 9000 Series Multilayer Switches
       Nexus 3000 Series Switches
       Nexus 3500 Platform Switches
       Nexus 3600 Platform Switches
       Nexus 5500 Platform Switches
       Nexus 5600 Platform Switches
       Nexus 6000 Series Switches
       Nexus 7000 Series Switches
       Nexus 7700 Series Switches
       Nexus 9000 Series Switches in standalone NX-OS mode
       Nexus 9500 R-Series Switching Platform

    For information about which Cisco NX-OS Software releases are vulnerable,
    see the Fixed Software section of this advisory.

    Products Confirmed Not Vulnerable

    Only products listed in the Vulnerable Products section of this advisory
    are known to be affected by this vulnerability.

    Cisco has confirmed that this vulnerability does not affect the following
    Cisco products:

       Firepower 2100 Series
       Firepower 4100 Series
       Firepower 9300 Security Appliances
       Nexus 1000V Switch for Microsoft Hyper-V
       Nexus 1000V Switch for VMware vSphere
       Nexus 9000 Series Fabric Switches in Application Centric Infrastructure
        (ACI) mode
       UCS 6200 Series Fabric Interconnects
       UCS 6300 Series Fabric Interconnects
       UCS 6400 Series Fabric Interconnects

Workarounds

  o There are no workarounds that address this vulnerability. However, an
    administrator can reduce exposure to this vulnerability by ensuring that
    only highly trusted users are allowed to access the Python sandbox.

Fixed Software

  o Cisco has released free software updates that address the vulnerabilities
    described in this advisory. Customers may only install and expect support
    for software versions and feature sets for which they have purchased a
    license. By installing, downloading, accessing, or otherwise using such
    software upgrades, customers agree to follow the terms of the Cisco
    software license: https://www.cisco.com/c/en/us/products/
    end-user-license-agreement.html

    Additionally, customers may only download software for which they have a
    valid license, procured from Cisco directly, or through a Cisco authorized
    reseller or partner. In most cases this will be a maintenance upgrade to
    software that was previously purchased. Free security software updates do
    not entitle customers to a new software license, additional software
    feature sets, or major revision upgrades.

    When considering software upgrades, customers are advised to regularly
    consult the advisories for Cisco products, which are available from the
    Cisco Security Advisories and Alerts page , to determine exposure and a
    complete upgrade solution.

    In all cases, customers should ensure that the devices to be upgraded
    contain sufficient memory and confirm that current hardware and software
    configurations will continue to be supported properly by the new release.
    If the information is not clear, customers are advised to contact the Cisco
    Technical Assistance Center (TAC) or their contracted maintenance
    providers.

    Customers Without Service Contracts

    Customers who purchase directly from Cisco but do not hold a Cisco service
    contract and customers who make purchases through third-party vendors but
    are unsuccessful in obtaining fixed software through their point of sale
    should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c
    /en/us/support/web/tsd-cisco-worldwide-contacts.html

    Customers should have the product serial number available and be prepared
    to provide the URL of this advisory as evidence of entitlement to a free
    upgrade.

    Fixed Releases

    No upgrade action is necessary for customers who have already applied a
    recommended release to address the March 2019 Cisco FXOS and NX-OS Software
    bundle. See Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software
    Security Advisory Bundled Publication for a list of advisories in the
    bundle.

    Customers who have not applied a recommended release to address the March
    2019 bundle are advised to upgrade to an appropriate release as indicated
    in the applicable table in this section. In the following tables, the left
    column lists Cisco NX-OS Software releases. The right column indicates the
    first release that includes the fix for this vulnerability.

    MDS 9000 Series Multilayer Switches: CSCvi99284

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    5.2                            8.1(1b)
    6.2                            8.1(1b)
    7.3                            8.1(1b)
    8.1                            8.1(1b)
    8.2                            8.3(1)
    8.3                            8.3(1)

    Nexus 3000 Series Switches, Nexus 3500 Platform Switches , and Nexus 9000
    Series Switches in Standalone NX-OS Mode: CSCvh24788

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    Prior to 7.0(3)I4              7.0(3)I4(8)
    7.0(3)I4                       7.0(3)I4(8)
    7.0(3)I5                       7.0(3)I7(3)
    7.0(3)I6                       7.0(3)I7(3)
    7.0(3)I7                       7.0(3)I7(3)
    9.2(1)                         Not vulnerable


    Nexus 3600 Platform Switches and Nexus 9500 R-Series Switching Platform :
    CSCvi99282


    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    7.0(3)                         7.0(3)F3(5)
    9.2                            Not vulnerable


    Nexus 5500, 5600, and 6000 Series Switches: CSCvi99288


    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    Prior to 7.3                   7.3(4)N1(1)
    7.3                            7.3(4)N1(1)

    Nexus 7000 and 7700 Series Switches:  CSCvi99284

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    Prior to 6.2                   Not vulnerable
    6.2                            7.3(3)D1(1)
    7.2                            7.3(3)D1(1)
    7.3                            7.3(3)D1(1)
    8.0                            8.3(1)
    8.1                            8.3(1)
    8.2                            8.3(1)
    8.3                            8.3(1)


    Additional Resources

    For help determining the best Cisco NX-OS Software release for a Cisco
    Nexus Switch, administrators can refer to the following Recommended
    Releases documents. If a security advisory recommends a later release,
    Cisco recommends following the advisory guidance.

        Cisco MDS Series Switches
        Cisco Nexus 1000V for VMware Switch
        Cisco Nexus 3000 Series and 3500 Series Switches
        Cisco Nexus 5000 Series Switches
        Cisco Nexus 5500 Platform Switches
        Cisco Nexus 6000 Series Switches
        Cisco Nexus 7000 Series Switches
        Cisco Nexus 9000 Series Switches
        Cisco Nexus 9000 Series ACI-Mode Switches

    For help determining the best Cisco NX-OS Software release for Cisco UCS,
    refer to the Recommended Releases documents in the release notes for the
    device.

Exploitation and Public Announcements

  o The Cisco Product Security Incident Response Team (PSIRT) is not aware of
    any public announcements or malicious use of the vulnerability that is
    described in this advisory.

Source

  o This vulnerability was found during internal security testing.

Cisco Security Vulnerability Policy

  o To learn about Cisco security vulnerability disclosure policies and
    publications, see the Security Vulnerability Policy . This document also
    contains instructions for obtaining fixed software and receiving security
    vulnerability information from Cisco.

URL

  o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
    cisco-sa-20190515-nxos-pyth-escal

Revision History

  o +----------+---------------------------+----------+--------+--------------+
    | Version  |        Description        | Section  | Status |     Date     |
    +----------+---------------------------+----------+--------+--------------+
    | 1.0      | Initial public release.   | -        | Final  | 2019-May-15  |
    +----------+---------------------------+----------+--------+--------------+

- -------------------------------------------------------------------------------

Cisco NX-OS Software Remote Package Manager Command Injection Vulnerability

Priority:        Medium

Advisory ID:     cisco-sa-20190515-nxos-rpm-injec

First Published: 2019 May 15 16:00 GMT

Version 1.0:     Final

Workarounds:     No workarounds availableCisco Bug IDs:   CSCvi01453CSCvj00550

CVE-2019-1732    

CWE-78

CVSS Score:
6.4  AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X

Summary

  o A vulnerability in the Remote Package Manager (RPM) subsystem of Cisco
    NX-OS Software could allow an authenticated, local attacker with
    administrator credentials to leverage a time-of-check, time-of-use (TOCTOU)
    race condition to corrupt local variables, which could lead to arbitrary
    command injection.

    The vulnerability is due to the lack of a proper locking mechanism on
    critical variables that need to stay static until used. An attacker could
    exploit this vulnerability by authenticating to an affected device and
    issuing a set of RPM-related CLI commands. A successful exploit could allow
    the attacker to perform arbitrary command injection. The attacker would
    need administrator credentials for the targeted device.

    Cisco has released software updates that address this vulnerability. There
    are no workarounds that address this vulnerability.

    This advisory is available at the following link:
    https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
    cisco-sa-20190515-nxos-rpm-injec

Affected Products

  o Vulnerable Products

    This vulnerability affects the following Cisco products if they are running
    a vulnerable release of Cisco NX-OS Software:

       Nexus 3000 Series Switches
       Nexus 3500 Platform Switches
       Nexus 3600 Platform Switches
       Nexus 9000 Series Switches in standalone NX-OS mode
       Nexus 9500 R-Series Switching Platform

    For information about which Cisco NX-OS Software releases are vulnerable,
    see the Fixed Software section of this advisory.

    Products Confirmed Not Vulnerable

    Only products listed in the Vulnerable Products section of this advisory
    are known to be affected by this vulnerability.

    Cisco has confirmed that this vulnerability does not affect the following
    Cisco products:

       Firepower 2100 Series
       Firepower 4100 Series
       Firepower 9300 Security Appliances
       MDS 9000 Series Multilayer Switches
       Nexus 1000V Switch for Microsoft Hyper-V
       Nexus 1000V Switch for VMware vSphere
       Nexus 5500 Platform Switches
       Nexus 5600 Platform Switches
       Nexus 6000 Series Switches
       Nexus 7000 Series Switches
       Nexus 7700 Series Switches
       Nexus 9000 Series Fabric Switches in Application Centric Infrastructure
        (ACI) mode
       UCS 6200 Series Fabric Interconnects
       UCS 6300 Series Fabric Interconnects
       UCS 6400 Series Fabric Interconnects

Workarounds

  o There are no workarounds that address this vulnerability.

Fixed Software

  o Cisco has released free software updates that address the vulnerability
    described in this advisory. Customers may only install and expect support
    for software versions and feature sets for which they have purchased a
    license. By installing, downloading, accessing, or otherwise using such
    software upgrades, customers agree to follow the terms of the Cisco
    software license: https://www.cisco.com/c/en/us/products/
    end-user-license-agreement.html

    Additionally, customers may only download software for which they have a
    valid license, procured from Cisco directly, or through a Cisco authorized
    reseller or partner. In most cases this will be a maintenance upgrade to
    software that was previously purchased. Free security software updates do
    not entitle customers to a new software license, additional software
    feature sets, or major revision upgrades.

    When considering software upgrades, customers are advised to regularly
    consult the advisories for Cisco products, which are available from the
    Cisco Security Advisories and Alerts page , to determine exposure and a
    complete upgrade solution.

    In all cases, customers should ensure that the devices to be upgraded
    contain sufficient memory and confirm that current hardware and software
    configurations will continue to be supported properly by the new release.
    If the information is not clear, customers are advised to contact the Cisco
    Technical Assistance Center (TAC) or their contracted maintenance
    providers.

    Customers Without Service Contracts

    Customers who purchase directly from Cisco but do not hold a Cisco service
    contract and customers who make purchases through third-party vendors but
    are unsuccessful in obtaining fixed software through their point of sale
    should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c
    /en/us/support/web/tsd-cisco-worldwide-contacts.html

    Customers should have the product serial number available and be prepared
    to provide the URL of this advisory as evidence of entitlement to a free
    upgrade.

    Fixed Releases

    No upgrade action is necessary for customers who have already applied a
    recommended release to address the March 2019 Cisco FXOS and NX-OS Software
    bundle. See Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software
    Security Advisory Bundled Publication for a list of advisories in the
    bundle.

    Customers who have not applied a recommended release to address the March
    2019 bundle are advised to upgrade to an appropriate release as indicated
    in the applicable table in this section. In the following tables, the left
    column lists Cisco NX-OS Software releases. The right column indicates the
    first release that includes the fix for this vulnerability.

    Nexus 3000 Series Switches, Nexus 3500 Platform Switches, and Nexus 9000
    Series Switches in Standalone NX-OS Mode: CSCvi01453

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    Prior to 7.0(3)I4              7.0(3)I4(9)
    7.0(3)I4                       7.0(3)I4(9)
    7.0(3)I7                       7.0(3)I7(4)
    9.2(1)                         Not vulnerable

    Nexus 3600 Platform Switches and Nexus 9500 R-Series Switching Platform: 
    CSCvj00550

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    7.0(3)                         7.0(3)F3(5)
    9.2                            Not vulnerable

    Additional Resources

    For help determining the best Cisco NX-OS Software release for a Cisco
    Nexus Switch, administrators can refer to the following Recommended
    Releases documents. If a security advisory recommends a later release,
    Cisco recommends following the advisory guidance.

        Cisco MDS Series Switches
        Cisco Nexus 1000V for VMware Switch
        Cisco Nexus 3000 Series and 3500 Series Switches
        Cisco Nexus 5000 Series Switches
        Cisco Nexus 5500 Platform Switches
        Cisco Nexus 6000 Series Switches
        Cisco Nexus 7000 Series Switches
        Cisco Nexus 9000 Series Switches
        Cisco Nexus 9000 Series ACI-Mode Switches

    For help determining the best Cisco NX-OS Software release for Cisco UCS,
    refer to the Recommended Releases documents in the release notes for the
    device.

Exploitation and Public Announcements

  o The Cisco Product Security Incident Response Team (PSIRT) is not aware of
    any public announcements or malicious use of the vulnerability that is
    described in this advisory.

Source

  o This vulnerability was found during internal security testing.

Cisco Security Vulnerability Policy

  o To learn about Cisco security vulnerability disclosure policies and
    publications, see the Security Vulnerability Policy . This document also
    contains instructions for obtaining fixed software and receiving security
    vulnerability information from Cisco.

URL

  o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
    cisco-sa-20190515-nxos-rpm-injec

Revision History

  o +----------+---------------------------+----------+--------+--------------+
    | Version  |        Description        | Section  | Status |     Date     |
    +----------+---------------------------+----------+--------+--------------+
    | 1.0      | Initial public release.   | -        | Final  | 2019-May-15  |
    +----------+---------------------------+----------+--------+--------------+

- -------------------------------------------------------------------------------

Cisco NX-OS Software SSH Key Information Disclosure Vulnerability

Priority:        Medium

Advisory ID:     cisco-sa-20190515-nxos-ssh-info

First Published: 2019 May 15 16:00 GMT

Last Updated:    2019 May 16 15:49 GMT

Version 1.1:     Final

Workarounds:     No workarounds available

Cisco Bug IDs:   CSCvh76123CSCvj01385CSCvj01386CSCvj01393

CVE-2019-1731    

CWE-200

CVSS Score:
5.1  AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N/E:X/RL:X/RC:X

Summary

  o 
    A vulnerability in the SSH CLI key management functionality of Cisco NX-OS
    Software could allow an authenticated, local attacker to expose a user's
    private SSH key to all authenticated users on the targeted device. The
    attacker must authenticate with valid administrator device credentials.

    The vulnerability is due to incomplete error handling if a specific error
    type occurs during the SSH key export. An attacker could exploit this
    vulnerability by authenticating to the device and entering a crafted
    command at the CLI. A successful exploit could allow the attacker to expose
    a user's private SSH key. In addition, a similar type of error in the SSH
    key import could cause the passphrase-protected private SSH key to be
    imported unintentionally.

    Cisco has released software updates that address this vulnerability. There
    are no workarounds that address this vulnerability.

    This advisory is available at the following link:
    https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
    cisco-sa-20190515-nxos-ssh-info

Affected Products

  o Vulnerable Products

    This vulnerability affects the following Cisco products if they are running
    a vulnerable release of Cisco NX-OS Software:

       Nexus 3000 Series Switches
       Nexus 3500 Platform Switches
       Nexus 3600 Platform Switches
       Nexus 5500 Platform Switches
       Nexus 5600 Platform Switches
       Nexus 6000 Series Switches
       Nexus 9000 Series Switches in standalone NX-OS mode
       Nexus 9500 R-Series Switching Platform

    For information about which Cisco NX-OS Software releases are vulnerable,
    see the Fixed Software section of this advisory.

    Products Confirmed Not Vulnerable

    Only products listed in the Vulnerable Products section of this advisory
    are known to be affected by this vulnerability.

    Cisco has confirmed that this vulnerability does not affect the following
    Cisco products:

       Firepower 2100 Series
       Firepower 4100 Series
       Firepower 9300 Security Appliances
       MDS 9000 Series Multilayer Switches
       Nexus 1000V Switch for Microsoft Hyper-V
       Nexus 1000V Switch for VMware vSphere
       Nexus 7000 Series Switches
       Nexus 7700 Series Switches
       Nexus 9000 Series Fabric Switches in Application Centric Infrastructure
        (ACI) mode
       UCS 6200 Series Fabric Interconnects
       UCS 6300 Series Fabric Interconnects
       UCS 6400 Series Fabric Interconnects

Workarounds

  o There are no workarounds that address this vulnerability.

Fixed Software

  o Cisco has released free software updates that address the vulnerabilities
    described in this advisory. Customers may only install and expect support
    for software versions and feature sets for which they have purchased a
    license. By installing, downloading, accessing, or otherwise using such
    software upgrades, customers agree to follow the terms of the Cisco
    software license: https://www.cisco.com/c/en/us/products/
    end-user-license-agreement.html

    Additionally, customers may only download software for which they have a
    valid license, procured from Cisco directly, or through a Cisco authorized
    reseller or partner. In most cases this will be a maintenance upgrade to
    software that was previously purchased. Free security software updates do
    not entitle customers to a new software license, additional software
    feature sets, or major revision upgrades.

    When considering software upgrades, customers are advised to regularly
    consult the advisories for Cisco products, which are available from the
    Cisco Security Advisories and Alerts page , to determine exposure and a
    complete upgrade solution.

    In all cases, customers should ensure that the devices to be upgraded
    contain sufficient memory and confirm that current hardware and software
    configurations will continue to be supported properly by the new release.
    If the information is not clear, customers are advised to contact the Cisco
    Technical Assistance Center (TAC) or their contracted maintenance
    providers.

    Customers Without Service Contracts

    Customers who purchase directly from Cisco but do not hold a Cisco service
    contract and customers who make purchases through third-party vendors but
    are unsuccessful in obtaining fixed software through their point of sale
    should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c
    /en/us/support/web/tsd-cisco-worldwide-contacts.html

    Customers should have the product serial number available and be prepared
    to provide the URL of this advisory as evidence of entitlement to a free
    upgrade.

    Fixed Releases

    No upgrade action is necessary for customers who have already applied a
    recommended release to address the March 2019 Cisco FXOS and NX-OS Software
    bundle. See Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software
    Security Advisory Bundled Publication for a list of advisories in the
    bundle.

    Customers who have not applied a recommended release to address the March
    2019 bundle are advised to upgrade to an appropriate release as indicated
    in the applicable table in this section. In the following tables, the left
    column lists Cisco NX-OS Software releases. The right column indicates the
    first release that includes the fix for this vulnerability.

    Nexus 3000 Series Switches and Nexus 9000 Series Switches in Standalone
    NX-OS Mode: CSCvh76123

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    Prior to 7.0(3)I4              7.0(3)I4(9)
    7.0(3)I4                       7.0(3)I4(9)
    7.0(3)I7                       7.0(3)I7(4)
    9.2(1)                         Not vulnerable

    Nexus 3500 Platform Switches: CSCvj01385

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    Prior to 6.0(2)A8              6.0(2)A8(10)
    6.0(2)A8                       6.0(2)A8(10)
    7.0(3)I4                       7.0(3)I4(9)
    7.0(3)I7                       7.0(3)I7(4)
    9.2                            Not vulnerable

    Nexus 3600 Platform Switches and Nexus 9500 R-Series Switching Platform: 
    CSCvj01393

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    7.0(3)                         7.0(3)F3(5)
    9.2                            Not vulnerable

    Nexus 5500, 5600, and 6000 Series Switches: CSCvj01386

    Cisco NX-OS Software Release   First Fixed Release for This Vulnerability
    Prior to 7.3                   7.3(4)N1(1)
    7.3                            7.3(4)N1(1)


    Additional Resources

    For help determining the best Cisco NX-OS Software release for a Cisco
    Nexus Switch, administrators can refer to the following Recommended
    Releases documents. If a security advisory recommends a later release,
    Cisco recommends following the advisory guidance.

        Cisco MDS Series Switches
        Cisco Nexus 1000V for VMware Switch
        Cisco Nexus 3000 Series and 3500 Series Switches
        Cisco Nexus 5000 Series Switches
        Cisco Nexus 5500 Platform Switches
        Cisco Nexus 6000 Series Switches
        Cisco Nexus 7000 Series Switches
        Cisco Nexus 9000 Series Switches
        Cisco Nexus 9000 Series ACI-Mode Switches

    For help determining the best Cisco NX-OS Software release for Cisco UCS,
    refer to the Recommended Releases documents in the release notes for the
    device.

Exploitation and Public Announcements

  o The Cisco Product Security Incident Response Team (PSIRT) is not aware of
    any public announcements or malicious use of the vulnerability that is
    described in this advisory.

Source

  o This vulnerability was found during internal security testing.

Cisco Security Vulnerability Policy

  o To learn about Cisco security vulnerability disclosure policies and
    publications, see the Security Vulnerability Policy . This document also
    contains instructions for obtaining fixed software and receiving security
    vulnerability information from Cisco.

URL

  o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
    cisco-sa-20190515-nxos-ssh-info

Revision History

  o +---------+-----------------------------+----------+--------+-------------+
    | Version |         Description         | Section  | Status |    Date     |
    +---------+-----------------------------+----------+--------+-------------+
    |         | Fixed an error in the Fixed |          |        |             |
    | 1.1     | Release table for the Nexus | Fixed    | Final  | 2019-May-16 |
    |         | 3000 Series Switches and    | Software |        |             |
    |         | Nexus 9000 Series Switches. |          |        |             |
    +---------+-----------------------------+----------+--------+-------------+
    | 1.0     | Initial public release.     | -        | Final  | 2019-May-15 |
    +---------+-----------------------------+----------+--------+-------------+

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBXOMu/WaOgq3Tt24GAQi1dhAAzXY08ywcmGb1UOebfJKE2pTDt7q+L1kI
bv457IRlINxyiPhVOvbEA3C5mav9goEeFKKBmCVzkxLM42klL9PBzzquLOEHI4sa
OWuRLxBqrfijN9vmsZdNkfZrIpk02/DBazgb0tZW6UC/e2e88XJu9vQgeK3jW3ii
jtYl8J1p0Join31HZNTBFwg4EAzxoHv3Jge84nqXc7BdRyIAWHxJ8VOOVl75gdmZ
1306bN6d86WdlJmqYtoSOHf82NQvh/NB2etees/gxkWZpEn4vBQcCuw4xsajQ0Cz
LPRm1LIZKPaNGfyB6Uf+vIZ6PoNYWqVXmrD+jo7kS9dUNGPjna9NUorv57wMUhW/
XIK/6xyiSx0n2B9IU2OaDsqldy+WL0JecyFu1Qw3zk2LZRGqdZ22YfwwIP3m0RSY
zr4S+6b6qs26hYxWL1iPWt4hrltsC2zTaCX/+1vomluYYzzz7W1iNQ4Y0xG2T1og
oWAAxYNCM/2iqoFLMEJVGeOaPcxrgfCSzJzuHRRw6o347H4qMKeeBIQeo/Pwu2Wo
WNfN2r1NPEZpbh99K0ialVF5uqs5BDlazC4VANFvlnI93bQC0R94dgGWmt84R83h
chM/8GnVaNsSviejP3HHf6XGzRACfxBdZXvj6hYspBG7PWQZoDM+jsQZSrwWY9Fu
sxxGBUswuA4=
=Gcc1
-----END PGP SIGNATURE-----