{"containers": {"cna": {"affected": [{"product": "Cisco NX-OS Software 6.0(2)A1(1)", "vendor": "Cisco", "versions": [{"lessThan": "n/a", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "datePublic": "2019-09-25T00:00:00", "descriptions": [{"lang": "en", "value": "A vulnerability in Cisco NX-OS Software and Cisco IOS XE Software could allow an authenticated, local attacker with valid administrator or privilege level 15 credentials to load a virtual service image and bypass signature verification on an affected device. The vulnerability is due to improper signature verification during the installation of an Open Virtual Appliance (OVA) image. An authenticated, local attacker could exploit this vulnerability and load a malicious, unsigned OVA image on an affected device. A successful exploit could allow an attacker to perform code execution on a crafted software OVA image."}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "metrics": [{"cvssV3_0": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-347", "description": "CWE-347", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2019-09-25T20:16:01", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "20190925 Cisco NX-OS and IOS XE Software Virtual Service Image Signature Bypass Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-vman"}], "source": {"advisory": "cisco-sa-20190925-vman", "defect": [["CSCve53538", "CSCve93259", "CSCvg14195"]], "discovery": "INTERNAL"}, "title": "Cisco NX-OS and IOS XE Software Virtual Service Image Signature Bypass Vulnerability", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "DATE_PUBLIC": "2019-09-25T16:00:00-0700", "ID": "CVE-2019-12662", "STATE": "PUBLIC", "TITLE": "Cisco NX-OS and IOS XE Software Virtual Service Image Signature Bypass Vulnerability"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Cisco NX-OS Software 6.0(2)A1(1)", "version": {"version_data": [{"affected": "<", "version_affected": "<", "version_value": "n/a"}]}}]}, "vendor_name": "Cisco"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability in Cisco NX-OS Software and Cisco IOS XE Software could allow an authenticated, local attacker with valid administrator or privilege level 15 credentials to load a virtual service image and bypass signature verification on an affected device. The vulnerability is due to improper signature verification during the installation of an Open Virtual Appliance (OVA) image. An authenticated, local attacker could exploit this vulnerability and load a malicious, unsigned OVA image on an affected device. A successful exploit could allow an attacker to perform code execution on a crafted software OVA image."}]}, "exploit": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "impact": {"cvss": {"baseScore": "6.7", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-347"}]}]}, "references": {"reference_data": [{"name": "20190925 Cisco NX-OS and IOS XE Software Virtual Service Image Signature Bypass Vulnerability", "refsource": "CISCO", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-vman"}]}, "source": {"advisory": "cisco-sa-20190925-vman", "defect": [["CSCve53538", "CSCve93259", "CSCvg14195"]], "discovery": "INTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T23:24:39.366Z"}, "title": "CVE Program Container", "references": [{"name": "20190925 Cisco NX-OS and IOS XE Software Virtual Service Image Signature Bypass Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-vman"}]}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2019-12662", "datePublished": "2019-09-25T20:16:01.772896Z", "dateReserved": "2019-06-04T00:00:00", "dateUpdated": "2024-09-16T19:00:31.827Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "57D4F634-03D5-4D9F-901C-7E9CE45F2F38", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nx-os:8.1\\(0.2\\)s0:*:*:*:*:*:*:*", "matchCriteriaId": "94E4AB94-0FC0-4E6B-AAE6-EF37C0ABB548", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:8.1\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "AB556839-151C-492E-B4C3-C024276D5AB1", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:8.1\\(1\\)s5:*:*:*:*:*:*:*", "matchCriteriaId": "C4C0438A-0275-49B1-91BF-437917F3A4BF", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:mds_9000:-:*:*:*:*:*:*:*", "matchCriteriaId": "1FD00AB9-F2DD-4D07-8DFF-E7B34824D66A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nx-os:8.1\\(0\\)bd\\(0.20\\):*:*:*:*:*:*:*", "matchCriteriaId": "F66360CD-CCCF-4DE7-86F1-996175B4503C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", "matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", "matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", "matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", "matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", "matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", "matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", "matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", "matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", "matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", "matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", "matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", "matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", "matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", "matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", "matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", "matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", "matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", "matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", "matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", "matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", "matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", "matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", "matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", "matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", "matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", "matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", "matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", "matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", "matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", "matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nexus_3016_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "59C91269-1657-4181-9B95-BDF85BFFFCD6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", "matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nexus_3048_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "DF530AE3-F80B-40EC-9259-4771EEAD431D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", "matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nexus_3064_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "77E6A0BD-102F-40C6-BD9A-1986D6F58212", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", "matchCriteriaId": "76C10D85-88AC-4A79-8866-BED88A0F8DF8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nexus_3064-t_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "CD7A2723-6526-430C-BD39-9E32B1F37DBB", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", "matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nexus_31108pc-v_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "A8D71782-16F9-41C9-BC10-BC514FD26129", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", "matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nexus_31108tc-v_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "17E769CD-8F81-40AE-A071-84FAF92AF5C4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", "matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nexus_31128pq_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "AB914738-4557-4EC3-8A18-810862877C72", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", "matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nexus_3132c-z_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "4C7A4072-9F8B-4374-9F8A-B660220765FA", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", "matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nexus_3132q_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "092FC6ED-9F53-41FF-9E0F-997D84B6DE3A", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", "matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nexus_3132q-v_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "A288C8F3-AD77-46CC-BAD2-D8FC186D6CC6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", "matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nexus_3132q-xl_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "C735F2C0-DC4D-45DE-8BA9-439BAE5CFD67", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", "matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nexus_3164q_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "7187F85E-FEBE-4D55-AC48-E92F05734169", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", "matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nexus_3172_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "7CEA0B58-FE79-4A33-B812-51CDE327A235", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", "matchCriteriaId": "7817F4E6-B2DA-4F06-95A4-AF329F594C02", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nexus_3172pq-xl_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "D8030D5E-1BF4-485C-AFB7-B8DB48E0B91A", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", "matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nexus_3172tq_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "16FB3414-3C5F-4827-B4F2-CF30EC31E0C9", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", "matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nexus_3172tq-32t_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "45B4711C-322E-4B7B-8810-04BA8249B8BD", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", "matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nexus_3172tq-xl_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "3EE63209-E1F9-4933-8729-E350ADE42793", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", "matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nexus_3232c_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "EE0C6AB3-480D-46F6-BE72-0B0010EC34CB", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", "matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nexus_3264c-e_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "9329DC07-0B6F-467C-AAA0-527D97E956B6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", "matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nexus_3264q_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "A9C944B9-9492-45AA-9A4E-9CD6C996AF4D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", "matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nexus_3408-s_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "7AAC2930-4A1A-4916-912F-953440AA009A", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", "matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nexus_34180yc_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "E2125C9A-7524-408C-B92E-91162FD4D72F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", "matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nexus_34200yc-sm_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "87F885B6-7049-4152-B74C-6444137B4662", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_34200yc-sm:-:*:*:*:*:*:*:*", "matchCriteriaId": "CA52D5C1-13D8-4D23-B022-954CCEF491F1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nexus_3432d-s_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "B24EC0B3-E3FC-4908-AC7E-2E3DE073DC06", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", "matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nexus_3464c_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "C9FFFDC6-BE3D-4E2D-B6F2-FD191DE4F9B7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", "matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nexus_3524_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "502C8ADB-7EF2-4AC5-ACF0-AEA1ADA7A6BE", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", "matchCriteriaId": "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nexus_3524-x_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "E7ED5FBF-F5DF-4788-8683-E328D86E8733", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nexus_3524-xl_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "186CB256-39AE-4D5A-B3FB-891A17785176", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", "matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nexus_3548_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "3B0DAE9A-F2D3-49C3-8488-A3A03C1CEB57", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", "matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nexus_3548-x_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "029F0A5A-43E4-4F3A-98A3-81E924CBE700", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nexus_3548-xl_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "DD53F341-AE7D-4E45-9746-DAC32FE9F570", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", "matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nexus_5548p_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "C3A80F37-C04C-43A5-AC12-E15BAB8545F5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", "matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nexus_5548up_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "725A7AC7-8B75-47BC-8D99-701250E0ABE7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", "matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nexus_5596t_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "F1E8B8C6-29B2-402E-A722-1E95C01E14AD", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", "matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nexus_5596up_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "A39FB96C-94E1-4686-82A7-E0A6D88A5A08", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", "matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nexus_56128p_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "E154FCCB-A379-4384-8B72-7D373BFEEFE1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", "matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nexus_5624q_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "1B2326C6-C523-4BE2-B577-D64091AB92CE", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", "matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nexus_5648q_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "060E7CD9-E906-437A-87B6-3AE0551E1DCB", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", "matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nexus_5672up_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "FFAC471F-41AF-43A7-8661-DFA140DEC066", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", "matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nexus_5696q_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "EA530485-D6C8-4D5A-87A2-547DA8E74722", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", "matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nexus_6001_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "6E00C558-9656-451C-A179-17B1762666C3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*", "matchCriteriaId": "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nexus_6004_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "C1A738F9-41CD-4A6A-8975-4C434FBCF55D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*", "matchCriteriaId": "4F557E38-09F6-42C6-BABA-3C3168B38BBA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nexus_7000_10-slot_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "432F828F-1F41-4C7A-B1B2-ADDCC1F0EE5A", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_7000_10-slot:-:*:*:*:*:*:*:*", "matchCriteriaId": "B22B3865-30E9-4B5A-A37D-DC33F1150FFE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nexus_7000_18-slot_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "06B2FD68-C1DB-4AC6-B255-417C5D14D18B", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_7000_18-slot:-:*:*:*:*:*:*:*", "matchCriteriaId": "459A7F11-52BF-4AD6-B495-4C4D6C050493", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nexus_7000_4-slot_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "743ECD7B-DE3B-436C-BE6C-D5280719D970", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_7000_4-slot:-:*:*:*:*:*:*:*", "matchCriteriaId": "FEACA55F-4335-4478-B608-EB92EE1D6C6D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nexus_7000_9-slot_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "DCBBB6BF-92A3-48CB-A57C-7476C0355175", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_7000_9-slot:-:*:*:*:*:*:*:*", "matchCriteriaId": "DB73543E-9B5B-4BA9-8FB4-666AF5AC8B6B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nexus_7700_10-slot_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "317A834E-D1A8-47E0-ACEA-FA85984F8753", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_7700_10-slot:-:*:*:*:*:*:*:*", "matchCriteriaId": "E5ABB175-81BE-4C46-BD2D-70016508BE22", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nexus_7700_18-slot_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "76CCA110-974F-419A-A716-E90B9DB5375E", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_7700_18-slot:-:*:*:*:*:*:*:*", "matchCriteriaId": "71F93299-A715-4E97-87FE-B1E248EA98BD", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nexus_7700_2-slot_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "148FAB7B-164C-458D-B287-61FC73C53D25", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_7700_2-slot:-:*:*:*:*:*:*:*", "matchCriteriaId": "3D71B228-FFE5-45F7-ADCF-6D359ADA6D31", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nexus_7700_6-slot_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "C7EDE35C-3B05-4359-9336-915567A867EC", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_7700_6-slot:-:*:*:*:*:*:*:*", "matchCriteriaId": "9F3AD807-5A0F-4DF5-9A7A-748205F409E7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability in Cisco NX-OS Software and Cisco IOS XE Software could allow an authenticated, local attacker with valid administrator or privilege level 15 credentials to load a virtual service image and bypass signature verification on an affected device. The vulnerability is due to improper signature verification during the installation of an Open Virtual Appliance (OVA) image. An authenticated, local attacker could exploit this vulnerability and load a malicious, unsigned OVA image on an affected device. A successful exploit could allow an attacker to perform code execution on a crafted software OVA image."}, {"lang": "es", "value": "Una vulnerabilidad en el Software Cisco NX-OS y el Software Cisco IOS XE, podr\u00eda permitir que un atacante local autenticado con credenciales v\u00e1lidas de administrador o nivel de privilegio 15 cargue una imagen de servicio virtual y omita la comprobaci\u00f3n de firma en un dispositivo afectado. La vulnerabilidad es debido a una comprobaci\u00f3n de firma inapropiada durante la instalaci\u00f3n de una imagen de Open Virtual Appliance (OVA). Un atacante local autenticado podr\u00eda explotar esta vulnerabilidad y cargar una imagen OVA maliciosa y sin firmar en un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante llevar a cabo la ejecuci\u00f3n de c\u00f3digo en una imagen OVA de software dise\u00f1ada."}], "id": "CVE-2019-12662", "lastModified": "2019-10-09T23:46:00.137", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 0.8, "impactScore": 5.9, "source": "ykramarz@cisco.com", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-09-25T21:15:11.203", "references": [{"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-vman"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-347"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-347"}], "source": "ykramarz@cisco.com", "type": "Secondary"}]}

{}