Описание
Уязвимость загрузчика операционной системы Cisco NX-OS коммутаторов Cisco Nexus и Cisco UCS Fabric Interconnects связана с ошибками разграничения доступа. Эксплуатация уязвимости может позволить нарушителю выполнить произвольные команды
Вендор
Cisco Systems Inc.
Наименование ПО
Cisco MDS 9000 Series
Cisco Nexus 3000 Series
Cisco Nexus 9000 Series
Nexus 7000
Cisco UCS Fabric Interconnects
Cisco UCS 6400
UCS 6500 Series Fabric Interconnects
Версия ПО
- (Cisco MDS 9000 Series)
- (Cisco Nexus 3000 Series)
- (Cisco Nexus 9000 Series)
- (Nexus 7000)
- (Cisco UCS Fabric Interconnects)
- (Cisco UCS 6400)
- (UCS 6500 Series Fabric Interconnects)
Тип ПО
Микропрограммный код
Сетевое программное средство
ПО сетевого программно-аппаратного средства
ПО программно-аппаратного средства
Операционные системы и аппаратные платформы
Cisco Systems Inc. NX-OS 9.2(1)
Cisco Systems Inc. NX-OS 7.0(3)F3(1)
Cisco Systems Inc. NX-OS 7.0(3)F3(2)
Cisco Systems Inc. NX-OS 7.0(3)F3(3)
Cisco Systems Inc. NX-OS 7.0(3)F3(3a)
Cisco Systems Inc. NX-OS 7.0(3)F3(4)
Cisco Systems Inc. NX-OS 7.0(3)F3(3c)
Cisco Systems Inc. NX-OS 7.0(3)F3(5)
Cisco Systems Inc. NX-OS 7.0(3)I4(1)
Cisco Systems Inc. NX-OS 7.0(3)I4(2)
Cisco Systems Inc. NX-OS 7.0(3)I4(3)
Cisco Systems Inc. NX-OS 7.0(3)I4(4)
Cisco Systems Inc. NX-OS 7.0(3)I4(5)
Cisco Systems Inc. NX-OS 7.0(3)I4(6)
Cisco Systems Inc. NX-OS 7.0(3)I4(7)
Cisco Systems Inc. NX-OS 7.0(3)I4(8)
Cisco Systems Inc. NX-OS 7.0(3)I4(8a)
Cisco Systems Inc. NX-OS 7.0(3)I4(8b)
Cisco Systems Inc. NX-OS 7.0(3)I4(8z)
Cisco Systems Inc. NX-OS 7.0(3)I7(5a)
Cisco Systems Inc. NX-OS 7.0(3)I5(1)
Cisco Systems Inc. NX-OS 7.0(3)I5(2)
Cisco Systems Inc. NX-OS 7.0(3)I6(1)
Cisco Systems Inc. NX-OS 7.0(3)I6(2)
Cisco Systems Inc. NX-OS 7.0(3)I7(1)
Cisco Systems Inc. NX-OS 7.0(3)I7(2)
Cisco Systems Inc. NX-OS 7.0(3)I7(3)
Cisco Systems Inc. NX-OS 7.0(3)I7(4)
Cisco Systems Inc. NX-OS 7.0(3)I7(5)
Cisco Systems Inc. NX-OS 7.3(0)D1(1)
Cisco Systems Inc. NX-OS 7.3(0)DX(1)
Cisco Systems Inc. NX-OS 7.3(0)DY(1)
Cisco Systems Inc. NX-OS 7.3(1)D1(1)
Cisco Systems Inc. NX-OS 7.3(1)DY(1)
Cisco Systems Inc. NX-OS 7.3(2)D1(1)
Cisco Systems Inc. NX-OS 7.3(2)D1(2)
Cisco Systems Inc. NX-OS 7.3(2)D1(3)
Cisco Systems Inc. NX-OS 7.3(2)D1(3a)
Cisco Systems Inc. NX-OS 8.2(1)
Cisco Systems Inc. NX-OS 8.2(2)
Cisco Systems Inc. NX-OS 9.3(10)
Cisco Systems Inc. NX-OS 9.3(11)
Cisco Systems Inc. NX-OS 9.3(12)
Cisco Systems Inc. NX-OS 6.0(2)a8(1)
Cisco Systems Inc. NX-OS 6.0(2)a8(2)
Cisco Systems Inc. NX-OS 6.0(2)a8(3)
Cisco Systems Inc. NX-OS 6.0(2)a8(4)
Cisco Systems Inc. NX-OS 6.0(2)a8(4a)
Cisco Systems Inc. NX-OS 6.0(2)a8(5)
Cisco Systems Inc. NX-OS 6.0(2)a8(6)
Cisco Systems Inc. NX-OS 6.0(2)a8(7)
Cisco Systems Inc. NX-OS 6.0(2)a8(7a)
Cisco Systems Inc. NX-OS 6.0(2)a8(7b)
Cisco Systems Inc. NX-OS 6.0(2)a8(8)
Cisco Systems Inc. NX-OS 6.0(2)a8(9)
Cisco Systems Inc. NX-OS 6.0(2)a8(10)
Cisco Systems Inc. NX-OS 6.0(2)a8(10a)
Cisco Systems Inc. NX-OS 6.0(2)a8(11)
Cisco Systems Inc. NX-OS 6.0(2)a8(11a)
Cisco Systems Inc. NX-OS 6.0(2)a8(11b)
Cisco Systems Inc. NX-OS 7.0(3)i4(9)
Cisco Systems Inc. NX-OS 7.0(3)i7(6)
Cisco Systems Inc. NX-OS 7.0(3)i7(7)
Cisco Systems Inc. NX-OS 7.0(3)i7(8)
Cisco Systems Inc. NX-OS 7.0(3)i7(9)
Cisco Systems Inc. NX-OS 7.0(3)i7(10)
Cisco Systems Inc. NX-OS 9.2(2)
Cisco Systems Inc. NX-OS 9.2(2t)
Cisco Systems Inc. NX-OS 9.2(2v)
Cisco Systems Inc. NX-OS 9.2(3)
Cisco Systems Inc. NX-OS 9.2(4)
Cisco Systems Inc. NX-OS 9.3(1)
Cisco Systems Inc. NX-OS 9.3(2)
Cisco Systems Inc. NX-OS 9.3(3)
Cisco Systems Inc. NX-OS 9.3(4)
Cisco Systems Inc. NX-OS 9.3(5)
Cisco Systems Inc. NX-OS 9.3(6)
Cisco Systems Inc. NX-OS 9.3(7)
Cisco Systems Inc. NX-OS 9.3(7a)
Cisco Systems Inc. NX-OS 9.3(8)
Cisco Systems Inc. NX-OS 9.3(9)
Cisco Systems Inc. NX-OS 10.1(1)
Cisco Systems Inc. NX-OS 10.1(2)
Cisco Systems Inc. NX-OS 10.1(2t)
Cisco Systems Inc. NX-OS 10.2(1)
Cisco Systems Inc. NX-OS 10.2(1q)
Cisco Systems Inc. NX-OS 10.2(2)
Cisco Systems Inc. NX-OS 10.2(3)
Cisco Systems Inc. NX-OS 10.2(3t)
Cisco Systems Inc. NX-OS 10.2(3v)
Cisco Systems Inc. NX-OS 10.2(4)
Cisco Systems Inc. NX-OS 10.2(5)
Cisco Systems Inc. NX-OS 10.2(6)
Cisco Systems Inc. NX-OS 10.3(1)
Cisco Systems Inc. NX-OS 10.3(2)
Cisco Systems Inc. NX-OS 10.3(3)
Cisco Systems Inc. NX-OS 10.3(99w)
Cisco Systems Inc. NX-OS 10.3(99x)
Cisco Systems Inc. NX-OS 10.4(1)
Cisco Systems Inc. NX-OS 7.0(3)I4(1t)
Cisco Systems Inc. NX-OS 7.0(3)I4(6t)
Cisco Systems Inc. NX-OS 7.0(3)I5(3)
Cisco Systems Inc. NX-OS 7.0(3)I5(3a)
Cisco Systems Inc. NX-OS 7.0(3)I5(3b)
Cisco Systems Inc. NX-OS 7.0(3)I7(3z)
Cisco Systems Inc. NX-OS 7.0(3)I7(6z)
Cisco Systems Inc. NX-OS 7.0(3)I7(9w)
Cisco Systems Inc. NX-OS 7.3(2)D1(1d)
Cisco Systems Inc. NX-OS 8.1(1)
Cisco Systems Inc. NX-OS 8.1(2)
Cisco Systems Inc. NX-OS 8.1(2a)
Cisco Systems Inc. NX-OS 8.1(1a)
Cisco Systems Inc. NX-OS 8.1(1b)
Cisco Systems Inc. NX-OS 8.2(3)
Cisco Systems Inc. NX-OS 8.2(4)
Cisco Systems Inc. NX-OS 8.2(5)
Cisco Systems Inc. NX-OS 8.2(6)
Cisco Systems Inc. NX-OS 8.2(7)
Cisco Systems Inc. NX-OS 8.2(7a)
Cisco Systems Inc. NX-OS 8.2(8)
Cisco Systems Inc. NX-OS 8.2(9)
Cisco Systems Inc. NX-OS 8.2(10)
Cisco Systems Inc. NX-OS 8.2(11)
Cisco Systems Inc. NX-OS 8.3(1)
Cisco Systems Inc. NX-OS 8.3(2)
Cisco Systems Inc. NX-OS 9.2(3y)
Cisco Systems Inc. NX-OS 9.2(1a)
Cisco Systems Inc. NX-OS 7.3(3)D1(1)
Cisco Systems Inc. NX-OS 7.0(3)IA7(1)
Cisco Systems Inc. NX-OS 7.0(3)IA7(2)
Cisco Systems Inc. NX-OS 7.0(3)IC4(4)
Cisco Systems Inc. NX-OS 7.0(3)IM7(2)
Cisco Systems Inc. NX-OS 7.3(4)D1(1)
Cisco Systems Inc. NX-OS 8.4(1)
Cisco Systems Inc. NX-OS 8.4(1a)
Cisco Systems Inc. NX-OS 8.4(2)
Cisco Systems Inc. NX-OS 8.4(2a)
Cisco Systems Inc. NX-OS 8.4(3)
Cisco Systems Inc. NX-OS 8.4(2b)
Cisco Systems Inc. NX-OS 8.4(4)
Cisco Systems Inc. NX-OS 8.4(2c)
Cisco Systems Inc. NX-OS 8.4(4a)
Cisco Systems Inc. NX-OS 8.4(5)
Cisco Systems Inc. NX-OS 8.4(2d)
Cisco Systems Inc. NX-OS 8.4(6)
Cisco Systems Inc. NX-OS 8.4(2e)
Cisco Systems Inc. NX-OS 8.4(6a)
Cisco Systems Inc. NX-OS 8.4(7)
Cisco Systems Inc. NX-OS 8.4(2f)
Cisco Systems Inc. NX-OS 8.4(8)
Cisco Systems Inc. NX-OS 8.4(9)
Cisco Systems Inc. NX-OS 9.3(1z)
Cisco Systems Inc. NX-OS 9.3(5w)
Cisco Systems Inc. NX-OS 9.3(7k)
Cisco Systems Inc. NX-OS 9.3(2a)
Cisco Systems Inc. NX-OS 9.3(13)
Cisco Systems Inc. NX-OS 7.3(5)D1(1)
Cisco Systems Inc. NX-OS 7.3(6)D1(1)
Cisco Systems Inc. NX-OS 7.3(7)D1(1)
Cisco Systems Inc. NX-OS 8.5(1)
Cisco Systems Inc. NX-OS 7.3(8)D1(1)
Cisco Systems Inc. NX-OS 10.2(2a)
Cisco Systems Inc. NX-OS 10.2(7)
Cisco Systems Inc. NX-OS 7.3(9)D1(1)
Cisco Systems Inc. NX-OS 10.3(3w)
Cisco Systems Inc. NX-OS 10.3(3o)
Cisco Systems Inc. NX-OS 10.3(4a)
Cisco Systems Inc. NX-OS 10.3(3p)
Cisco Systems Inc. NX-OS 10.3(4)
Cisco Systems Inc. NX-OS 10.3(3q)
Cisco Systems Inc. NX-OS 10.3(3x)
Cisco Systems Inc. NX-OS 10.3(5)
Cisco Systems Inc. NX-OS 9.4(1)
Cisco Systems Inc. NX-OS 9.4(1a)
Cisco Systems Inc. NX-OS 10.4(2)
Cisco Systems Inc. NX-OS 10.3(4g)
Cisco Systems Inc. NX-OS 10.3(3r)
Cisco Systems Inc. NX-OS 10.4(3)
Cisco Systems Inc. NX-OS ACI Mode 16.0(2h)
Cisco Systems Inc. NX-OS ACI Mode 16.0(2j)
Cisco Systems Inc. NX-OS ACI Mode 16.0(3d)
Cisco Systems Inc. NX-OS ACI Mode 16.0(3e)
Cisco Systems Inc. NX-OS ACI Mode 16.0(4c)
Cisco Systems Inc. NX-OS ACI Mode 16.0(5h)
Cisco Systems Inc. NX-OS ACI Mode 16.0(3g)
Cisco Systems Inc. NX-OS ACI Mode 16.0(5j)
Cisco Systems Inc. NX-OS 9.3(14)
Cisco Systems Inc. NX-OS 10.2(8)
Cisco Systems Inc. NX-OS 10.3(6)
Cisco Systems Inc. NX-OS 10.3(4h)
Cisco Systems Inc. NX-OS 10.4(4)
Cisco Systems Inc. NX-OS 10.5(1)
Cisco Systems Inc. NX-OS ACI Mode 13.2(1l)
Cisco Systems Inc. NX-OS ACI Mode 13.2(1m)
Cisco Systems Inc. NX-OS ACI Mode 13.2(2l)
Cisco Systems Inc. NX-OS ACI Mode 13.2(2o)
Cisco Systems Inc. NX-OS ACI Mode 13.2(3i)
Cisco Systems Inc. NX-OS ACI Mode 13.2(3n)
Cisco Systems Inc. NX-OS ACI Mode 13.2(3o)
Cisco Systems Inc. NX-OS ACI Mode 13.2(3r)
Cisco Systems Inc. NX-OS ACI Mode 13.2(4d)
Cisco Systems Inc. NX-OS ACI Mode 13.2(4e)
Cisco Systems Inc. NX-OS ACI Mode 13.2(3j)
Cisco Systems Inc. NX-OS ACI Mode 13.2(3s)
Cisco Systems Inc. NX-OS ACI Mode 13.2(5d)
Cisco Systems Inc. NX-OS ACI Mode 13.2(5e)
Cisco Systems Inc. NX-OS ACI Mode 13.2(5f)
Cisco Systems Inc. NX-OS ACI Mode 13.2(6i)
Cisco Systems Inc. NX-OS ACI Mode 13.2(41d)
Cisco Systems Inc. NX-OS ACI Mode 13.2(7f)
Cisco Systems Inc. NX-OS ACI Mode 13.2(7k)
Cisco Systems Inc. NX-OS ACI Mode 13.2(9b)
Cisco Systems Inc. NX-OS ACI Mode 13.2(8d)
Cisco Systems Inc. NX-OS ACI Mode 13.2(9f)
Cisco Systems Inc. NX-OS ACI Mode 13.2(9h)
Cisco Systems Inc. NX-OS ACI Mode 13.2(10e)
Cisco Systems Inc. NX-OS ACI Mode 13.2(10f)
Cisco Systems Inc. NX-OS ACI Mode 13.2(10g)
Cisco Systems Inc. NX-OS ACI Mode 14.0(1h)
Cisco Systems Inc. NX-OS ACI Mode 14.0(2c)
Cisco Systems Inc. NX-OS ACI Mode 14.0(3d)
Cisco Systems Inc. NX-OS ACI Mode 14.0(3c)
Cisco Systems Inc. NX-OS ACI Mode 14.1(1i)
Cisco Systems Inc. NX-OS ACI Mode 14.1(1j)
Cisco Systems Inc. NX-OS ACI Mode 14.1(1k)
Cisco Systems Inc. NX-OS ACI Mode 14.1(1l)
Cisco Systems Inc. NX-OS ACI Mode 14.1(2g)
Cisco Systems Inc. NX-OS ACI Mode 14.1(2m)
Cisco Systems Inc. NX-OS ACI Mode 14.1(2o)
Cisco Systems Inc. NX-OS ACI Mode 14.1(2s)
Cisco Systems Inc. NX-OS ACI Mode 14.1(2u)
Cisco Systems Inc. NX-OS ACI Mode 14.1(2w)
Cisco Systems Inc. NX-OS ACI Mode 14.1(2x)
Cisco Systems Inc. NX-OS ACI Mode 14.2(1i)
Cisco Systems Inc. NX-OS ACI Mode 14.2(1j)
Cisco Systems Inc. NX-OS ACI Mode 14.2(1l)
Cisco Systems Inc. NX-OS ACI Mode 14.2(2e)
Cisco Systems Inc. NX-OS ACI Mode 14.2(2f)
Cisco Systems Inc. NX-OS ACI Mode 14.2(2g)
Cisco Systems Inc. NX-OS ACI Mode 14.2(3j)
Cisco Systems Inc. NX-OS ACI Mode 14.2(3l)
Cisco Systems Inc. NX-OS ACI Mode 14.2(3n)
Cisco Systems Inc. NX-OS ACI Mode 14.2(3q)
Cisco Systems Inc. NX-OS ACI Mode 14.2(4i)
Cisco Systems Inc. NX-OS ACI Mode 14.2(4k)
Cisco Systems Inc. NX-OS ACI Mode 14.2(4o)
Cisco Systems Inc. NX-OS ACI Mode 14.2(4p)
Cisco Systems Inc. NX-OS ACI Mode 14.2(5k)
Cisco Systems Inc. NX-OS ACI Mode 14.2(5l)
Cisco Systems Inc. NX-OS ACI Mode 14.2(5n)
Cisco Systems Inc. NX-OS ACI Mode 14.2(6d)
Cisco Systems Inc. NX-OS ACI Mode 14.2(6g)
Cisco Systems Inc. NX-OS ACI Mode 14.2(6h)
Cisco Systems Inc. NX-OS ACI Mode 14.2(6l)
Cisco Systems Inc. NX-OS ACI Mode 14.2(7f)
Cisco Systems Inc. NX-OS ACI Mode 14.2(7l)
Cisco Systems Inc. NX-OS ACI Mode 14.2(6o)
Cisco Systems Inc. NX-OS ACI Mode 14.2(7q)
Cisco Systems Inc. NX-OS ACI Mode 14.2(7r)
Cisco Systems Inc. NX-OS ACI Mode 14.2(7s)
Cisco Systems Inc. NX-OS ACI Mode 14.2(7t)
Cisco Systems Inc. NX-OS ACI Mode 14.2(7u)
Cisco Systems Inc. NX-OS ACI Mode 14.2(7v)
Cisco Systems Inc. NX-OS ACI Mode 14.2(7w)
Cisco Systems Inc. NX-OS ACI Mode 15.0(1k)
Cisco Systems Inc. NX-OS ACI Mode 15.0(1l)
Cisco Systems Inc. NX-OS ACI Mode 15.0(2e)
Cisco Systems Inc. NX-OS ACI Mode 15.0(2h)
Cisco Systems Inc. NX-OS ACI Mode 15.1(1h)
Cisco Systems Inc. NX-OS ACI Mode 15.1(2e)
Cisco Systems Inc. NX-OS ACI Mode 15.1(3e)
Cisco Systems Inc. NX-OS ACI Mode 15.1(4c)
Cisco Systems Inc. NX-OS ACI Mode 15.2(1g)
Cisco Systems Inc. NX-OS ACI Mode 15.2(2e)
Cisco Systems Inc. NX-OS ACI Mode 15.2(2f)
Cisco Systems Inc. NX-OS ACI Mode 15.2(2g)
Cisco Systems Inc. NX-OS ACI Mode 15.2(2h)
Cisco Systems Inc. NX-OS ACI Mode 15.2(3e)
Cisco Systems Inc. NX-OS ACI Mode 15.2(3f)
Cisco Systems Inc. NX-OS ACI Mode 15.2(3g)
Cisco Systems Inc. NX-OS ACI Mode 15.2(4d)
Cisco Systems Inc. NX-OS ACI Mode 15.2(4e)
Cisco Systems Inc. NX-OS ACI Mode 15.2(5c)
Cisco Systems Inc. NX-OS ACI Mode 15.2(5d)
Cisco Systems Inc. NX-OS ACI Mode 15.2(5e)
Cisco Systems Inc. NX-OS ACI Mode 15.2(4f)
Cisco Systems Inc. NX-OS ACI Mode 15.2(6e)
Cisco Systems Inc. NX-OS ACI Mode 15.2(6g)
Cisco Systems Inc. NX-OS ACI Mode 15.2(7f)
Cisco Systems Inc. NX-OS ACI Mode 15.2(7g)
Cisco Systems Inc. NX-OS ACI Mode 15.2(6h)
Cisco Systems Inc. NX-OS ACI Mode 15.2(8d)
Cisco Systems Inc. NX-OS ACI Mode 15.2(8e)
Cisco Systems Inc. NX-OS ACI Mode 15.2(8f)
Cisco Systems Inc. NX-OS ACI Mode 15.2(8g)
Cisco Systems Inc. NX-OS ACI Mode 15.2(8h)
Cisco Systems Inc. NX-OS ACI Mode 15.2(8i)
Cisco Systems Inc. NX-OS ACI Mode 16.0(1g)
Cisco Systems Inc. NX-OS ACI Mode 16.0(1j)
Cisco Systems Inc. NX-OS ACI Mode 16.0(6c)
Cisco Systems Inc. NX-OS ACI Mode 16.0(7e)
Cisco Systems Inc. NX-OS ACI Mode 16.0(8e)
Cisco Systems Inc. NX-OS ACI Mode 15.3(1d)
Cisco Systems Inc. NX-OS ACI Mode 15.3(2a)
Cisco Systems Inc. NX-OS ACI Mode 15.3(2b)
Cisco Systems Inc. NX-OS ACI Mode 15.3(2c)
Cisco Systems Inc. NX-OS ACI Mode 15.3(2d)
Cisco Systems Inc. NX-OS ACI Mode 15.3(2e)
Cisco Systems Inc. NX-OS ACI Mode 16.1(1f)
Уровень опасности уязвимости
Средний уровень опасности (базовая оценка CVSS 2.0 составляет 5,6)
Средний уровень опасности (базовая оценка CVSS 3.1 составляет 5,2)
Возможные меры по устранению уязвимости
Использование рекомендаций производителя:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-image-sig-bypas-pQDRQvjL
Статус уязвимости
Подтверждена производителем
Наличие эксплойта
Данные уточняются
Информация об устранении
Уязвимость устранена
Идентификаторы других систем описаний уязвимостей
- CVE
EPSS
Процентиль: 2%
0.00014
Низкий
5.2 Medium
CVSS3
5.6 Medium
CVSS2
Связанные уязвимости
CVSS3: 5.2
nvd
около 1 года назад
A vulnerability in the bootloader of Cisco NX-OS Software could allow an unauthenticated attacker with physical access to an affected device, or an authenticated, local attacker with administrative credentials, to bypass NX-OS image signature verification. This vulnerability is due to insecure bootloader settings. An attacker could exploit this vulnerability by executing a series of bootloader commands. A successful exploit could allow the attacker to bypass NX-OS image signature verification and load unverified software.
CVSS3: 5.2
github
около 1 года назад
A vulnerability in the bootloader of Cisco NX-OS Software could allow an unauthenticated attacker with physical access to an affected device, or an authenticated, local attacker with administrative credentials, to bypass NX-OS image signature verification. This vulnerability is due to insecure bootloader settings. An attacker could exploit this vulnerability by executing a series of bootloader commands. A successful exploit could allow the attacker to bypass NX-OS image signature verification and load unverified software.
EPSS
Процентиль: 2%
0.00014
Низкий
5.2 Medium
CVSS3
5.6 Medium
CVSS2