cnvd - cnvd-2016-09440

cnvd-2016-09440

Vulnerability from cnvd

Title: Cisco NX-OS安全绕过漏洞

Description:

Cisco NX-OS是美国思科（Cisco）公司的一套面向数据中心的操作系统。

Cisco NX-OS 4.0至7.3版本中的SSH子系统存在安全绕过漏洞，远程攻击者可利用该漏洞绕过AAA限制，在设备命令行上执行命令。

Severity: 高

Patch Name: Cisco NX-OS安全绕过漏洞的补丁

Patch Description:

Cisco NX-OS是美国思科（Cisco）公司的一套面向数据中心的操作系统。

Cisco NX-OS 4.0至7.3版本中的SSH子系统存在安全绕过漏洞，远程攻击者可利用该漏洞绕过AAA限制，在设备命令行上执行命令。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

目前厂商已经发布了升级补丁以修复此安全问题，补丁获取链接： https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-nxaaa

Reference: http://www.securityfocus.com/bid/93410 http://securitytracker.com/id/1036947 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-nxaaa

Impacted products

Name
['Cisco Nexus 1000V Series Switches', 'Cisco Nexus 3000 Series Switche', 'Cisco Nexus 7000 series switches', 'Cisco Nexus 4000 Series Switches', 'Cisco Nexus 5000 Series Switches', 'Cisco Nexus 6000 Series Switches', 'Cisco Nexus 9000 Series Switches in NX-OS mode', 'Cisco Nexus 7700 Series Switches', 'Cisco Nexus 5600 Platform Switches', 'Cisco Nexus 5500 Platform Switches', 'Cisco Nexus 2000 Series Fabric Extenders', 'Cisco Nexus 3500 Platform Switches', 'Cisco Multilayer Director Switches']

Name

['Cisco Nexus 1000V Series Switches', 'Cisco Nexus 3000 Series Switche', 'Cisco Nexus 7000 series switches', 'Cisco Nexus 4000 Series Switches', 'Cisco Nexus 5000 Series Switches', 'Cisco Nexus 6000 Series Switches', 'Cisco Nexus 9000 Series Switches in NX-OS mode', 'Cisco Nexus 7700 Series Switches', 'Cisco Nexus 5600 Platform Switches', 'Cisco Nexus 5500 Platform Switches', 'Cisco Nexus 2000 Series Fabric Extenders', 'Cisco Nexus 3500 Platform Switches', 'Cisco Multilayer Director Switches']

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "93410"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2015-0721"
    }
  },
  "description": "Cisco NX-OS\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4e00\u5957\u9762\u5411\u6570\u636e\u4e2d\u5fc3\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\r\nCisco NX-OS 4.0\u81f37.3\u7248\u672c\u4e2d\u7684SSH\u5b50\u7cfb\u7edf\u5b58\u5728\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u7ed5\u8fc7AAA\u9650\u5236\uff0c\u5728\u8bbe\u5907\u547d\u4ee4\u884c\u4e0a\u6267\u884c\u547d\u4ee4\u3002",
  "discovererName": "Cisco",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-nxaaa",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-09440",
  "openTime": "2016-10-19",
  "patchDescription": "Cisco NX-OS\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4e00\u5957\u9762\u5411\u6570\u636e\u4e2d\u5fc3\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\r\nCisco NX-OS 4.0\u81f37.3\u7248\u672c\u4e2d\u7684SSH\u5b50\u7cfb\u7edf\u5b58\u5728\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u7ed5\u8fc7AAA\u9650\u5236\uff0c\u5728\u8bbe\u5907\u547d\u4ee4\u884c\u4e0a\u6267\u884c\u547d\u4ee4\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cisco NX-OS\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Cisco Nexus 1000V Series Switches",
      "Cisco Nexus 3000 Series Switche",
      "Cisco Nexus 7000 series switches",
      "Cisco Nexus 4000 Series Switches",
      "Cisco Nexus 5000 Series Switches",
      "Cisco Nexus 6000 Series Switches",
      "Cisco Nexus 9000 Series Switches in NX-OS mode",
      "Cisco Nexus 7700 Series Switches",
      "Cisco Nexus 5600 Platform Switches",
      "Cisco Nexus 5500 Platform Switches",
      "Cisco Nexus 2000 Series Fabric Extenders",
      "Cisco Nexus 3500 Platform Switches",
      "Cisco Multilayer Director Switches"
    ]
  },
  "referenceLink": "http://www.securityfocus.com/bid/93410\r\nhttp://securitytracker.com/id/1036947\r\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-nxaaa",
  "serverity": "\u9ad8",
  "submitTime": "2016-10-12",
  "title": "Cisco NX-OS\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e"
}

CVE-2015-0721 (GCVE-0-2015-0721)

Vulnerability from cvelistv5

Published

2016-10-06 10:00

Modified

2024-08-06 04:17

Severity ?

CWE

Summary

Cisco NX-OS 4.0 through 7.3 on Multilayer Director and Nexus 1000V, 2000, 3000, 3500, 4000, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote authenticated users to bypass intended AAA restrictions and obtain privileged CLI access via crafted parameters in an SSH connection negotiation, aka Bug IDs CSCum35502, CSCuw78669, CSCuw79754, and CSCux88492.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/93410	vdb-entry, x_refsource_BID
	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-nxaaa	vendor-advisory, x_refsource_CISCO
	http://www.securitytracker.com/id/1036947	vdb-entry, x_refsource_SECTRACK

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T04:17:32.743Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "93410",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/93410"
          },
          {
            "name": "20161005 Cisco NX-OS Software-Based Products Authentication, Authorization, and Accounting Bypass Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-nxaaa"
          },
          {
            "name": "1036947",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1036947"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-10-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cisco NX-OS 4.0 through 7.3 on Multilayer Director and Nexus 1000V, 2000, 3000, 3500, 4000, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote authenticated users to bypass intended AAA restrictions and obtain privileged CLI access via crafted parameters in an SSH connection negotiation, aka Bug IDs CSCum35502, CSCuw78669, CSCuw79754, and CSCux88492."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-29T09:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "93410",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/93410"
        },
        {
          "name": "20161005 Cisco NX-OS Software-Based Products Authentication, Authorization, and Accounting Bypass Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-nxaaa"
        },
        {
          "name": "1036947",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1036947"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2015-0721",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cisco NX-OS 4.0 through 7.3 on Multilayer Director and Nexus 1000V, 2000, 3000, 3500, 4000, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote authenticated users to bypass intended AAA restrictions and obtain privileged CLI access via crafted parameters in an SSH connection negotiation, aka Bug IDs CSCum35502, CSCuw78669, CSCuw79754, and CSCux88492."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "93410",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/93410"
            },
            {
              "name": "20161005 Cisco NX-OS Software-Based Products Authentication, Authorization, and Accounting Bypass Vulnerability",
              "refsource": "CISCO",
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-nxaaa"
            },
            {
              "name": "1036947",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1036947"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2015-0721",
    "datePublished": "2016-10-06T10:00:00",
    "dateReserved": "2015-01-07T00:00:00",
    "dateUpdated": "2024-08-06T04:17:32.743Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted