CVE-2018-0293 - Vulnerability Details

A vulnerability in role-based access control (RBAC) for Cisco NX-OS Software could allow an authenticated, remote attacker to execute CLI commands that should be restricted for a nonadministrative user. The attacker would have to possess valid user credentials for the device. The vulnerability is due to incorrect RBAC privilege assignment for certain CLI commands. An attacker could exploit this vulnerability by authenticating to a device as a nonadministrative user and executing specific commands from the CLI. An exploit could allow the attacker to run commands that should be restricted to administrative users. These commands could modify the configuration or boot image on the device. This vulnerability affects MDS 9000 Series Multilayer Switches, Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules. Cisco Bug IDs: CSCvd77904.

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

The EPSS score is 0.01939.

Exploitation none

Automatable no

Technical Impact total

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

n/a

Cisco NX-OS unknown

affected

Version	Status	Constraints
`Cisco NX-OS unknown`	affected	—

Configuration 1 [-]

AND

cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:cisco:nexus_5000:-:::::::*
	cpe:2.3:h:cisco:nexus_5010:-:::::::*
	cpe:2.3:h:cisco:nexus_5020:-:::::::*
	cpe:2.3:h:cisco:nexus_5548p:-:::::::*
	cpe:2.3:h:cisco:nexus_5548up:-:::::::*
	cpe:2.3:h:cisco:nexus_5596t:-:::::::*
	cpe:2.3:h:cisco:nexus_5596up:-:::::::*
	cpe:2.3:h:cisco:nexus_56128p:-:::::::*
	cpe:2.3:h:cisco:nexus_5624q:-:::::::*
	cpe:2.3:h:cisco:nexus_5648q:-:::::::*
	cpe:2.3:h:cisco:nexus_5672up:-:::::::*
	cpe:2.3:h:cisco:nexus_5696q:-:::::::*

Configuration 2 [-]

AND

OR	cpe:2.3:o:cisco:nx-os:7.3\(2\)n1\(0.395\):::::::*
	cpe:2.3:o:cisco:nx-os:8.1\(0.112\)s0:::::::*

OR	cpe:2.3:h:cisco:nexus_7000:-:::::::*
	cpe:2.3:h:cisco:nexus_7700:-:::::::*

Configuration 3 [-]

AND

cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:cisco:nexus_92160yc-x:-:::::::*
	cpe:2.3:h:cisco:nexus_92304qc:-:::::::*
	cpe:2.3:h:cisco:nexus_9236c:-:::::::*
	cpe:2.3:h:cisco:nexus_9272q:-:::::::*
	cpe:2.3:h:cisco:nexus_93108tc-ex:-:::::::*
	cpe:2.3:h:cisco:nexus_93120tx:-:::::::*
	cpe:2.3:h:cisco:nexus_93128tx:-:::::::*
	cpe:2.3:h:cisco:nexus_93180yc-ex:-:::::::*
	cpe:2.3:h:cisco:nexus_9332pq:-:::::::*
	cpe:2.3:h:cisco:nexus_9372px:-:::::::*
	cpe:2.3:h:cisco:nexus_9372tx:-:::::::*
	cpe:2.3:h:cisco:nexus_9396px:-:::::::*
	cpe:2.3:h:cisco:nexus_9396tx:-:::::::*
	cpe:2.3:h:cisco:nexus_9504:-:::::::*
	cpe:2.3:h:cisco:nexus_9508:-:::::::*
	cpe:2.3:h:cisco:nexus_9516:-:::::::*
	cpe:2.3:h:cisco:nexus_n9k-c9508-fm-r:-:::::::*
	cpe:2.3:h:cisco:nexus_n9k-x9636c-r:-:::::::*
	cpe:2.3:h:cisco:nexus_n9k-x9636q-r:-:::::::*

Configuration 4 [-]

AND

cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:cisco:nexus_172tq-xl:-:::::::*
	cpe:2.3:h:cisco:nexus_3016:-:::::::*
	cpe:2.3:h:cisco:nexus_3048:-:::::::*
	cpe:2.3:h:cisco:nexus_3064-32t:-:::::::*
	cpe:2.3:h:cisco:nexus_3064-t:-:::::::*
	cpe:2.3:h:cisco:nexus_3064-x:-:::::::*
	cpe:2.3:h:cisco:nexus_3100-v:-:::::::*
	cpe:2.3:h:cisco:nexus_31128pq:-:::::::*
	cpe:2.3:h:cisco:nexus_3132c-z:-:::::::*
	cpe:2.3:h:cisco:nexus_3132q:-:::::::*
	cpe:2.3:h:cisco:nexus_3132q-x:-:::::::*
	cpe:2.3:h:cisco:nexus_3132q-xl:-:::::::*
	cpe:2.3:h:cisco:nexus_3164q:-:::::::*
	cpe:2.3:h:cisco:nexus_3172pq:-:::::::*
	cpe:2.3:h:cisco:nexus_3172pq-xl:-:::::::*
	cpe:2.3:h:cisco:nexus_3172tq:-:::::::*
	cpe:2.3:h:cisco:nexus_3172tq-32t:-:::::::*
	cpe:2.3:h:cisco:nexus_3232c:-:::::::*
	cpe:2.3:h:cisco:nexus_3264c-e:-:::::::*
	cpe:2.3:h:cisco:nexus_3264q:-:::::::*
	cpe:2.3:h:cisco:nexus_34180yc:-:::::::*
	cpe:2.3:h:cisco:nexus_3524-x:-:::::::*
	cpe:2.3:h:cisco:nexus_3524-xl:-:::::::*
	cpe:2.3:h:cisco:nexus_3548:-:::::::*
	cpe:2.3:h:cisco:nexus_3548-x:-:::::::*
	cpe:2.3:h:cisco:nexus_3548-xl:-:::::::*
	cpe:2.3:h:cisco:nexus_3636c-r:-:::::::*
	cpe:2.3:h:cisco:nexus_c36180yc-r:-:::::::*

Configuration 5 [-]

AND

cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:cisco:nexus_6001p:-:::::::*
	cpe:2.3:h:cisco:nexus_6001t:-:::::::*

Configuration 6 [-]

AND

cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:mds_9100:-:*:*:*:*:*:*:*

No data.

Project Subscriptions

Vendors	Products
Cisco Subscribe	Mds 9100 Subscribe Nexus 172tq-xl Subscribe Nexus 3016 Subscribe Nexus 3048 Subscribe Nexus 3064-32t Subscribe Nexus 3064-t Subscribe Nexus 3064-x Subscribe Nexus 3100-v Subscribe Nexus 31128pq Subscribe Nexus 3132c-z Subscribe Nexus 3132q Subscribe Nexus 3132q-x Subscribe Nexus 3132q-xl Subscribe Nexus 3164q Subscribe Nexus 3172pq Subscribe Nexus 3172pq-xl Subscribe Nexus 3172tq Subscribe Nexus 3172tq-32t Subscribe Nexus 3232c Subscribe Nexus 3264c-e Subscribe Nexus 3264q Subscribe Nexus 34180yc Subscribe Nexus 3524-x Subscribe Nexus 3524-xl Subscribe Nexus 3548 Subscribe Nexus 3548-x Subscribe Nexus 3548-xl Subscribe Nexus 3636c-r Subscribe Nexus 5000 Subscribe Nexus 5010 Subscribe Nexus 5020 Subscribe Nexus 5548p Subscribe Nexus 5548up Subscribe Nexus 5596t Subscribe Nexus 5596up Subscribe Nexus 56128p Subscribe Nexus 5624q Subscribe Nexus 5648q Subscribe Nexus 5672up Subscribe Nexus 5696q Subscribe Nexus 6001p Subscribe Nexus 6001t Subscribe Nexus 7000 Subscribe Nexus 7700 Subscribe Nexus 92160yc-x Subscribe Nexus 92304qc Subscribe Nexus 9236c Subscribe Nexus 9272q Subscribe Nexus 93108tc-ex Subscribe Nexus 93120tx Subscribe Nexus 93128tx Subscribe Nexus 93180yc-ex Subscribe Nexus 9332pq Subscribe Nexus 9372px Subscribe Nexus 9372tx Subscribe Nexus 9396px Subscribe Nexus 9396tx Subscribe Nexus 9504 Subscribe Nexus 9508 Subscribe Nexus 9516 Subscribe Nexus C36180yc-r Subscribe Nexus N9k-c9508-fm-r Subscribe Nexus N9k-x9636c-r Subscribe Nexus N9k-x9636q-r Subscribe Nx-os Subscribe

Advisories

Source	ID	Title
EUVD	EUVD-2018-1116	A vulnerability in role-based access control (RBAC) for Cisco NX-OS Software could allow an authenticated, remote attacker to execute CLI commands that should be restricted for a nonadministrative user. The attacker would have to possess valid user credentials for the device. The vulnerability is due to incorrect RBAC privilege assignment for certain CLI commands. An attacker could exploit this vulnerability by authenticating to a device as a nonadministrative user and executing specific commands from the CLI. An exploit could allow the attacker to run commands that should be restricted to administrative users. These commands could modify the configuration or boot image on the device. This vulnerability affects MDS 9000 Series Multilayer Switches, Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules. Cisco Bug IDs: CSCvd77904.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
http://www.securityfocus.com/bid/104520
http://www.securitytracker.com/id/1041169
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosrbac

History

Fri, 29 Nov 2024 15:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2018-06-20T21:00:00

Updated: 2024-11-29T15:02:28.459Z

Reserved: 2017-11-27T00:00:00

Link: CVE-2018-0293

Vulnrichment

Updated: 2024-08-05T03:21:15.268Z

NVD

Status : Modified

Published: 2018-06-20T21:29:00.343

Modified: 2024-11-21T03:37:54.813

Link: CVE-2018-0293

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Exploitation none

Automatable no

Technical Impact total

Project Subscriptions

Projects

JSON object

JSON object

JSON object

JSON object

JSON object