Cisco Nexus 9000 ACI Mode Shell Escape Vulnerability (cisco-sa-20190306-aci-shell-escape)

high Nessus Plugin ID 136978

Synopsis

The remote device is vulnerable to shell escape due to missing patch. (cisco-sa-20190306-aci-shell-escape)

Description

A shell escape / privilege escalation vulnerability exists in ACI Mode due to insufficient sanitization of user-supplied input. Therefore, an authenticated, remote attacker can exploit this, via a specifically crafted CLI command, to escape the ACI shell and gain root access to the system.

Please see the included Cisco BIDs and Cisco Security Advisory for more information.

Solution

Upgrade to the relevant fixed version referenced in Cisco bug ID CSCvm52063

See Also

http://www.nessus.org/u?d6e5e93f

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm52063

Plugin Details

Severity: High

ID: 136978

File Name: cisco-sa-20190306-aci-shell-escape.nasl

Version: 1.4

Type: combined

Family: CISCO

Published: 6/1/2020

Updated: 6/4/2020

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 7.2

Temporal Score: 5.3

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2019-1591

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:cisco:nx-os

Required KB Items: Host/Cisco/NX-OS/Version, Host/Cisco/NX-OS/Model, Host/Cisco/NX-OS/Device, Host/aci/system/chassis/summary

Exploit Ease: No known exploits are available

Patch Publication Date: 3/6/2019

Vulnerability Publication Date: 3/6/2019

Reference Information

CVE: CVE-2019-1591