A vulnerability was found in Cisco NX-OS on Nexus 9000 (Router Operating System). It has been declared as critical. Affected by this vulnerability is an unknown code of the component Tetration Analytics Agent. The manipulation with an unknown input leads to a permission vulnerability. The CWE definition for the vulnerability is CWE-275. As an impact it is known to affect confidentiality, integrity, and availability. The summary by CVE is:

A vulnerability in the Tetration Analytics agent for Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, local attacker to execute arbitrary code as root. The vulnerability is due to an incorrect permissions setting. An attacker could exploit this vulnerability by replacing valid agent files with malicious code. A successful exploit could result in the execution of code supplied by the attacker. Nexus 9000 Series Switches in Standalone NX-OS Mode are affected running versions prior to 7.0(3)I7(5).

The bug was discovered 03/06/2019. The weakness was shared 03/11/2019 as cisco-sa-20190306-tetra-ace as confirmed advisory (Website). The advisory is shared at tools.cisco.com. This vulnerability is known as CVE-2019-1618 since 12/06/2018. An attack has to be approached locally. A single authentication is needed for exploitation. Neither technical details nor an exploit are publicly available. MITRE ATT&CK project uses the attack technique T1222 for this issue.

The vulnerability was handled as a non-public zero-day exploit for at least 5 days. During that time the estimated underground price was around $5k-$25k. The commercial vulnerability scanner Qualys is able to test this issue with plugin 316377 (Cisco Nexus 9000 Series Switches Standalone NX-OS Mode Tetration Analytics Agent Arbitrary Code Execution Vulnerability(cisco-sa-20190306-tetra-ace)).

Upgrading to version 7.0(3)I7(5) eliminates this vulnerability.

The entries 131568, 131567, 131566 and 131565 are related to this item.

Productinfo

Type

• Router Operating System

Vendor

• Cisco

Name

• NX-OS

Version

• 1.1(1g)
• 4.0(1a)N2(1)
• 4.0(1h)
• 4.1(2)e1(1)
• 4.1(2)e1(1b)
• 4.1(2)e1(1c)
• 4.1(2)e1(1f)
• 4.2
• 4.2(1)SV1(5.2)
• 4.2(1)SV1(5.2a)
• 5.0
• 5.0%283%29
• 5.0(3)N2(2)
• 5.0(3)U3(2)
• 5.1
• 5.2
• 5.2(1)
• 5.2(1)SV3(1.5i)
• 5.2(4)
• 5.2(5)
• 5.2(9)N1(1)
• 6.0
• 6.0(2)A6(1)
• 6.0(2)A6(2)
• 6.0(2)A6(3)
• 6.0(2)A6(4)
• 6.0(2)A6(5)
• 6.0(2)n2(2)
• 6.0(2)u5(1.41)
• 6.0(2)U6(0.46)
• 6.0(2)U6(1)
• 6.0(2)U6(2)
• 6.0(2)U6(3)
• 6.0(2)U6(4)
• 6.0(2)U6(5)
• 6.1
• 6.1 (0.208)S0
• 6.1%282%29
• 6.1(1)
• 6.1(2)I2(3)
• 6.1(2)I3(4)
• 6.1(3)S5
• 6.1(3)S6
• 6.1(5)
• 6.2
• 6.2(1)
• 6.2(1.121)S0
• 6.2(2)
• 6.2(8a)
• 6.2(9.7)
• 6.2(10)
• 6.2(11)
• 6.2(11b)
• 6.2(12)
• 6.2(13)
• 6.2(14)s1
• 6.2.8
• 7.0
• 7.0(0)FVX(0.66)
• 7.0(0)HSK(0.357)
• 7.0(0)ZD(1.8)
• 7.0(0.128)S0
• 7.0(1)N1(1)
• 7.0(1)N1(3)
• 7.0(3)F1(0.230)
• 7.0(3)F1(1)
• 7.0(3)F1(1.22)
• 7.0(3)I1(1)
• 7.0(3)I2(2e)
• 7.0(3)I3(0.170)
• 7.0(3)I3(0.255)
• 7.0(3)I3(0.257)
• 7.0(3)I3(1)
• 7.0(3)I4(0.8)
• 7.0(3)I4(1)
• 7.0(3)I4(9)
• 7.0(3)I7(4)

License

• commercial

Support

• end of life (old version)

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion