PT-2019-1579 · Cisco · Nexus 3600 Platform Switches+16
Published
2019-03-06
·
Updated
2023-04-20
·
CVE-2019-1600
CVSS v2.0
6.8
Medium
| Vector | AV:L/AC:L/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Cisco FXOS Software versions prior to 2.2.2.91 and 2.3.1.110
Cisco NX-OS Software versions prior to 2.2.2.91 and 2.3.1.110
Firepower 4100 Series Next-Generation Firewalls versions prior to 2.2.2.91 and 2.3.1.110
Firepower 9300 Series Next-Generation Firewalls versions prior to 2.2.2.91 and 2.3.1.110
MDS 9000 Series Multilayer Switches versions prior to 6.2(25), 8.1(1b), and 8.3(1)
Nexus 3000 Series Switches versions prior to 7.0(3)I4(9) and 7.0(3)I7(4)
Nexus 3500 Platform Switches versions prior to 6.0(2)A8(10) and 7.0(3)I7(4)
Nexus 3600 Platform Switches versions prior to 7.0(3)F3(5)
Nexus 2000, 5500, 5600, and 6000 Series Switches versions prior to 7.1(5)N1(1b) and 7.3(3)N1(1)
Nexus 7000 and 7700 Series Switches versions prior to 6.2(22), 7.3(3)D1(1), and 8.2(3)
Nexus 9000 Series Switches-Standalone versions prior to 7.0(3)I4(9) and 7.0(3)I7(4)
Nexus 9500 R-Series Line Cards and Fabric Modules versions prior to 7.0(3)F3(5)
Description
A vulnerability in the file system permissions of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to access sensitive information that is stored in the file system of an affected system. The vulnerability is due to improper implementation of file system permissions. An attacker could exploit this vulnerability by accessing and modifying restricted files. A successful exploit could allow the attacker to access sensitive and critical files.
Recommendations
For Cisco FXOS Software versions prior to 2.2.2.91 and 2.3.1.110, update to a fixed version.
For Cisco NX-OS Software versions prior to 2.2.2.91 and 2.3.1.110, update to a fixed version.
For Firepower 4100 Series Next-Generation Firewalls versions prior to 2.2.2.91 and 2.3.1.110, update to a fixed version.
For Firepower 9300 Series Next-Generation Firewalls versions prior to 2.2.2.91 and 2.3.1.110, update to a fixed version.
For MDS 9000 Series Multilayer Switches versions prior to 6.2(25), 8.1(1b), and 8.3(1), update to a fixed version.
For Nexus 3000 Series Switches versions prior to 7.0(3)I4(9) and 7.0(3)I7(4), update to a fixed version.
For Nexus 3500 Platform Switches versions prior to 6.0(2)A8(10) and 7.0(3)I7(4), update to a fixed version.
For Nexus 3600 Platform Switches versions prior to 7.0(3)F3(5), update to a fixed version.
For Nexus 2000, 5500, 5600, and 6000 Series Switches versions prior to 7.1(5)N1(1b) and 7.3(3)N1(1), update to a fixed version.
For Nexus 7000 and 7700 Series Switches versions prior to 6.2(22), 7.3(3)D1(1), and 8.2(3), update to a fixed version.
For Nexus 9000 Series Switches-Standalone versions prior to 7.0(3)I4(9) and 7.0(3)I7(4), update to a fixed version.
For Nexus 9500 R-Series Line Cards and Fabric Modules versions prior to 7.0(3)F3(5), update to a fixed version.
Fix
Incorrect Permission
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Cisco Fxos
Cisco Nx-Os
Cisco Nexus
Firepower 4100 Series Next-Generation Firewalls
Firepower 9300 Series Next-Generation Firewalls
Mds 9000 Series Multilayer Switches
Nexus 2000 Series Switches
Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 3600 Platform Switches
Nexus 5500 Series Switches
Nexus 5600 Series Switches
Nexus 6000 Series Switches
Nexus 7000 Series Switches
Nexus 7700 Series Switches
Nexus 9000 Series Switches
Nexus 9500 R-Series Line Cards/Fabric Modules