fkie_cve-2018-0330
Vulnerability from fkie_nvd
Published
2018-06-20 21:29
Modified
2024-11-21 03:37
Severity ?
8.8 (High) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the NX-API management application programming interface (API) in devices running, or based on, Cisco NX-OS Software could allow an authenticated, remote attacker to execute commands with elevated privileges. The vulnerability is due to a failure to properly validate certain parameters included within an NX-API request. An attacker that can successfully authenticate to the NX-API could submit a request designed to bypass NX-OS role assignment. A successful exploit could allow the attacker to execute commands with elevated privileges. This vulnerability affects the following if configured to use the NX-API feature: MDS 9000 Series Multilayer Switches, Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode. Cisco Bug IDs: CSCvc73177, CSCve40903, CSCve40911.
References
psirt@cisco.comhttp://www.securitytracker.com/id/1041169Third Party Advisory, VDB Entry
psirt@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-nxapiVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1041169Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-nxapiVendor Advisory
Impacted products
Vendor Product Version
cisco nx-os *
cisco nx-os 6.0
cisco nx-os 7.0
cisco nx-os 7.1
cisco nx-os 7.2
cisco nexus_5000 -
cisco nexus_5010 -
cisco nexus_5020 -
cisco nexus_5548p -
cisco nexus_5548up -
cisco nexus_5596t -
cisco nexus_5596up -
cisco nexus_56128p -
cisco nexus_5624q -
cisco nexus_5648q -
cisco nexus_5672up -
cisco nexus_5696q -
cisco nx-os *
cisco nx-os *
cisco nx-os 6.2
cisco nx-os 7.2
cisco nx-os 8.0
cisco nx-os 8.2
cisco nexus_7000 -
cisco nexus_7700 -
cisco nx-os *
cisco nx-os *
cisco nexus_92160yc-x -
cisco nexus_92304qc -
cisco nexus_9236c -
cisco nexus_9272q -
cisco nexus_93108tc-ex -
cisco nexus_93120tx -
cisco nexus_93128tx -
cisco nexus_93180yc-ex -
cisco nexus_9332pq -
cisco nexus_9372px -
cisco nexus_9372tx -
cisco nexus_9396px -
cisco nexus_9396tx -
cisco nexus_9504 -
cisco nexus_9508 -
cisco nexus_9516 -
cisco nexus_n9k-c9508-fm-r -
cisco nexus_n9k-x9636c-r -
cisco nexus_n9k-x9636q-r -
cisco nx-os *
cisco nx-os *
cisco nexus_172tq-xl -
cisco nexus_3016 -
cisco nexus_3048 -
cisco nexus_3064-32t -
cisco nexus_3064-t -
cisco nexus_3064-x -
cisco nexus_3100-v -
cisco nexus_31128pq -
cisco nexus_3132c-z -
cisco nexus_3132q -
cisco nexus_3132q-x -
cisco nexus_3132q-xl -
cisco nexus_3164q -
cisco nexus_3172pq -
cisco nexus_3172pq-xl -
cisco nexus_3172tq -
cisco nexus_3172tq-32t -
cisco nexus_3232c -
cisco nexus_3264c-e -
cisco nexus_3264q -
cisco nexus_34180yc -
cisco nexus_3524-x -
cisco nexus_3524-xl -
cisco nexus_3548 -
cisco nexus_3548-x -
cisco nexus_3548-xl -
cisco nexus_3636c-r -
cisco nexus_c36180yc-r -
cisco nx-os *
cisco nexus_6001p -
cisco nexus_6001t -
cisco nx-os *
cisco nx-os *
cisco nx-os 5.2
cisco nx-os 6.2
cisco nx-os 8.2
cisco mds_9000 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F5FF890-017A-4F2B-9253-8149FA484066",
              "versionEndExcluding": "7.3\\(3\\)n1\\(1\\)",
              "versionStartIncluding": "7.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:nx-os:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "991285C8-2BD5-4C84-8DA0-4C500B519267",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:nx-os:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "02DD5791-E4D3-475C-84B0-E642ACFC5EB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:nx-os:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF918D59-4D57-4C18-9FF5-AE6636F24484",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:nx-os:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EE85C54-276F-462E-808A-23D3E54D31BD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:nexus_5000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F2B1E07-8519-4F58-9048-81ABA12E01DC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA7F5823-41A8-47C8-A154-02C6C31EF76A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE20F28F-3C41-4B4B-9D31-AF0F68A0C2A2",
              "versionEndExcluding": "7.3.2d1",
              "versionStartIncluding": "7.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "16E38EA6-AA09-479B-9613-0AC4791693CC",
              "versionEndExcluding": "8.1.2",
              "versionStartIncluding": "8.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:nx-os:6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEF1AF20-C6CE-4956-8129-FA68E3B03E35",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:nx-os:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EE85C54-276F-462E-808A-23D3E54D31BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:nx-os:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B36B056-C068-4413-B648-1D1D6026B823",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:nx-os:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E40D9097-C95A-4813-9DEE-89CA75820524",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "93C9AFED-1347-4B0E-B031-AF5EA891B9BD",
              "versionEndExcluding": "7.0\\(3\\)i3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "15C899EF-A64F-4FD8-851C-1D4E2929BAF4",
              "versionEndExcluding": "7.0\\(3\\)i7\\(1\\)",
              "versionStartIncluding": "7.0\\(3\\)i4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_n9k-c9508-fm-r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FD46BDD-4755-46DD-9F83-B2B589B09417",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_n9k-x9636c-r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0603E231-14E0-4224-898F-ED61641F7403",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_n9k-x9636q-r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE3EB1F2-F964-4D4E-BDE7-8E6805105152",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "93C9AFED-1347-4B0E-B031-AF5EA891B9BD",
              "versionEndExcluding": "7.0\\(3\\)i3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "15C899EF-A64F-4FD8-851C-1D4E2929BAF4",
              "versionEndExcluding": "7.0\\(3\\)i7\\(1\\)",
              "versionStartIncluding": "7.0\\(3\\)i4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:nexus_172tq-xl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "38AC6D08-C547-44A3-AC77-A63DB58E4889",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3064-32t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "09AC2BAD-F536-48D0-A2F0-D4E290519EB6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3064-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECC4FFCC-E886-49BC-9737-5B5BA2AAB14B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3100-v:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8FF2EC4-0C09-4C00-9956-A2A4A894F63D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C97C29EE-9426-4BBE-8D84-AB5FF748703D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CED628B5-97A8-4B26-AA40-BEC854982157",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_c36180yc-r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C9D4C48-4D01-4761-B2D8-F16E90F78560",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D75479AD-9847-497C-9438-AA82D91B6F71",
              "versionEndExcluding": "7.3\\(3\\)n1\\(1\\)",
              "versionStartIncluding": "6.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:nexus_6001p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "51EAD169-9036-496E-B740-45D79546F6D6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_6001t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E01F0DE-EA8A-451F-BADF-1A7A48B0C633",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE20F28F-3C41-4B4B-9D31-AF0F68A0C2A2",
              "versionEndExcluding": "7.3.2d1",
              "versionStartIncluding": "7.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A9E3F8F-1AE7-4E49-9E84-A98E960ADD54",
              "versionEndExcluding": "8.1\\(1a\\)",
              "versionStartIncluding": "8.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:nx-os:5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "258F95C6-34C6-489D-95E0-5E90DAA518CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:nx-os:6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEF1AF20-C6CE-4956-8129-FA68E3B03E35",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:nx-os:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E40D9097-C95A-4813-9DEE-89CA75820524",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:mds_9000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FD00AB9-F2DD-4D07-8DFF-E7B34824D66A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the NX-API management application programming interface (API) in devices running, or based on, Cisco NX-OS Software could allow an authenticated, remote attacker to execute commands with elevated privileges. The vulnerability is due to a failure to properly validate certain parameters included within an NX-API request. An attacker that can successfully authenticate to the NX-API could submit a request designed to bypass NX-OS role assignment. A successful exploit could allow the attacker to execute commands with elevated privileges. This vulnerability affects the following if configured to use the NX-API feature: MDS 9000 Series Multilayer Switches, Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode. Cisco Bug IDs: CSCvc73177, CSCve40903, CSCve40911."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la API de gesti\u00f3n de NX-API en dispositivos que ejecutan, o se basan en, el software Cisco NX-OS podr\u00eda permitir que un atacante remoto autenticado ejecute comandos con privilegios elevados. La vulnerabilidad se debe a un error a la hora de validar correctamente ciertos par\u00e1metros incluidos en una petici\u00f3n NX-API. Un atacante que pueda autenticarse con \u00e9xito en NX-API podr\u00eda enviar una petici\u00f3n dise\u00f1ada para omitir la asignaci\u00f3n de roles de NX-OS. Su explotaci\u00f3n con \u00e9xito podr\u00eda permitir que el atacante ejecute comandos con privilegios elevados. Esta vulnerabilidad afecta a los siguientes productos si est\u00e1n configurados para emplear la caracter\u00edstica NX-API: MDS 9000 Series Multilayer Switches, Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches y Nexus 9000 Series Switches en modo NX-OS independiente. Cisco Bug IDs: CSCvc73177, CSCve40903, CSCve40911."
    }
  ],
  "id": "CVE-2018-0330",
  "lastModified": "2024-11-21T03:37:59.583",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-06-20T21:29:00.767",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1041169"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-nxapi"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1041169"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-nxapi"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.