Action not permitted
Modal body text goes here.
Modal Title
Modal Body
WID-SEC-W-2024-1949
Vulnerability from csaf_certbund - Published: 2024-08-28 22:00 - Updated: 2024-08-28 22:00Summary
Cisco NX-OS: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Cisco NX-OS ist ein Data Center Netzwerk-Betriebssystem für virtualisierte Rechenzentren. NX-OS wurde für Ethernet Switches der Nexus Serie und Fibre Channel Storage Area Network Swiches der MDS Serie entwickelt.
Angriff: Ein lokaler oder entfernter, anonymer Angreifer kann mehrere Schwachstellen in Cisco NX-OS ausnutzen, um beliebigen Programmcode auszuführen, erweiterte Rechte zu erlangen und einen Denial-of-Service-Zustand zu erzeugen.
Betroffene Betriebssysteme: - CISCO Appliance
Es bestehen mehrere Schwachstellen in Cisco NX-OS. Diese Fehler betreffen den Python-Interpreter aufgrund einer unzureichenden Validierung der vom Benutzer bereitgestellten Eingaben, wodurch die Python-Sandbox umgangen werden kann. Ein lokaler Angreifer mit Ausführungsrechten für Python kann diese Schwachstellen ausnutzen, um beliebigen Code mit den Rechten des authentifizierten Benutzers auszuführen.
Es bestehen mehrere Schwachstellen in Cisco NX-OS. Diese Fehler betreffen den Python-Interpreter aufgrund einer unzureichenden Validierung der vom Benutzer bereitgestellten Eingaben, wodurch die Python-Sandbox umgangen werden kann. Ein lokaler Angreifer mit Ausführungsrechten für Python kann diese Schwachstellen ausnutzen, um beliebigen Code mit den Rechten des authentifizierten Benutzers auszuführen.
Es bestehen mehrere Schwachstellen in Cisco NX-OS. Diese Fehler betreffen den Python-Interpreter aufgrund einer unzureichenden Validierung der vom Benutzer bereitgestellten Eingaben, wodurch die Python-Sandbox umgangen werden kann. Ein lokaler Angreifer mit Ausführungsrechten für Python kann diese Schwachstellen ausnutzen, um beliebigen Code mit den Rechten des authentifizierten Benutzers auszuführen.
Es besteht eine Schwachstelle in Cisco NX-OS. Dieser Fehler betrifft die CLI aufgrund einer unzureichenden Validierung von Argumenten für einen bestimmten Befehl, wodurch manipulierte Eingaben als Argument an den Befehl übergeben werden können. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Code mit den Rechten des aktuell angemeldeten Benutzers auszuführen.
Es besteht eine Schwachstelle in Cisco NX-OS. Diese Schwachstelle besteht aufgrund unzureichender Sicherheitseinschränkungen bei der Ausführung von Befehlen aus der Bash-Shell. Ein lokaler Angreifer mit bestimmten Privilegien kann diese Schwachstelle ausnutzen, um beliebigen Code mit Root-Rechten auszuführen.
Es besteht eine Schwachstelle in Cisco NX-OS aufgrund unzureichender Sicherheitsbeschränkungen beim Ausführen von Anwendungsargumenten aus der Bash-Shell, wodurch ein neuer Benutzer mit den Rechten eines Netzwerkadministrators erstellt werden kann. Ein lokaler Angreifer mit bestimmten Privilegien kann diese Sicherheitslücke ausnutzen, um erweiterte Rechte zu erlangen.
Es besteht eine Schwachstelle in Cisco NX-OS. Diese Sicherheitslücke betrifft den DHCPv6-Relay-Agent aufgrund einer unsachgemäßen Behandlung bestimmter Felder in einer RELAY-REPLY- Message, wodurch der dhcp_snoop-Prozess zum Absturz gebracht und neu gestartet wird. Durch das Senden eines manipulierten DHCPv6-Pakets kann ein entfernter, anonymer Angreifer diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen.
References
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Cisco NX-OS ist ein Data Center Netzwerk-Betriebssystem f\u00fcr virtualisierte Rechenzentren. NX-OS wurde f\u00fcr Ethernet Switches der Nexus Serie und Fibre Channel Storage Area Network Swiches der MDS Serie entwickelt.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein lokaler oder entfernter, anonymer Angreifer kann mehrere Schwachstellen in Cisco NX-OS ausnutzen, um beliebigen Programmcode auszuf\u00fchren, erweiterte Rechte zu erlangen und einen Denial-of-Service-Zustand zu erzeugen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- CISCO Appliance",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-1949 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1949.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-1949 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1949"
},
{
"category": "external",
"summary": "Cisco Security Advisory cisco-sa-nxos-bshacepe-bApeHSx7 vom 2024-08-28",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-bshacepe-bApeHSx7"
},
{
"category": "external",
"summary": "Cisco Security Advisory cisco-sa-nxos-cmdinj-Lq6jsZhH vom 2024-08-28",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-cmdinj-Lq6jsZhH"
},
{
"category": "external",
"summary": "Cisco Security Advisory cisco-sa-nxos-dhcp6-relay-dos-znEAA6xn vom 2024-08-28",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-dhcp6-relay-dos-znEAA6xn"
},
{
"category": "external",
"summary": "Cisco Security Advisory cisco-sa-nxos-psbe-ce-YvbTn5du vom 2024-08-28",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-psbe-ce-YvbTn5du"
}
],
"source_lang": "en-US",
"title": "Cisco NX-OS: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-08-28T22:00:00.000+00:00",
"generator": {
"date": "2024-08-29T09:09:45.815+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.6"
}
},
"id": "WID-SEC-W-2024-1949",
"initial_release_date": "2024-08-28T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-08-28T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Cisco MDS 9000",
"product": {
"name": "Cisco MDS 9000",
"product_id": "T001069",
"product_identification_helper": {
"cpe": "cpe:/o:cisco:mds_9000:-"
}
}
},
{
"category": "product_name",
"name": "Cisco NX-OS",
"product": {
"name": "Cisco NX-OS",
"product_id": "T035723",
"product_identification_helper": {
"cpe": "cpe:/o:cisco:nx-os:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "3000",
"product": {
"name": "Cisco Nexus 3000",
"product_id": "T003851",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:nexus:3000"
}
}
},
{
"category": "product_version",
"name": "9000",
"product": {
"name": "Cisco Nexus 9000",
"product_id": "T003853",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:nexus:9000"
}
}
},
{
"category": "product_version",
"name": "7000",
"product": {
"name": "Cisco Nexus 7000",
"product_id": "T009516",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:nexus:7000"
}
}
},
{
"category": "product_version",
"name": "5500",
"product": {
"name": "Cisco Nexus 5500",
"product_id": "T010049",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:nexus:5500"
}
}
},
{
"category": "product_version",
"name": "5600",
"product": {
"name": "Cisco Nexus 5600",
"product_id": "T010052",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:nexus:5600"
}
}
},
{
"category": "product_version",
"name": "6000",
"product": {
"name": "Cisco Nexus 6000",
"product_id": "T026491",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:nexus:6000"
}
}
}
],
"category": "product_name",
"name": "Nexus"
},
{
"branches": [
{
"category": "product_version",
"name": "6400",
"product": {
"name": "Cisco Unified Computing System (UCS) 6400",
"product_id": "T013716",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:unified_computing_system:6400"
}
}
},
{
"category": "product_version",
"name": "6500",
"product": {
"name": "Cisco Unified Computing System (UCS) 6500",
"product_id": "T037182",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:unified_computing_system:6500"
}
}
}
],
"category": "product_name",
"name": "Unified Computing System (UCS)"
}
],
"category": "vendor",
"name": "Cisco"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-20284",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Cisco NX-OS. Diese Fehler betreffen den Python-Interpreter aufgrund einer unzureichenden Validierung der vom Benutzer bereitgestellten Eingaben, wodurch die Python-Sandbox umgangen werden kann. Ein lokaler Angreifer mit Ausf\u00fchrungsrechten f\u00fcr Python kann diese Schwachstellen ausnutzen, um beliebigen Code mit den Rechten des authentifizierten Benutzers auszuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T013716",
"T026491",
"T035723",
"T003851",
"T009516",
"T003853",
"T010049",
"T037182",
"T001069",
"T010052"
]
},
"release_date": "2024-08-28T22:00:00.000+00:00",
"title": "CVE-2024-20284"
},
{
"cve": "CVE-2024-20285",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Cisco NX-OS. Diese Fehler betreffen den Python-Interpreter aufgrund einer unzureichenden Validierung der vom Benutzer bereitgestellten Eingaben, wodurch die Python-Sandbox umgangen werden kann. Ein lokaler Angreifer mit Ausf\u00fchrungsrechten f\u00fcr Python kann diese Schwachstellen ausnutzen, um beliebigen Code mit den Rechten des authentifizierten Benutzers auszuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T013716",
"T026491",
"T035723",
"T003851",
"T009516",
"T003853",
"T010049",
"T037182",
"T001069",
"T010052"
]
},
"release_date": "2024-08-28T22:00:00.000+00:00",
"title": "CVE-2024-20285"
},
{
"cve": "CVE-2024-20286",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Cisco NX-OS. Diese Fehler betreffen den Python-Interpreter aufgrund einer unzureichenden Validierung der vom Benutzer bereitgestellten Eingaben, wodurch die Python-Sandbox umgangen werden kann. Ein lokaler Angreifer mit Ausf\u00fchrungsrechten f\u00fcr Python kann diese Schwachstellen ausnutzen, um beliebigen Code mit den Rechten des authentifizierten Benutzers auszuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T013716",
"T026491",
"T035723",
"T003851",
"T009516",
"T003853",
"T010049",
"T037182",
"T001069",
"T010052"
]
},
"release_date": "2024-08-28T22:00:00.000+00:00",
"title": "CVE-2024-20286"
},
{
"cve": "CVE-2024-20289",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in Cisco NX-OS. Dieser Fehler betrifft die CLI aufgrund einer unzureichenden Validierung von Argumenten f\u00fcr einen bestimmten Befehl, wodurch manipulierte Eingaben als Argument an den Befehl \u00fcbergeben werden k\u00f6nnen. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Code mit den Rechten des aktuell angemeldeten Benutzers auszuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T013716",
"T026491",
"T035723",
"T003851",
"T009516",
"T003853",
"T010049",
"T037182",
"T001069",
"T010052"
]
},
"release_date": "2024-08-28T22:00:00.000+00:00",
"title": "CVE-2024-20289"
},
{
"cve": "CVE-2024-20411",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in Cisco NX-OS. Diese Schwachstelle besteht aufgrund unzureichender Sicherheitseinschr\u00e4nkungen bei der Ausf\u00fchrung von Befehlen aus der Bash-Shell. Ein lokaler Angreifer mit bestimmten Privilegien kann diese Schwachstelle ausnutzen, um beliebigen Code mit Root-Rechten auszuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T013716",
"T026491",
"T035723",
"T003851",
"T009516",
"T003853",
"T010049",
"T037182",
"T001069",
"T010052"
]
},
"release_date": "2024-08-28T22:00:00.000+00:00",
"title": "CVE-2024-20411"
},
{
"cve": "CVE-2024-20413",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in Cisco NX-OS aufgrund unzureichender Sicherheitsbeschr\u00e4nkungen beim Ausf\u00fchren von Anwendungsargumenten aus der Bash-Shell, wodurch ein neuer Benutzer mit den Rechten eines Netzwerkadministrators erstellt werden kann. Ein lokaler Angreifer mit bestimmten Privilegien kann diese Sicherheitsl\u00fccke ausnutzen, um erweiterte Rechte zu erlangen."
}
],
"product_status": {
"known_affected": [
"T013716",
"T026491",
"T035723",
"T003851",
"T009516",
"T003853",
"T010049",
"T037182",
"T001069",
"T010052"
]
},
"release_date": "2024-08-28T22:00:00.000+00:00",
"title": "CVE-2024-20413"
},
{
"cve": "CVE-2024-20446",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in Cisco NX-OS. Diese Sicherheitsl\u00fccke betrifft den DHCPv6-Relay-Agent aufgrund einer unsachgem\u00e4\u00dfen Behandlung bestimmter Felder in einer RELAY-REPLY- Message, wodurch der dhcp_snoop-Prozess zum Absturz gebracht und neu gestartet wird. Durch das Senden eines manipulierten DHCPv6-Pakets kann ein entfernter, anonymer Angreifer diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen."
}
],
"product_status": {
"known_affected": [
"T013716",
"T026491",
"T035723",
"T003851",
"T009516",
"T003853",
"T010049",
"T037182",
"T001069",
"T010052"
]
},
"release_date": "2024-08-28T22:00:00.000+00:00",
"title": "CVE-2024-20446"
}
]
}
CVE-2024-20413 (GCVE-0-2024-20413)
Vulnerability from cvelistv5 – Published: 2024-08-28 16:27 – Updated: 2024-08-30 03:56
VLAI?
EPSS
Title
Cisco NX-OS Bash Privilege Escalation Vulnerability
Summary
A vulnerability in Cisco NX-OS Software could allow an authenticated, local attacker with privileges to access the Bash shell to elevate privileges to network-admin on an affected device.
This vulnerability is due to insufficient security restrictions when executing application arguments from the Bash shell. An attacker with privileges to access the Bash shell could exploit this vulnerability by executing crafted commands on the underlying operating system. A successful exploit could allow the attacker to create new users with the privileges of network-admin.
Severity ?
6.7 (Medium)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Affected:
9.2(3)
Affected: 7.0(3)I5(2) Affected: 6.0(2)A8(7a) Affected: 7.0(3)I4(5) Affected: 6.0(2)A6(1) Affected: 7.0(3)I4(6) Affected: 7.0(3)I4(3) Affected: 9.2(2v) Affected: 6.0(2)A6(5b) Affected: 7.0(3)I4(7) Affected: 6.0(2)U6(1a) Affected: 7.0(3)I4(1) Affected: 7.0(3)I4(8) Affected: 7.0(3)I4(2) Affected: 7.0(3)IM3(1) Affected: 6.0(2)U6(5a) Affected: 6.0(2)A8(11) Affected: 6.0(2)A6(4a) Affected: 9.2(1) Affected: 9.2(2t) Affected: 9.2(3y) Affected: 7.0(3)I4(1t) Affected: 6.0(2)U6(5c) Affected: 6.0(2)A6(4) Affected: 7.0(3)I7(6z) Affected: 9.3(2) Affected: 7.0(3)F3(3) Affected: 6.0(2)U6(6) Affected: 7.0(3)I7(3z) Affected: 7.0(3)IM7(2) Affected: 6.0(2)A8(11b) Affected: 7.0(3)I7(5a) Affected: 7.0(3)I6(1) Affected: 6.0(2)U6(10) Affected: 7.0(3)IM3(2) Affected: 6.0(2)A6(8) Affected: 6.0(2)U6(1) Affected: 7.0(3)I5(3b) Affected: 6.0(2)A6(2a) Affected: 6.0(2)U6(7) Affected: 9.2(4) Affected: 7.0(3)IM3(2a) Affected: 6.0(2)A8(10) Affected: 6.0(2)A8(2) Affected: 7.0(3)IC4(4) Affected: 6.0(2)A6(3) Affected: 6.0(2)U6(5b) Affected: 7.0(3)F3(3c) Affected: 7.0(3)F3(1) Affected: 6.0(2)U6(5) Affected: 7.0(3)F3(5) Affected: 6.0(2)A6(7) Affected: 7.0(3)I7(2) Affected: 6.0(2)A6(5) Affected: 7.0(3)IM3(2b) Affected: 6.0(2)U6(4a) Affected: 7.0(3)I5(3) Affected: 7.0(3)I7(3) Affected: 6.0(2)A8(6) Affected: 7.0(3)I6(2) Affected: 6.0(2)A8(5) Affected: 6.0(2)U6(8) Affected: 7.0(3)IM3(3) Affected: 9.3(1) Affected: 6.0(2)U6(2) Affected: 6.0(2)A8(7) Affected: 7.0(3)I7(6) Affected: 6.0(2)U6(3a) Affected: 6.0(2)A8(11a) Affected: 7.0(3)I4(8z) Affected: 7.0(3)I4(9) Affected: 7.0(3)I7(4) Affected: 7.0(3)I7(7) Affected: 6.0(2)A8(9) Affected: 6.0(2)A8(1) Affected: 6.0(2)A6(6) Affected: 6.0(2)A8(10a) Affected: 7.0(3)I5(1) Affected: 9.3(1z) Affected: 9.2(2) Affected: 7.0(3)F3(4) Affected: 7.0(3)I4(8b) Affected: 6.0(2)A8(3) Affected: 7.0(3)I4(6t) Affected: 7.0(3)I5(3a) Affected: 6.0(2)A8(8) Affected: 7.0(3)I7(5) Affected: 7.0(3)F3(3a) Affected: 6.0(2)A8(4) Affected: 6.0(2)A6(3a) Affected: 6.0(2)A6(5a) Affected: 7.0(3)F2(1) Affected: 7.0(3)I4(8a) Affected: 6.0(2)U6(9) Affected: 7.0(3)F3(2) Affected: 6.0(2)U6(2a) Affected: 7.0(3)I4(4) Affected: 6.0(2)U6(3) Affected: 7.0(3)I7(1) Affected: 7.0(3)F2(2) Affected: 7.0(3)IA7(2) Affected: 7.0(3)IA7(1) Affected: 6.0(2)A8(7b) Affected: 7.0(3)F1(1) Affected: 6.0(2)A6(1a) Affected: 6.0(2)A6(2) Affected: 6.0(2)A8(4a) Affected: 6.0(2)U6(4) Affected: 9.3(3) Affected: 7.0(3)I7(8) Affected: 6.0(2)U6(10a) Affected: 9.3(4) Affected: 9.3(5) Affected: 7.0(3)I7(9) Affected: 9.3(6) Affected: 10.1(2) Affected: 10.1(1) Affected: 9.3(5w) Affected: 9.3(7) Affected: 9.3(7k) Affected: 7.0(3)I7(9w) Affected: 10.2(1) Affected: 9.3(7a) Affected: 9.3(8) Affected: 7.0(3)I7(10) Affected: 10.2(1q) Affected: 10.2(2) Affected: 9.3(9) Affected: 10.1(2t) Affected: 10.2(3) Affected: 10.2(3t) Affected: 9.3(10) Affected: 10.2(2a) Affected: 10.3(1) Affected: 10.2(4) Affected: 10.3(2) Affected: 9.3(11) Affected: 10.3(3) Affected: 10.2(5) Affected: 9.3(12) Affected: 10.2(3v) Affected: 10.4(1) Affected: 10.3(99w) Affected: 10.2(6) Affected: 10.3(3w) Affected: 10.3(99x) Affected: 10.3(3o) Affected: 10.3(4) Affected: 10.3(3p) Affected: 10.3(4a) Affected: 10.4(2) Affected: 10.3(3q) Affected: 9.3(13) Affected: 10.3(5) Affected: 10.2(7) Affected: 10.4(3) Affected: 10.3(3x) Affected: 10.3(4g) Affected: 10.3(3r) |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:cisco:nx-os:9.2\\(3\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i5\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(7a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(5\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(6\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(3\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.2\\(2v\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(5b\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(7\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(1a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(8\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)im3\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(5a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(11\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(4a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.2\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.2\\(2t\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.2\\(3y\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(1t\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(5c\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(4\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(6z\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(3\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(6\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(3z\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)im7\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(11b\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(5a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i6\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(10\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)im3\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(8\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i5\\(3b\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(2a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(7\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.2\\(4\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)im3\\(2a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(10\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)ic4\\(4\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(3\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(5b\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(3c\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(5\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(5\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(7\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(5\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)im3\\(2b\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(4a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i5\\(3\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(3\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(6\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i6\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(5\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(8\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)im3\\(3\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(7\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(6\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(3a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(11a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(8z\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(9\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(4\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(7\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(9\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(6\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(10a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i5\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(1z\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.2\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(4\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(8b\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(3\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(6t\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i5\\(3a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(8\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(5\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(3a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(4\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(3a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(5a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f2\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(8a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(9\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(2a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(4\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(3\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f2\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)ia7\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)ia7\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(7b\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(1a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(4a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(4\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(3\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(8\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(10a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(4\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(5\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(9\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(6\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.1\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(5w\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(7\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(7k\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(9w\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.2\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(7a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(8\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(10\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.2\\(1q\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.2\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(9\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.1\\(2t\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.2\\(3\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.2\\(3t\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(10\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.2\\(2a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.3\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.2\\(4\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.3\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(11\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.3\\(3\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.2\\(5\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(12\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.2\\(3v\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.4\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.3\\(99w\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.2\\(6\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.3\\(3w\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.3\\(99x\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.3\\(3o\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.3\\(4\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.3\\(3p\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.3\\(4a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.4\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.3\\(3q\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(13\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.2\\(7\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.3\\(3x\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.3\\(4g\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.3\\(3r\\):*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "nx-os",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "9.2\\(3\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i5\\(2\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a8\\(7a\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i4\\(5\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a6\\(1\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i4\\(6\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i4\\(3\\)"
},
{
"status": "affected",
"version": "9.2\\(2v\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a6\\(5b\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i4\\(7\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)u6\\(1a\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i4\\(1\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i4\\(8\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i4\\(2\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)im3\\(1\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)u6\\(5a\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a8\\(11\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a6\\(4a\\)"
},
{
"status": "affected",
"version": "9.2\\(1\\)"
},
{
"status": "affected",
"version": "9.2\\(2t\\)"
},
{
"status": "affected",
"version": "9.2\\(3y\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i4\\(1t\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)u6\\(5c\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a6\\(4\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i7\\(6z\\)"
},
{
"status": "affected",
"version": "9.3\\(2\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)f3\\(3\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)u6\\(6\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i7\\(3z\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)im7\\(2\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a8\\(11b\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i7\\(5a\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i6\\(1\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)u6\\(10\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)im3\\(2\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a6\\(8\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)u6\\(1\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i5\\(3b\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a6\\(2a\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)u6\\(7\\)"
},
{
"status": "affected",
"version": "9.2\\(4\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)im3\\(2a\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a8\\(10\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a8\\(2\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)ic4\\(4\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a6\\(3\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)u6\\(5b\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)f3\\(3c\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)f3\\(1\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)u6\\(5\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)f3\\(5\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a6\\(7\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i7\\(2\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a6\\(5\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)im3\\(2b\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)u6\\(4a\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i5\\(3\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i7\\(3\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a8\\(6\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i6\\(2\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a8\\(5\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)u6\\(8\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)im3\\(3\\)"
},
{
"status": "affected",
"version": "9.3\\(1\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)u6\\(2\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a8\\(7\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i7\\(6\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)u6\\(3a\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a8\\(11a\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i4\\(8z\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i4\\(9\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i7\\(4\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i7\\(7\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a8\\(9\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a8\\(1\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a6\\(6\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a8\\(10a\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i5\\(1\\)"
},
{
"status": "affected",
"version": "9.3\\(1z\\)"
},
{
"status": "affected",
"version": "9.2\\(2\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)f3\\(4\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i4\\(8b\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a8\\(3\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i4\\(6t\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i5\\(3a\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a8\\(8\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i7\\(5\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)f3\\(3a\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a8\\(4\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a6\\(3a\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a6\\(5a\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)f2\\(1\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i4\\(8a\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)u6\\(9\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)f3\\(2\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)u6\\(2a\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i4\\(4\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)u6\\(3\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i7\\(1\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)f2\\(2\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)ia7\\(2\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)ia7\\(1\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a8\\(7b\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)f1\\(1\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a6\\(1a\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a6\\(2\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a8\\(4a\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)u6\\(4\\)"
},
{
"status": "affected",
"version": "9.3\\(3\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i7\\(8\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)u6\\(10a\\)"
},
{
"status": "affected",
"version": "9.3\\(4\\)"
},
{
"status": "affected",
"version": "9.3\\(5\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i7\\(9\\)"
},
{
"status": "affected",
"version": "9.3\\(6\\)"
},
{
"status": "affected",
"version": "10.1\\(2\\)"
},
{
"status": "affected",
"version": "10.1\\(1\\)"
},
{
"status": "affected",
"version": "9.3\\(5w\\)"
},
{
"status": "affected",
"version": "9.3\\(7\\)"
},
{
"status": "affected",
"version": "9.3\\(7k\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i7\\(9w\\)"
},
{
"status": "affected",
"version": "10.2\\(1\\)"
},
{
"status": "affected",
"version": "9.3\\(7a\\)"
},
{
"status": "affected",
"version": "9.3\\(8\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i7\\(10\\)"
},
{
"status": "affected",
"version": "10.2\\(1q\\)"
},
{
"status": "affected",
"version": "10.2\\(2\\)"
},
{
"status": "affected",
"version": "9.3\\(9\\)"
},
{
"status": "affected",
"version": "10.1\\(2t\\)"
},
{
"status": "affected",
"version": "10.2\\(3\\)"
},
{
"status": "affected",
"version": "10.2\\(3t\\)"
},
{
"status": "affected",
"version": "9.3\\(10\\)"
},
{
"status": "affected",
"version": "10.2\\(2a\\)"
},
{
"status": "affected",
"version": "10.3\\(1\\)"
},
{
"status": "affected",
"version": "10.2\\(4\\)"
},
{
"status": "affected",
"version": "10.3\\(2\\)"
},
{
"status": "affected",
"version": "9.3\\(11\\)"
},
{
"status": "affected",
"version": "10.3\\(3\\)"
},
{
"status": "affected",
"version": "10.2\\(5\\)"
},
{
"status": "affected",
"version": "9.3\\(12\\)"
},
{
"status": "affected",
"version": "10.2\\(3v\\)"
},
{
"status": "affected",
"version": "10.4\\(1\\)"
},
{
"status": "affected",
"version": "10.3\\(99w\\)"
},
{
"status": "affected",
"version": "10.2\\(6\\)"
},
{
"status": "affected",
"version": "10.3\\(3w\\)"
},
{
"status": "affected",
"version": "10.3\\(99x\\)"
},
{
"status": "affected",
"version": "10.3\\(3o\\)"
},
{
"status": "affected",
"version": "10.3\\(4\\)"
},
{
"status": "affected",
"version": "10.3\\(3p\\)"
},
{
"status": "affected",
"version": "10.3\\(4a\\)"
},
{
"status": "affected",
"version": "10.4\\(2\\)"
},
{
"status": "affected",
"version": "10.3\\(3q\\)"
},
{
"status": "affected",
"version": "9.3\\(13\\)"
},
{
"status": "affected",
"version": "10.2\\(7\\)"
},
{
"status": "affected",
"version": "10.3\\(3x\\)"
},
{
"status": "affected",
"version": "10.3\\(4g\\)"
},
{
"status": "affected",
"version": "10.3\\(3r\\)"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20413",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-29T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-30T03:56:03.888Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco NX-OS Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "9.2(3)"
},
{
"status": "affected",
"version": "7.0(3)I5(2)"
},
{
"status": "affected",
"version": "6.0(2)A8(7a)"
},
{
"status": "affected",
"version": "7.0(3)I4(5)"
},
{
"status": "affected",
"version": "6.0(2)A6(1)"
},
{
"status": "affected",
"version": "7.0(3)I4(6)"
},
{
"status": "affected",
"version": "7.0(3)I4(3)"
},
{
"status": "affected",
"version": "9.2(2v)"
},
{
"status": "affected",
"version": "6.0(2)A6(5b)"
},
{
"status": "affected",
"version": "7.0(3)I4(7)"
},
{
"status": "affected",
"version": "6.0(2)U6(1a)"
},
{
"status": "affected",
"version": "7.0(3)I4(1)"
},
{
"status": "affected",
"version": "7.0(3)I4(8)"
},
{
"status": "affected",
"version": "7.0(3)I4(2)"
},
{
"status": "affected",
"version": "7.0(3)IM3(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(5a)"
},
{
"status": "affected",
"version": "6.0(2)A8(11)"
},
{
"status": "affected",
"version": "6.0(2)A6(4a)"
},
{
"status": "affected",
"version": "9.2(1)"
},
{
"status": "affected",
"version": "9.2(2t)"
},
{
"status": "affected",
"version": "9.2(3y)"
},
{
"status": "affected",
"version": "7.0(3)I4(1t)"
},
{
"status": "affected",
"version": "6.0(2)U6(5c)"
},
{
"status": "affected",
"version": "6.0(2)A6(4)"
},
{
"status": "affected",
"version": "7.0(3)I7(6z)"
},
{
"status": "affected",
"version": "9.3(2)"
},
{
"status": "affected",
"version": "7.0(3)F3(3)"
},
{
"status": "affected",
"version": "6.0(2)U6(6)"
},
{
"status": "affected",
"version": "7.0(3)I7(3z)"
},
{
"status": "affected",
"version": "7.0(3)IM7(2)"
},
{
"status": "affected",
"version": "6.0(2)A8(11b)"
},
{
"status": "affected",
"version": "7.0(3)I7(5a)"
},
{
"status": "affected",
"version": "7.0(3)I6(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(10)"
},
{
"status": "affected",
"version": "7.0(3)IM3(2)"
},
{
"status": "affected",
"version": "6.0(2)A6(8)"
},
{
"status": "affected",
"version": "6.0(2)U6(1)"
},
{
"status": "affected",
"version": "7.0(3)I5(3b)"
},
{
"status": "affected",
"version": "6.0(2)A6(2a)"
},
{
"status": "affected",
"version": "6.0(2)U6(7)"
},
{
"status": "affected",
"version": "9.2(4)"
},
{
"status": "affected",
"version": "7.0(3)IM3(2a)"
},
{
"status": "affected",
"version": "6.0(2)A8(10)"
},
{
"status": "affected",
"version": "6.0(2)A8(2)"
},
{
"status": "affected",
"version": "7.0(3)IC4(4)"
},
{
"status": "affected",
"version": "6.0(2)A6(3)"
},
{
"status": "affected",
"version": "6.0(2)U6(5b)"
},
{
"status": "affected",
"version": "7.0(3)F3(3c)"
},
{
"status": "affected",
"version": "7.0(3)F3(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(5)"
},
{
"status": "affected",
"version": "7.0(3)F3(5)"
},
{
"status": "affected",
"version": "6.0(2)A6(7)"
},
{
"status": "affected",
"version": "7.0(3)I7(2)"
},
{
"status": "affected",
"version": "6.0(2)A6(5)"
},
{
"status": "affected",
"version": "7.0(3)IM3(2b)"
},
{
"status": "affected",
"version": "6.0(2)U6(4a)"
},
{
"status": "affected",
"version": "7.0(3)I5(3)"
},
{
"status": "affected",
"version": "7.0(3)I7(3)"
},
{
"status": "affected",
"version": "6.0(2)A8(6)"
},
{
"status": "affected",
"version": "7.0(3)I6(2)"
},
{
"status": "affected",
"version": "6.0(2)A8(5)"
},
{
"status": "affected",
"version": "6.0(2)U6(8)"
},
{
"status": "affected",
"version": "7.0(3)IM3(3)"
},
{
"status": "affected",
"version": "9.3(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(2)"
},
{
"status": "affected",
"version": "6.0(2)A8(7)"
},
{
"status": "affected",
"version": "7.0(3)I7(6)"
},
{
"status": "affected",
"version": "6.0(2)U6(3a)"
},
{
"status": "affected",
"version": "6.0(2)A8(11a)"
},
{
"status": "affected",
"version": "7.0(3)I4(8z)"
},
{
"status": "affected",
"version": "7.0(3)I4(9)"
},
{
"status": "affected",
"version": "7.0(3)I7(4)"
},
{
"status": "affected",
"version": "7.0(3)I7(7)"
},
{
"status": "affected",
"version": "6.0(2)A8(9)"
},
{
"status": "affected",
"version": "6.0(2)A8(1)"
},
{
"status": "affected",
"version": "6.0(2)A6(6)"
},
{
"status": "affected",
"version": "6.0(2)A8(10a)"
},
{
"status": "affected",
"version": "7.0(3)I5(1)"
},
{
"status": "affected",
"version": "9.3(1z)"
},
{
"status": "affected",
"version": "9.2(2)"
},
{
"status": "affected",
"version": "7.0(3)F3(4)"
},
{
"status": "affected",
"version": "7.0(3)I4(8b)"
},
{
"status": "affected",
"version": "6.0(2)A8(3)"
},
{
"status": "affected",
"version": "7.0(3)I4(6t)"
},
{
"status": "affected",
"version": "7.0(3)I5(3a)"
},
{
"status": "affected",
"version": "6.0(2)A8(8)"
},
{
"status": "affected",
"version": "7.0(3)I7(5)"
},
{
"status": "affected",
"version": "7.0(3)F3(3a)"
},
{
"status": "affected",
"version": "6.0(2)A8(4)"
},
{
"status": "affected",
"version": "6.0(2)A6(3a)"
},
{
"status": "affected",
"version": "6.0(2)A6(5a)"
},
{
"status": "affected",
"version": "7.0(3)F2(1)"
},
{
"status": "affected",
"version": "7.0(3)I4(8a)"
},
{
"status": "affected",
"version": "6.0(2)U6(9)"
},
{
"status": "affected",
"version": "7.0(3)F3(2)"
},
{
"status": "affected",
"version": "6.0(2)U6(2a)"
},
{
"status": "affected",
"version": "7.0(3)I4(4)"
},
{
"status": "affected",
"version": "6.0(2)U6(3)"
},
{
"status": "affected",
"version": "7.0(3)I7(1)"
},
{
"status": "affected",
"version": "7.0(3)F2(2)"
},
{
"status": "affected",
"version": "7.0(3)IA7(2)"
},
{
"status": "affected",
"version": "7.0(3)IA7(1)"
},
{
"status": "affected",
"version": "6.0(2)A8(7b)"
},
{
"status": "affected",
"version": "7.0(3)F1(1)"
},
{
"status": "affected",
"version": "6.0(2)A6(1a)"
},
{
"status": "affected",
"version": "6.0(2)A6(2)"
},
{
"status": "affected",
"version": "6.0(2)A8(4a)"
},
{
"status": "affected",
"version": "6.0(2)U6(4)"
},
{
"status": "affected",
"version": "9.3(3)"
},
{
"status": "affected",
"version": "7.0(3)I7(8)"
},
{
"status": "affected",
"version": "6.0(2)U6(10a)"
},
{
"status": "affected",
"version": "9.3(4)"
},
{
"status": "affected",
"version": "9.3(5)"
},
{
"status": "affected",
"version": "7.0(3)I7(9)"
},
{
"status": "affected",
"version": "9.3(6)"
},
{
"status": "affected",
"version": "10.1(2)"
},
{
"status": "affected",
"version": "10.1(1)"
},
{
"status": "affected",
"version": "9.3(5w)"
},
{
"status": "affected",
"version": "9.3(7)"
},
{
"status": "affected",
"version": "9.3(7k)"
},
{
"status": "affected",
"version": "7.0(3)I7(9w)"
},
{
"status": "affected",
"version": "10.2(1)"
},
{
"status": "affected",
"version": "9.3(7a)"
},
{
"status": "affected",
"version": "9.3(8)"
},
{
"status": "affected",
"version": "7.0(3)I7(10)"
},
{
"status": "affected",
"version": "10.2(1q)"
},
{
"status": "affected",
"version": "10.2(2)"
},
{
"status": "affected",
"version": "9.3(9)"
},
{
"status": "affected",
"version": "10.1(2t)"
},
{
"status": "affected",
"version": "10.2(3)"
},
{
"status": "affected",
"version": "10.2(3t)"
},
{
"status": "affected",
"version": "9.3(10)"
},
{
"status": "affected",
"version": "10.2(2a)"
},
{
"status": "affected",
"version": "10.3(1)"
},
{
"status": "affected",
"version": "10.2(4)"
},
{
"status": "affected",
"version": "10.3(2)"
},
{
"status": "affected",
"version": "9.3(11)"
},
{
"status": "affected",
"version": "10.3(3)"
},
{
"status": "affected",
"version": "10.2(5)"
},
{
"status": "affected",
"version": "9.3(12)"
},
{
"status": "affected",
"version": "10.2(3v)"
},
{
"status": "affected",
"version": "10.4(1)"
},
{
"status": "affected",
"version": "10.3(99w)"
},
{
"status": "affected",
"version": "10.2(6)"
},
{
"status": "affected",
"version": "10.3(3w)"
},
{
"status": "affected",
"version": "10.3(99x)"
},
{
"status": "affected",
"version": "10.3(3o)"
},
{
"status": "affected",
"version": "10.3(4)"
},
{
"status": "affected",
"version": "10.3(3p)"
},
{
"status": "affected",
"version": "10.3(4a)"
},
{
"status": "affected",
"version": "10.4(2)"
},
{
"status": "affected",
"version": "10.3(3q)"
},
{
"status": "affected",
"version": "9.3(13)"
},
{
"status": "affected",
"version": "10.3(5)"
},
{
"status": "affected",
"version": "10.2(7)"
},
{
"status": "affected",
"version": "10.4(3)"
},
{
"status": "affected",
"version": "10.3(3x)"
},
{
"status": "affected",
"version": "10.3(4g)"
},
{
"status": "affected",
"version": "10.3(3r)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco NX-OS Software could allow an authenticated, local attacker with privileges to access the Bash shell to elevate privileges to network-admin on an affected device.\r\n\r\nThis vulnerability is due to insufficient security restrictions when executing application arguments from the Bash shell. An attacker with privileges to access the Bash shell could exploit this vulnerability by executing crafted commands on the underlying operating system. A successful exploit could allow the attacker to create new users with the privileges of network-admin."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "Missing Authorization",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T16:27:29.365Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-nxos-bshacepe-bApeHSx7",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-bshacepe-bApeHSx7"
}
],
"source": {
"advisory": "cisco-sa-nxos-bshacepe-bApeHSx7",
"defects": [
"CSCwh77783"
],
"discovery": "INTERNAL"
},
"title": "Cisco NX-OS Bash Privilege Escalation Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20413",
"datePublished": "2024-08-28T16:27:29.365Z",
"dateReserved": "2023-11-08T15:08:07.663Z",
"dateUpdated": "2024-08-30T03:56:03.888Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20286 (GCVE-0-2024-20286)
Vulnerability from cvelistv5 – Published: 2024-08-28 16:37 – Updated: 2024-08-28 17:23
VLAI?
EPSS
Title
Cisco NX-OS Software Python Parser Escape Vulnerability
Summary
A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device.
The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by manipulating specific functions within the Python interpreter. A successful exploit could allow an attacker to escape the Python sandbox and execute arbitrary commands on the underlying operating system with the privileges of the authenticated user.
Note: An attacker must be authenticated with Python execution privileges to exploit these vulnerabilities. For more information regarding Python execution privileges, see product-specific documentation, such as the section of the Cisco Nexus 9000 Series NX-OS Programmability Guide.
Severity ?
5.3 (Medium)
CWE
- CWE-693 - Protection Mechanism Failure
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Affected:
8.2(5)
Affected: 7.3(5)D1(1) Affected: 8.4(2) Affected: 6.2(2) Affected: 8.4(3) Affected: 9.2(3) Affected: 7.0(3)I5(2) Affected: 8.2(1) Affected: 6.0(2)A8(7a) Affected: 7.0(3)I4(5) Affected: 6.0(2)A6(1) Affected: 7.3(1)D1(1) Affected: 6.2(14a) Affected: 7.0(3)I4(6) Affected: 7.0(3)I4(3) Affected: 9.2(2v) Affected: 6.0(2)A6(5b) Affected: 7.3(0)D1(1) Affected: 6.2(17a) Affected: 7.0(3)I4(7) Affected: 6.0(2)U6(1a) Affected: 7.0(3)I4(1) Affected: 7.0(3)I4(8) Affected: 7.0(3)I4(2) Affected: 7.0(3)IM3(1) Affected: 6.0(2)U6(5a) Affected: 6.0(2)A8(11) Affected: 6.0(2)A6(4a) Affected: 6.2(9) Affected: 6.2(5) Affected: 7.3(4)D1(1) Affected: 6.2(20) Affected: 9.2(1) Affected: 9.2(2t) Affected: 9.2(3y) Affected: 7.0(3)I4(1t) Affected: 6.0(2)U6(5c) Affected: 6.0(2)A6(4) Affected: 7.0(3)I7(6z) Affected: 9.3(2) Affected: 7.3(1)DY(1) Affected: 7.0(3)F3(3) Affected: 6.0(2)U6(6) Affected: 6.2(29) Affected: 7.0(3)I7(3z) Affected: 7.0(3)IM7(2) Affected: 6.0(2)A8(11b) Affected: 6.2(9a) Affected: 7.0(3)I7(5a) Affected: 6.2(11d) Affected: 8.1(1) Affected: 7.0(3)I6(1) Affected: 6.0(2)U6(10) Affected: 7.2(2)D1(2) Affected: 7.0(3)IM3(2) Affected: 6.0(2)A6(8) Affected: 8.2(2) Affected: 6.0(2)U6(1) Affected: 7.0(3)I5(3b) Affected: 8.3(2) Affected: 6.0(2)A6(2a) Affected: 6.2(27) Affected: 7.3(2)D1(3a) Affected: 6.0(2)U6(7) Affected: 9.2(4) Affected: 7.0(3)IM3(2a) Affected: 6.2(8b) Affected: 6.0(2)A8(10) Affected: 6.2(13) Affected: 6.0(2)A8(2) Affected: 7.0(3)IC4(4) Affected: 6.2(1) Affected: 8.1(2) Affected: 6.0(2)A6(3) Affected: 6.0(2)U6(5b) Affected: 7.0(3)F3(3c) Affected: 7.3(3)D1(1) Affected: 7.0(3)F3(1) Affected: 6.0(2)U6(5) Affected: 7.0(3)F3(5) Affected: 8.2(3) Affected: 6.0(2)A6(7) Affected: 7.0(3)I7(2) Affected: 6.2(5a) Affected: 6.2(18) Affected: 6.0(2)A6(5) Affected: 7.0(3)IM3(2b) Affected: 6.0(2)U6(4a) Affected: 7.0(3)I5(3) Affected: 7.0(3)I7(3) Affected: 6.0(2)A8(6) Affected: 7.0(3)I6(2) Affected: 8.3(1) Affected: 6.2(3) Affected: 6.2(22) Affected: 8.4(1) Affected: 8.1(1b) Affected: 7.2(2)D1(4) Affected: 6.0(2)A8(5) Affected: 7.3(0)DX(1) Affected: 7.3(2)D1(1) Affected: 6.0(2)U6(8) Affected: 7.0(3)IM3(3) Affected: 9.3(1) Affected: 6.0(2)U6(2) Affected: 6.2(9b) Affected: 6.0(2)A8(7) Affected: 7.0(3)I7(6) Affected: 7.3(2)D1(2) Affected: 6.2(25) Affected: 6.0(2)U6(3a) Affected: 8.0(1) Affected: 6.0(2)A8(11a) Affected: 6.2(11e) Affected: 7.0(3)I4(8z) Affected: 6.2(11) Affected: 7.0(3)I4(9) Affected: 6.2(16) Affected: 6.2(19) Affected: 8.2(4) Affected: 6.2(2a) Affected: 7.2(2)D1(3) Affected: 7.0(3)I7(4) Affected: 7.0(3)I7(7) Affected: 6.2(5b) Affected: 7.3(0)DY(1) Affected: 6.0(2)A8(9) Affected: 6.0(2)A8(1) Affected: 7.2(1)D1(1) Affected: 6.2(15) Affected: 6.0(2)A6(6) Affected: 6.0(2)A8(10a) Affected: 7.0(3)I5(1) Affected: 9.3(1z) Affected: 9.2(2) Affected: 6.2(7) Affected: 6.2(9c) Affected: 7.0(3)F3(4) Affected: 6.2(6b) Affected: 7.0(3)I4(8b) Affected: 8.1(2a) Affected: 7.3(2)D1(3) Affected: 6.2(8) Affected: 6.0(2)A8(3) Affected: 6.2(11b) Affected: 7.0(3)I4(6t) Affected: 7.0(3)I5(3a) Affected: 8.1(1a) Affected: 6.2(13a) Affected: 6.0(2)A8(8) Affected: 7.0(3)I7(5) Affected: 7.0(3)F3(3a) Affected: 6.0(2)A8(4) Affected: 6.0(2)A6(3a) Affected: 6.0(2)A6(5a) Affected: 7.0(3)F2(1) Affected: 7.0(3)I4(8a) Affected: 6.0(2)U6(9) Affected: 7.0(3)F3(2) Affected: 6.0(2)U6(2a) Affected: 6.2(12) Affected: 6.2(17) Affected: 7.0(3)I4(4) Affected: 6.2(23) Affected: 6.2(13b) Affected: 6.0(2)U6(3) Affected: 6.2(10) Affected: 6.2(6a) Affected: 6.2(6) Affected: 6.2(14) Affected: 7.0(3)I7(1) Affected: 6.2(14b) Affected: 6.2(21) Affected: 7.2(2)D1(1) Affected: 7.0(3)F2(2) Affected: 7.0(3)IA7(2) Affected: 7.0(3)IA7(1) Affected: 6.0(2)A8(7b) Affected: 6.2(8a) Affected: 6.2(11c) Affected: 7.0(3)F1(1) Affected: 6.0(2)A6(1a) Affected: 7.2(0)D1(1) Affected: 6.0(2)A6(2) Affected: 6.0(2)A8(4a) Affected: 6.2(20a) Affected: 6.0(2)U6(4) Affected: 8.4(1a) Affected: 9.3(3) Affected: 7.3(2)D1(1d) Affected: 6.2(24) Affected: 6.2(31) Affected: 7.0(3)I7(8) Affected: 6.0(2)U6(10a) Affected: 9.3(4) Affected: 7.3(6)D1(1) Affected: 6.2(26) Affected: 8.2(6) Affected: 6.2(33) Affected: 9.3(5) Affected: 8.4(2a) Affected: 8.4(2b) Affected: 7.0(3)I7(9) Affected: 6.2(24a) Affected: 8.5(1) Affected: 9.3(6) Affected: 10.1(2) Affected: 10.1(1) Affected: 8.4(4) Affected: 7.3(7)D1(1) Affected: 8.4(2c) Affected: 9.3(5w) Affected: 8.2(7) Affected: 9.3(7) Affected: 9.3(7k) Affected: 7.0(3)I7(9w) Affected: 10.2(1) Affected: 7.3(8)D1(1) Affected: 9.3(7a) Affected: 8.2(7a) Affected: 9.3(8) Affected: 8.4(4a) Affected: 8.4(2d) Affected: 8.4(5) Affected: 7.0(3)I7(10) Affected: 8.2(8) Affected: 10.2(1q) Affected: 10.2(2) Affected: 9.3(9) Affected: 10.1(2t) Affected: 7.3(9)D1(1) Affected: 10.2(3) Affected: 8.4(6) Affected: 10.2(3t) Affected: 8.4(2e) Affected: 9.3(10) Affected: 10.2(2a) Affected: 9.2(1a) Affected: 8.2(9) Affected: 10.3(1) Affected: 10.2(4) Affected: 8.4(7) Affected: 10.3(2) Affected: 8.4(6a) Affected: 9.3(11) Affected: 10.3(3) Affected: 10.2(5) Affected: 9.4(1) Affected: 9.3(2a) Affected: 8.4(2f) Affected: 8.2(10) Affected: 9.3(12) Affected: 10.2(3v) Affected: 10.4(1) Affected: 8.4(8) Affected: 10.3(99w) Affected: 10.2(6) Affected: 10.3(3w) Affected: 10.3(99x) Affected: 10.3(3o) Affected: 8.4(9) Affected: 10.3(4) Affected: 10.3(3p) Affected: 10.3(4a) Affected: 9.4(1a) Affected: 10.4(2) Affected: 10.3(3q) Affected: 9.3(13) Affected: 10.2(7) Affected: 10.3(3x) Affected: 10.3(4g) Affected: 10.3(3r) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20286",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-28T17:23:47.624528Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T17:23:56.426Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco NX-OS Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "8.2(5)"
},
{
"status": "affected",
"version": "7.3(5)D1(1)"
},
{
"status": "affected",
"version": "8.4(2)"
},
{
"status": "affected",
"version": "6.2(2)"
},
{
"status": "affected",
"version": "8.4(3)"
},
{
"status": "affected",
"version": "9.2(3)"
},
{
"status": "affected",
"version": "7.0(3)I5(2)"
},
{
"status": "affected",
"version": "8.2(1)"
},
{
"status": "affected",
"version": "6.0(2)A8(7a)"
},
{
"status": "affected",
"version": "7.0(3)I4(5)"
},
{
"status": "affected",
"version": "6.0(2)A6(1)"
},
{
"status": "affected",
"version": "7.3(1)D1(1)"
},
{
"status": "affected",
"version": "6.2(14a)"
},
{
"status": "affected",
"version": "7.0(3)I4(6)"
},
{
"status": "affected",
"version": "7.0(3)I4(3)"
},
{
"status": "affected",
"version": "9.2(2v)"
},
{
"status": "affected",
"version": "6.0(2)A6(5b)"
},
{
"status": "affected",
"version": "7.3(0)D1(1)"
},
{
"status": "affected",
"version": "6.2(17a)"
},
{
"status": "affected",
"version": "7.0(3)I4(7)"
},
{
"status": "affected",
"version": "6.0(2)U6(1a)"
},
{
"status": "affected",
"version": "7.0(3)I4(1)"
},
{
"status": "affected",
"version": "7.0(3)I4(8)"
},
{
"status": "affected",
"version": "7.0(3)I4(2)"
},
{
"status": "affected",
"version": "7.0(3)IM3(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(5a)"
},
{
"status": "affected",
"version": "6.0(2)A8(11)"
},
{
"status": "affected",
"version": "6.0(2)A6(4a)"
},
{
"status": "affected",
"version": "6.2(9)"
},
{
"status": "affected",
"version": "6.2(5)"
},
{
"status": "affected",
"version": "7.3(4)D1(1)"
},
{
"status": "affected",
"version": "6.2(20)"
},
{
"status": "affected",
"version": "9.2(1)"
},
{
"status": "affected",
"version": "9.2(2t)"
},
{
"status": "affected",
"version": "9.2(3y)"
},
{
"status": "affected",
"version": "7.0(3)I4(1t)"
},
{
"status": "affected",
"version": "6.0(2)U6(5c)"
},
{
"status": "affected",
"version": "6.0(2)A6(4)"
},
{
"status": "affected",
"version": "7.0(3)I7(6z)"
},
{
"status": "affected",
"version": "9.3(2)"
},
{
"status": "affected",
"version": "7.3(1)DY(1)"
},
{
"status": "affected",
"version": "7.0(3)F3(3)"
},
{
"status": "affected",
"version": "6.0(2)U6(6)"
},
{
"status": "affected",
"version": "6.2(29)"
},
{
"status": "affected",
"version": "7.0(3)I7(3z)"
},
{
"status": "affected",
"version": "7.0(3)IM7(2)"
},
{
"status": "affected",
"version": "6.0(2)A8(11b)"
},
{
"status": "affected",
"version": "6.2(9a)"
},
{
"status": "affected",
"version": "7.0(3)I7(5a)"
},
{
"status": "affected",
"version": "6.2(11d)"
},
{
"status": "affected",
"version": "8.1(1)"
},
{
"status": "affected",
"version": "7.0(3)I6(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(10)"
},
{
"status": "affected",
"version": "7.2(2)D1(2)"
},
{
"status": "affected",
"version": "7.0(3)IM3(2)"
},
{
"status": "affected",
"version": "6.0(2)A6(8)"
},
{
"status": "affected",
"version": "8.2(2)"
},
{
"status": "affected",
"version": "6.0(2)U6(1)"
},
{
"status": "affected",
"version": "7.0(3)I5(3b)"
},
{
"status": "affected",
"version": "8.3(2)"
},
{
"status": "affected",
"version": "6.0(2)A6(2a)"
},
{
"status": "affected",
"version": "6.2(27)"
},
{
"status": "affected",
"version": "7.3(2)D1(3a)"
},
{
"status": "affected",
"version": "6.0(2)U6(7)"
},
{
"status": "affected",
"version": "9.2(4)"
},
{
"status": "affected",
"version": "7.0(3)IM3(2a)"
},
{
"status": "affected",
"version": "6.2(8b)"
},
{
"status": "affected",
"version": "6.0(2)A8(10)"
},
{
"status": "affected",
"version": "6.2(13)"
},
{
"status": "affected",
"version": "6.0(2)A8(2)"
},
{
"status": "affected",
"version": "7.0(3)IC4(4)"
},
{
"status": "affected",
"version": "6.2(1)"
},
{
"status": "affected",
"version": "8.1(2)"
},
{
"status": "affected",
"version": "6.0(2)A6(3)"
},
{
"status": "affected",
"version": "6.0(2)U6(5b)"
},
{
"status": "affected",
"version": "7.0(3)F3(3c)"
},
{
"status": "affected",
"version": "7.3(3)D1(1)"
},
{
"status": "affected",
"version": "7.0(3)F3(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(5)"
},
{
"status": "affected",
"version": "7.0(3)F3(5)"
},
{
"status": "affected",
"version": "8.2(3)"
},
{
"status": "affected",
"version": "6.0(2)A6(7)"
},
{
"status": "affected",
"version": "7.0(3)I7(2)"
},
{
"status": "affected",
"version": "6.2(5a)"
},
{
"status": "affected",
"version": "6.2(18)"
},
{
"status": "affected",
"version": "6.0(2)A6(5)"
},
{
"status": "affected",
"version": "7.0(3)IM3(2b)"
},
{
"status": "affected",
"version": "6.0(2)U6(4a)"
},
{
"status": "affected",
"version": "7.0(3)I5(3)"
},
{
"status": "affected",
"version": "7.0(3)I7(3)"
},
{
"status": "affected",
"version": "6.0(2)A8(6)"
},
{
"status": "affected",
"version": "7.0(3)I6(2)"
},
{
"status": "affected",
"version": "8.3(1)"
},
{
"status": "affected",
"version": "6.2(3)"
},
{
"status": "affected",
"version": "6.2(22)"
},
{
"status": "affected",
"version": "8.4(1)"
},
{
"status": "affected",
"version": "8.1(1b)"
},
{
"status": "affected",
"version": "7.2(2)D1(4)"
},
{
"status": "affected",
"version": "6.0(2)A8(5)"
},
{
"status": "affected",
"version": "7.3(0)DX(1)"
},
{
"status": "affected",
"version": "7.3(2)D1(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(8)"
},
{
"status": "affected",
"version": "7.0(3)IM3(3)"
},
{
"status": "affected",
"version": "9.3(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(2)"
},
{
"status": "affected",
"version": "6.2(9b)"
},
{
"status": "affected",
"version": "6.0(2)A8(7)"
},
{
"status": "affected",
"version": "7.0(3)I7(6)"
},
{
"status": "affected",
"version": "7.3(2)D1(2)"
},
{
"status": "affected",
"version": "6.2(25)"
},
{
"status": "affected",
"version": "6.0(2)U6(3a)"
},
{
"status": "affected",
"version": "8.0(1)"
},
{
"status": "affected",
"version": "6.0(2)A8(11a)"
},
{
"status": "affected",
"version": "6.2(11e)"
},
{
"status": "affected",
"version": "7.0(3)I4(8z)"
},
{
"status": "affected",
"version": "6.2(11)"
},
{
"status": "affected",
"version": "7.0(3)I4(9)"
},
{
"status": "affected",
"version": "6.2(16)"
},
{
"status": "affected",
"version": "6.2(19)"
},
{
"status": "affected",
"version": "8.2(4)"
},
{
"status": "affected",
"version": "6.2(2a)"
},
{
"status": "affected",
"version": "7.2(2)D1(3)"
},
{
"status": "affected",
"version": "7.0(3)I7(4)"
},
{
"status": "affected",
"version": "7.0(3)I7(7)"
},
{
"status": "affected",
"version": "6.2(5b)"
},
{
"status": "affected",
"version": "7.3(0)DY(1)"
},
{
"status": "affected",
"version": "6.0(2)A8(9)"
},
{
"status": "affected",
"version": "6.0(2)A8(1)"
},
{
"status": "affected",
"version": "7.2(1)D1(1)"
},
{
"status": "affected",
"version": "6.2(15)"
},
{
"status": "affected",
"version": "6.0(2)A6(6)"
},
{
"status": "affected",
"version": "6.0(2)A8(10a)"
},
{
"status": "affected",
"version": "7.0(3)I5(1)"
},
{
"status": "affected",
"version": "9.3(1z)"
},
{
"status": "affected",
"version": "9.2(2)"
},
{
"status": "affected",
"version": "6.2(7)"
},
{
"status": "affected",
"version": "6.2(9c)"
},
{
"status": "affected",
"version": "7.0(3)F3(4)"
},
{
"status": "affected",
"version": "6.2(6b)"
},
{
"status": "affected",
"version": "7.0(3)I4(8b)"
},
{
"status": "affected",
"version": "8.1(2a)"
},
{
"status": "affected",
"version": "7.3(2)D1(3)"
},
{
"status": "affected",
"version": "6.2(8)"
},
{
"status": "affected",
"version": "6.0(2)A8(3)"
},
{
"status": "affected",
"version": "6.2(11b)"
},
{
"status": "affected",
"version": "7.0(3)I4(6t)"
},
{
"status": "affected",
"version": "7.0(3)I5(3a)"
},
{
"status": "affected",
"version": "8.1(1a)"
},
{
"status": "affected",
"version": "6.2(13a)"
},
{
"status": "affected",
"version": "6.0(2)A8(8)"
},
{
"status": "affected",
"version": "7.0(3)I7(5)"
},
{
"status": "affected",
"version": "7.0(3)F3(3a)"
},
{
"status": "affected",
"version": "6.0(2)A8(4)"
},
{
"status": "affected",
"version": "6.0(2)A6(3a)"
},
{
"status": "affected",
"version": "6.0(2)A6(5a)"
},
{
"status": "affected",
"version": "7.0(3)F2(1)"
},
{
"status": "affected",
"version": "7.0(3)I4(8a)"
},
{
"status": "affected",
"version": "6.0(2)U6(9)"
},
{
"status": "affected",
"version": "7.0(3)F3(2)"
},
{
"status": "affected",
"version": "6.0(2)U6(2a)"
},
{
"status": "affected",
"version": "6.2(12)"
},
{
"status": "affected",
"version": "6.2(17)"
},
{
"status": "affected",
"version": "7.0(3)I4(4)"
},
{
"status": "affected",
"version": "6.2(23)"
},
{
"status": "affected",
"version": "6.2(13b)"
},
{
"status": "affected",
"version": "6.0(2)U6(3)"
},
{
"status": "affected",
"version": "6.2(10)"
},
{
"status": "affected",
"version": "6.2(6a)"
},
{
"status": "affected",
"version": "6.2(6)"
},
{
"status": "affected",
"version": "6.2(14)"
},
{
"status": "affected",
"version": "7.0(3)I7(1)"
},
{
"status": "affected",
"version": "6.2(14b)"
},
{
"status": "affected",
"version": "6.2(21)"
},
{
"status": "affected",
"version": "7.2(2)D1(1)"
},
{
"status": "affected",
"version": "7.0(3)F2(2)"
},
{
"status": "affected",
"version": "7.0(3)IA7(2)"
},
{
"status": "affected",
"version": "7.0(3)IA7(1)"
},
{
"status": "affected",
"version": "6.0(2)A8(7b)"
},
{
"status": "affected",
"version": "6.2(8a)"
},
{
"status": "affected",
"version": "6.2(11c)"
},
{
"status": "affected",
"version": "7.0(3)F1(1)"
},
{
"status": "affected",
"version": "6.0(2)A6(1a)"
},
{
"status": "affected",
"version": "7.2(0)D1(1)"
},
{
"status": "affected",
"version": "6.0(2)A6(2)"
},
{
"status": "affected",
"version": "6.0(2)A8(4a)"
},
{
"status": "affected",
"version": "6.2(20a)"
},
{
"status": "affected",
"version": "6.0(2)U6(4)"
},
{
"status": "affected",
"version": "8.4(1a)"
},
{
"status": "affected",
"version": "9.3(3)"
},
{
"status": "affected",
"version": "7.3(2)D1(1d)"
},
{
"status": "affected",
"version": "6.2(24)"
},
{
"status": "affected",
"version": "6.2(31)"
},
{
"status": "affected",
"version": "7.0(3)I7(8)"
},
{
"status": "affected",
"version": "6.0(2)U6(10a)"
},
{
"status": "affected",
"version": "9.3(4)"
},
{
"status": "affected",
"version": "7.3(6)D1(1)"
},
{
"status": "affected",
"version": "6.2(26)"
},
{
"status": "affected",
"version": "8.2(6)"
},
{
"status": "affected",
"version": "6.2(33)"
},
{
"status": "affected",
"version": "9.3(5)"
},
{
"status": "affected",
"version": "8.4(2a)"
},
{
"status": "affected",
"version": "8.4(2b)"
},
{
"status": "affected",
"version": "7.0(3)I7(9)"
},
{
"status": "affected",
"version": "6.2(24a)"
},
{
"status": "affected",
"version": "8.5(1)"
},
{
"status": "affected",
"version": "9.3(6)"
},
{
"status": "affected",
"version": "10.1(2)"
},
{
"status": "affected",
"version": "10.1(1)"
},
{
"status": "affected",
"version": "8.4(4)"
},
{
"status": "affected",
"version": "7.3(7)D1(1)"
},
{
"status": "affected",
"version": "8.4(2c)"
},
{
"status": "affected",
"version": "9.3(5w)"
},
{
"status": "affected",
"version": "8.2(7)"
},
{
"status": "affected",
"version": "9.3(7)"
},
{
"status": "affected",
"version": "9.3(7k)"
},
{
"status": "affected",
"version": "7.0(3)I7(9w)"
},
{
"status": "affected",
"version": "10.2(1)"
},
{
"status": "affected",
"version": "7.3(8)D1(1)"
},
{
"status": "affected",
"version": "9.3(7a)"
},
{
"status": "affected",
"version": "8.2(7a)"
},
{
"status": "affected",
"version": "9.3(8)"
},
{
"status": "affected",
"version": "8.4(4a)"
},
{
"status": "affected",
"version": "8.4(2d)"
},
{
"status": "affected",
"version": "8.4(5)"
},
{
"status": "affected",
"version": "7.0(3)I7(10)"
},
{
"status": "affected",
"version": "8.2(8)"
},
{
"status": "affected",
"version": "10.2(1q)"
},
{
"status": "affected",
"version": "10.2(2)"
},
{
"status": "affected",
"version": "9.3(9)"
},
{
"status": "affected",
"version": "10.1(2t)"
},
{
"status": "affected",
"version": "7.3(9)D1(1)"
},
{
"status": "affected",
"version": "10.2(3)"
},
{
"status": "affected",
"version": "8.4(6)"
},
{
"status": "affected",
"version": "10.2(3t)"
},
{
"status": "affected",
"version": "8.4(2e)"
},
{
"status": "affected",
"version": "9.3(10)"
},
{
"status": "affected",
"version": "10.2(2a)"
},
{
"status": "affected",
"version": "9.2(1a)"
},
{
"status": "affected",
"version": "8.2(9)"
},
{
"status": "affected",
"version": "10.3(1)"
},
{
"status": "affected",
"version": "10.2(4)"
},
{
"status": "affected",
"version": "8.4(7)"
},
{
"status": "affected",
"version": "10.3(2)"
},
{
"status": "affected",
"version": "8.4(6a)"
},
{
"status": "affected",
"version": "9.3(11)"
},
{
"status": "affected",
"version": "10.3(3)"
},
{
"status": "affected",
"version": "10.2(5)"
},
{
"status": "affected",
"version": "9.4(1)"
},
{
"status": "affected",
"version": "9.3(2a)"
},
{
"status": "affected",
"version": "8.4(2f)"
},
{
"status": "affected",
"version": "8.2(10)"
},
{
"status": "affected",
"version": "9.3(12)"
},
{
"status": "affected",
"version": "10.2(3v)"
},
{
"status": "affected",
"version": "10.4(1)"
},
{
"status": "affected",
"version": "8.4(8)"
},
{
"status": "affected",
"version": "10.3(99w)"
},
{
"status": "affected",
"version": "10.2(6)"
},
{
"status": "affected",
"version": "10.3(3w)"
},
{
"status": "affected",
"version": "10.3(99x)"
},
{
"status": "affected",
"version": "10.3(3o)"
},
{
"status": "affected",
"version": "8.4(9)"
},
{
"status": "affected",
"version": "10.3(4)"
},
{
"status": "affected",
"version": "10.3(3p)"
},
{
"status": "affected",
"version": "10.3(4a)"
},
{
"status": "affected",
"version": "9.4(1a)"
},
{
"status": "affected",
"version": "10.4(2)"
},
{
"status": "affected",
"version": "10.3(3q)"
},
{
"status": "affected",
"version": "9.3(13)"
},
{
"status": "affected",
"version": "10.2(7)"
},
{
"status": "affected",
"version": "10.3(3x)"
},
{
"status": "affected",
"version": "10.3(4g)"
},
{
"status": "affected",
"version": "10.3(3r)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device.\r\n\r\nThe vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by manipulating specific functions within the Python interpreter. A successful exploit could allow an attacker to escape the Python sandbox and execute arbitrary commands on the underlying operating system with the privileges of the authenticated user.\u0026nbsp;\r\nNote: An attacker must be authenticated with Python execution privileges to exploit these vulnerabilities. For more information regarding Python execution privileges, see product-specific documentation, such as the section of the Cisco Nexus 9000 Series NX-OS Programmability Guide."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-693",
"description": "Protection Mechanism Failure",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T16:37:17.319Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-nxos-psbe-ce-YvbTn5du",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-psbe-ce-YvbTn5du"
},
{
"name": "Cisco NX-OS Security with Python",
"url": "https://www.cisco.com/c/en/us/td/docs/dcn/nx-os/nexus9000/105x/programmability/cisco-nexus-9000-series-nx-os-programmability-guide-105x/m-n9k-python-api-101x.html?bookSearch=true#concept_A2CFF094ADCB414C983EA06AD8E9A410"
}
],
"source": {
"advisory": "cisco-sa-nxos-psbe-ce-YvbTn5du",
"defects": [
"CSCwh77781"
],
"discovery": "INTERNAL"
},
"title": "Cisco NX-OS Software Python Parser Escape Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20286",
"datePublished": "2024-08-28T16:37:17.319Z",
"dateReserved": "2023-11-08T15:08:07.626Z",
"dateUpdated": "2024-08-28T17:23:56.426Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20411 (GCVE-0-2024-20411)
Vulnerability from cvelistv5 – Published: 2024-08-28 16:27 – Updated: 2024-08-30 03:56
VLAI?
EPSS
Title
Cisco NX-OS Bash Arbitrary Code Execution Vulnerability
Summary
A vulnerability in Cisco NX-OS Software could allow an authenticated, local attacker with privileges to access the Bash shell to execute arbitrary code as root on an affected device.
This vulnerability is due to insufficient security restrictions when executing commands from the Bash shell. An attacker with privileges to access the Bash shell could exploit this vulnerability by executing a specific crafted command on the underlying operating system. A successful exploit could allow the attacker to execute arbitrary code with the privileges of root.
Severity ?
6.7 (Medium)
CWE
- CWE-267 - Privilege Defined With Unsafe Actions
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Affected:
9.2(3)
Affected: 7.0(3)I5(2) Affected: 6.0(2)A8(7a) Affected: 7.0(3)I4(5) Affected: 6.0(2)A6(1) Affected: 7.0(3)I4(6) Affected: 7.0(3)I4(3) Affected: 9.2(2v) Affected: 6.0(2)A6(5b) Affected: 7.0(3)I4(7) Affected: 6.0(2)U6(1a) Affected: 7.0(3)I4(1) Affected: 7.0(3)I4(8) Affected: 7.0(3)I4(2) Affected: 7.0(3)IM3(1) Affected: 6.0(2)U6(5a) Affected: 6.0(2)A8(11) Affected: 6.0(2)A6(4a) Affected: 9.2(1) Affected: 9.2(2t) Affected: 9.2(3y) Affected: 7.0(3)I4(1t) Affected: 6.0(2)U6(5c) Affected: 6.0(2)A6(4) Affected: 7.0(3)I7(6z) Affected: 9.3(2) Affected: 7.0(3)F3(3) Affected: 6.0(2)U6(6) Affected: 7.0(3)I7(3z) Affected: 7.0(3)IM7(2) Affected: 6.0(2)A8(11b) Affected: 7.0(3)I7(5a) Affected: 7.0(3)I6(1) Affected: 6.0(2)U6(10) Affected: 7.0(3)IM3(2) Affected: 6.0(2)A6(8) Affected: 6.0(2)U6(1) Affected: 7.0(3)I5(3b) Affected: 6.0(2)A6(2a) Affected: 6.0(2)U6(7) Affected: 9.2(4) Affected: 7.0(3)IM3(2a) Affected: 6.0(2)A8(10) Affected: 6.0(2)A8(2) Affected: 7.0(3)IC4(4) Affected: 6.0(2)A6(3) Affected: 6.0(2)U6(5b) Affected: 7.0(3)F3(3c) Affected: 7.0(3)F3(1) Affected: 6.0(2)U6(5) Affected: 7.0(3)F3(5) Affected: 6.0(2)A6(7) Affected: 7.0(3)I7(2) Affected: 6.0(2)A6(5) Affected: 7.0(3)IM3(2b) Affected: 6.0(2)U6(4a) Affected: 7.0(3)I5(3) Affected: 7.0(3)I7(3) Affected: 6.0(2)A8(6) Affected: 7.0(3)I6(2) Affected: 6.0(2)A8(5) Affected: 6.0(2)U6(8) Affected: 7.0(3)IM3(3) Affected: 9.3(1) Affected: 6.0(2)U6(2) Affected: 6.0(2)A8(7) Affected: 7.0(3)I7(6) Affected: 6.0(2)U6(3a) Affected: 6.0(2)A8(11a) Affected: 7.0(3)I4(8z) Affected: 7.0(3)I4(9) Affected: 7.0(3)I7(4) Affected: 7.0(3)I7(7) Affected: 6.0(2)A8(9) Affected: 6.0(2)A8(1) Affected: 6.0(2)A6(6) Affected: 6.0(2)A8(10a) Affected: 7.0(3)I5(1) Affected: 9.3(1z) Affected: 9.2(2) Affected: 7.0(3)F3(4) Affected: 7.0(3)I4(8b) Affected: 6.0(2)A8(3) Affected: 7.0(3)I4(6t) Affected: 7.0(3)I5(3a) Affected: 6.0(2)A8(8) Affected: 7.0(3)I7(5) Affected: 7.0(3)F3(3a) Affected: 6.0(2)A8(4) Affected: 6.0(2)A6(3a) Affected: 6.0(2)A6(5a) Affected: 7.0(3)F2(1) Affected: 7.0(3)I4(8a) Affected: 6.0(2)U6(9) Affected: 7.0(3)F3(2) Affected: 6.0(2)U6(2a) Affected: 7.0(3)I4(4) Affected: 6.0(2)U6(3) Affected: 7.0(3)I7(1) Affected: 7.0(3)F2(2) Affected: 7.0(3)IA7(2) Affected: 7.0(3)IA7(1) Affected: 6.0(2)A8(7b) Affected: 7.0(3)F1(1) Affected: 6.0(2)A6(1a) Affected: 6.0(2)A6(2) Affected: 6.0(2)A8(4a) Affected: 6.0(2)U6(4) Affected: 9.3(3) Affected: 7.0(3)I7(8) Affected: 6.0(2)U6(10a) Affected: 9.3(4) Affected: 9.3(5) Affected: 7.0(3)I7(9) Affected: 9.3(6) Affected: 10.1(2) Affected: 10.1(1) Affected: 9.3(5w) Affected: 9.3(7) Affected: 9.3(7k) Affected: 7.0(3)I7(9w) Affected: 10.2(1) Affected: 9.3(7a) Affected: 9.3(8) Affected: 7.0(3)I7(10) Affected: 10.2(1q) Affected: 10.2(2) Affected: 9.3(9) Affected: 10.1(2t) Affected: 10.2(3) Affected: 10.2(3t) Affected: 9.3(10) Affected: 10.2(2a) Affected: 10.3(1) Affected: 10.2(4) Affected: 10.3(2) Affected: 9.3(11) Affected: 10.3(3) Affected: 10.2(5) Affected: 9.3(12) Affected: 10.2(3v) Affected: 10.4(1) Affected: 10.3(99w) Affected: 10.2(6) Affected: 10.3(3w) Affected: 10.3(99x) Affected: 10.3(3o) Affected: 10.3(4) Affected: 10.3(3p) Affected: 10.3(4a) Affected: 10.4(2) Affected: 10.3(3q) Affected: 9.3(13) Affected: 10.2(7) Affected: 10.3(3x) Affected: 10.3(4g) Affected: 10.3(3r) |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:cisco:nx-os:9.2\\(3\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i5\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(7a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(5\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(6\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(3\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.2\\(2v\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(5b\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(7\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(1a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(8\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)im3\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(5a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(11\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(4a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.2\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.2\\(2t\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.2\\(3y\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(1t\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(5c\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(4\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(6z\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(3\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(6\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(3z\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)im7\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(11b\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(5a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i6\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(10\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)im3\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(8\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i5\\(3b\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(2a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(7\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.2\\(4\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)im3\\(2a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(10\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)ic4\\(4\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(3\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(5b\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(3c\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(5\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(5\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(7\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(5\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)im3\\(2b\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(4a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i5\\(3\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(3\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(6\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i6\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(5\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(8\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)im3\\(3\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(7\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(6\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(3a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(11a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(8z\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(9\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(4\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(7\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(9\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(6\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(10a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i5\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(1z\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.2\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(4\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(8b\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(3\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(6t\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i5\\(3a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(8\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(5\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(3a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(4\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(3a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(5a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f2\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(8a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(9\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(2a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(4\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(3\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f2\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)ia7\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)ia7\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(7b\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(1a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(4a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(4\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(3\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(8\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(10a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(4\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(5\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(9\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(6\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.1\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.1\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(5w\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(7\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(7k\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(9w\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.2\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(7a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(8\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(10\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.2\\(1q\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.2\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(9\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.1\\(2t\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.2\\(3\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.2\\(3t\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(10\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.2\\(2a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.3\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.2\\(4\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.3\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(11\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.3\\(3\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.2\\(5\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(12\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.2\\(3v\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.4\\(1\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.3\\(99w\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.2\\(6\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.3\\(3w\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.3\\(99x\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.3\\(3o\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.3\\(4\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.3\\(3p\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.3\\(4a\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.4\\(2\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.3\\(3q\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:9.3\\(13\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.2\\(7\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.3\\(3x\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.3\\(4g\\):*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:nx-os:10.3\\(3r\\):*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "nx-os",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "9.2\\(3\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i5\\(2\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a8\\(7a\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i4\\(5\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a6\\(1\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i4\\(6\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i4\\(3\\)"
},
{
"status": "affected",
"version": "9.2\\(2v\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a6\\(5b\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i4\\(7\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)u6\\(1a\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i4\\(1\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i4\\(8\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i4\\(2\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)im3\\(1\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)u6\\(5a\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a8\\(11\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a6\\(4a\\)"
},
{
"status": "affected",
"version": "9.2\\(1\\)"
},
{
"status": "affected",
"version": "9.2\\(2t\\)"
},
{
"status": "affected",
"version": "9.2\\(3y\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i4\\(1t\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)u6\\(5c\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a6\\(4\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i7\\(6z\\)"
},
{
"status": "affected",
"version": "9.3\\(2\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)f3\\(3\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)u6\\(6\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i7\\(3z\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)im7\\(2\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a8\\(11b\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i7\\(5a\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i6\\(1\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)u6\\(10\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)im3\\(2\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a6\\(8\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)u6\\(1\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i5\\(3b\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a6\\(2a\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)u6\\(7\\)"
},
{
"status": "affected",
"version": "9.2\\(4\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)im3\\(2a\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a8\\(10\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a8\\(2\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)ic4\\(4\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a6\\(3\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)u6\\(5b\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)f3\\(3c\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)f3\\(1\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)u6\\(5\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)f3\\(5\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a6\\(7\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i7\\(2\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a6\\(5\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)im3\\(2b\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)u6\\(4a\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i5\\(3\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i7\\(3\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a8\\(6\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i6\\(2\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a8\\(5\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)u6\\(8\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)im3\\(3\\)"
},
{
"status": "affected",
"version": "9.3\\(1\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)u6\\(2\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a8\\(7\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i7\\(6\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)u6\\(3a\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a8\\(11a\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i4\\(8z\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i4\\(9\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i7\\(4\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i7\\(7\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a8\\(9\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a8\\(1\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a6\\(6\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a8\\(10a\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i5\\(1\\)"
},
{
"status": "affected",
"version": "9.3\\(1z\\)"
},
{
"status": "affected",
"version": "9.2\\(2\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)f3\\(4\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i4\\(8b\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a8\\(3\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i4\\(6t\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i5\\(3a\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a8\\(8\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i7\\(5\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)f3\\(3a\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a8\\(4\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a6\\(3a\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a6\\(5a\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)f2\\(1\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i4\\(8a\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)u6\\(9\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)f3\\(2\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)u6\\(2a\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i4\\(4\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)u6\\(3\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i7\\(1\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)f2\\(2\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)ia7\\(2\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)ia7\\(1\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a8\\(7b\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)f1\\(1\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a6\\(1a\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a6\\(2\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)a8\\(4a\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)u6\\(4\\)"
},
{
"status": "affected",
"version": "9.3\\(3\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i7\\(8\\)"
},
{
"status": "affected",
"version": "6.0\\(2\\)u6\\(10a\\)"
},
{
"status": "affected",
"version": "9.3\\(4\\)"
},
{
"status": "affected",
"version": "9.3\\(5\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i7\\(9\\)"
},
{
"status": "affected",
"version": "9.3\\(6\\)"
},
{
"status": "affected",
"version": "10.1\\(2\\)"
},
{
"status": "affected",
"version": "10.1\\(1\\)"
},
{
"status": "affected",
"version": "9.3\\(5w\\)"
},
{
"status": "affected",
"version": "9.3\\(7\\)"
},
{
"status": "affected",
"version": "9.3\\(7k\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i7\\(9w\\)"
},
{
"status": "affected",
"version": "10.2\\(1\\)"
},
{
"status": "affected",
"version": "9.3\\(7a\\)"
},
{
"status": "affected",
"version": "9.3\\(8\\)"
},
{
"status": "affected",
"version": "7.0\\(3\\)i7\\(10\\)"
},
{
"status": "affected",
"version": "10.2\\(1q\\)"
},
{
"status": "affected",
"version": "10.2\\(2\\)"
},
{
"status": "affected",
"version": "9.3\\(9\\)"
},
{
"status": "affected",
"version": "10.1\\(2t\\)"
},
{
"status": "affected",
"version": "10.2\\(3\\)"
},
{
"status": "affected",
"version": "10.2\\(3t\\)"
},
{
"status": "affected",
"version": "9.3\\(10\\)"
},
{
"status": "affected",
"version": "10.2\\(2a\\)"
},
{
"status": "affected",
"version": "10.3\\(1\\)"
},
{
"status": "affected",
"version": "10.2\\(4\\)"
},
{
"status": "affected",
"version": "10.3\\(2\\)"
},
{
"status": "affected",
"version": "9.3\\(11\\)"
},
{
"status": "affected",
"version": "10.3\\(3\\)"
},
{
"status": "affected",
"version": "10.2\\(5\\)"
},
{
"status": "affected",
"version": "9.3\\(12\\)"
},
{
"status": "affected",
"version": "10.2\\(3v\\)"
},
{
"status": "affected",
"version": "10.4\\(1\\)"
},
{
"status": "affected",
"version": "10.3\\(99w\\)"
},
{
"status": "affected",
"version": "10.2\\(6\\)"
},
{
"status": "affected",
"version": "10.3\\(3w\\)"
},
{
"status": "affected",
"version": "10.3\\(99x\\)"
},
{
"status": "affected",
"version": "10.3\\(3o\\)"
},
{
"status": "affected",
"version": "10.3\\(4\\)"
},
{
"status": "affected",
"version": "10.3\\(3p\\)"
},
{
"status": "affected",
"version": "10.3\\(4a\\)"
},
{
"status": "affected",
"version": "10.4\\(2\\)"
},
{
"status": "affected",
"version": "10.3\\(3q\\)"
},
{
"status": "affected",
"version": "9.3\\(13\\)"
},
{
"status": "affected",
"version": "10.2\\(7\\)"
},
{
"status": "affected",
"version": "10.3\\(3x\\)"
},
{
"status": "affected",
"version": "10.3\\(4g\\)"
},
{
"status": "affected",
"version": "10.3\\(3r\\)"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20411",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-29T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-30T03:56:02.446Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco NX-OS Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "9.2(3)"
},
{
"status": "affected",
"version": "7.0(3)I5(2)"
},
{
"status": "affected",
"version": "6.0(2)A8(7a)"
},
{
"status": "affected",
"version": "7.0(3)I4(5)"
},
{
"status": "affected",
"version": "6.0(2)A6(1)"
},
{
"status": "affected",
"version": "7.0(3)I4(6)"
},
{
"status": "affected",
"version": "7.0(3)I4(3)"
},
{
"status": "affected",
"version": "9.2(2v)"
},
{
"status": "affected",
"version": "6.0(2)A6(5b)"
},
{
"status": "affected",
"version": "7.0(3)I4(7)"
},
{
"status": "affected",
"version": "6.0(2)U6(1a)"
},
{
"status": "affected",
"version": "7.0(3)I4(1)"
},
{
"status": "affected",
"version": "7.0(3)I4(8)"
},
{
"status": "affected",
"version": "7.0(3)I4(2)"
},
{
"status": "affected",
"version": "7.0(3)IM3(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(5a)"
},
{
"status": "affected",
"version": "6.0(2)A8(11)"
},
{
"status": "affected",
"version": "6.0(2)A6(4a)"
},
{
"status": "affected",
"version": "9.2(1)"
},
{
"status": "affected",
"version": "9.2(2t)"
},
{
"status": "affected",
"version": "9.2(3y)"
},
{
"status": "affected",
"version": "7.0(3)I4(1t)"
},
{
"status": "affected",
"version": "6.0(2)U6(5c)"
},
{
"status": "affected",
"version": "6.0(2)A6(4)"
},
{
"status": "affected",
"version": "7.0(3)I7(6z)"
},
{
"status": "affected",
"version": "9.3(2)"
},
{
"status": "affected",
"version": "7.0(3)F3(3)"
},
{
"status": "affected",
"version": "6.0(2)U6(6)"
},
{
"status": "affected",
"version": "7.0(3)I7(3z)"
},
{
"status": "affected",
"version": "7.0(3)IM7(2)"
},
{
"status": "affected",
"version": "6.0(2)A8(11b)"
},
{
"status": "affected",
"version": "7.0(3)I7(5a)"
},
{
"status": "affected",
"version": "7.0(3)I6(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(10)"
},
{
"status": "affected",
"version": "7.0(3)IM3(2)"
},
{
"status": "affected",
"version": "6.0(2)A6(8)"
},
{
"status": "affected",
"version": "6.0(2)U6(1)"
},
{
"status": "affected",
"version": "7.0(3)I5(3b)"
},
{
"status": "affected",
"version": "6.0(2)A6(2a)"
},
{
"status": "affected",
"version": "6.0(2)U6(7)"
},
{
"status": "affected",
"version": "9.2(4)"
},
{
"status": "affected",
"version": "7.0(3)IM3(2a)"
},
{
"status": "affected",
"version": "6.0(2)A8(10)"
},
{
"status": "affected",
"version": "6.0(2)A8(2)"
},
{
"status": "affected",
"version": "7.0(3)IC4(4)"
},
{
"status": "affected",
"version": "6.0(2)A6(3)"
},
{
"status": "affected",
"version": "6.0(2)U6(5b)"
},
{
"status": "affected",
"version": "7.0(3)F3(3c)"
},
{
"status": "affected",
"version": "7.0(3)F3(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(5)"
},
{
"status": "affected",
"version": "7.0(3)F3(5)"
},
{
"status": "affected",
"version": "6.0(2)A6(7)"
},
{
"status": "affected",
"version": "7.0(3)I7(2)"
},
{
"status": "affected",
"version": "6.0(2)A6(5)"
},
{
"status": "affected",
"version": "7.0(3)IM3(2b)"
},
{
"status": "affected",
"version": "6.0(2)U6(4a)"
},
{
"status": "affected",
"version": "7.0(3)I5(3)"
},
{
"status": "affected",
"version": "7.0(3)I7(3)"
},
{
"status": "affected",
"version": "6.0(2)A8(6)"
},
{
"status": "affected",
"version": "7.0(3)I6(2)"
},
{
"status": "affected",
"version": "6.0(2)A8(5)"
},
{
"status": "affected",
"version": "6.0(2)U6(8)"
},
{
"status": "affected",
"version": "7.0(3)IM3(3)"
},
{
"status": "affected",
"version": "9.3(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(2)"
},
{
"status": "affected",
"version": "6.0(2)A8(7)"
},
{
"status": "affected",
"version": "7.0(3)I7(6)"
},
{
"status": "affected",
"version": "6.0(2)U6(3a)"
},
{
"status": "affected",
"version": "6.0(2)A8(11a)"
},
{
"status": "affected",
"version": "7.0(3)I4(8z)"
},
{
"status": "affected",
"version": "7.0(3)I4(9)"
},
{
"status": "affected",
"version": "7.0(3)I7(4)"
},
{
"status": "affected",
"version": "7.0(3)I7(7)"
},
{
"status": "affected",
"version": "6.0(2)A8(9)"
},
{
"status": "affected",
"version": "6.0(2)A8(1)"
},
{
"status": "affected",
"version": "6.0(2)A6(6)"
},
{
"status": "affected",
"version": "6.0(2)A8(10a)"
},
{
"status": "affected",
"version": "7.0(3)I5(1)"
},
{
"status": "affected",
"version": "9.3(1z)"
},
{
"status": "affected",
"version": "9.2(2)"
},
{
"status": "affected",
"version": "7.0(3)F3(4)"
},
{
"status": "affected",
"version": "7.0(3)I4(8b)"
},
{
"status": "affected",
"version": "6.0(2)A8(3)"
},
{
"status": "affected",
"version": "7.0(3)I4(6t)"
},
{
"status": "affected",
"version": "7.0(3)I5(3a)"
},
{
"status": "affected",
"version": "6.0(2)A8(8)"
},
{
"status": "affected",
"version": "7.0(3)I7(5)"
},
{
"status": "affected",
"version": "7.0(3)F3(3a)"
},
{
"status": "affected",
"version": "6.0(2)A8(4)"
},
{
"status": "affected",
"version": "6.0(2)A6(3a)"
},
{
"status": "affected",
"version": "6.0(2)A6(5a)"
},
{
"status": "affected",
"version": "7.0(3)F2(1)"
},
{
"status": "affected",
"version": "7.0(3)I4(8a)"
},
{
"status": "affected",
"version": "6.0(2)U6(9)"
},
{
"status": "affected",
"version": "7.0(3)F3(2)"
},
{
"status": "affected",
"version": "6.0(2)U6(2a)"
},
{
"status": "affected",
"version": "7.0(3)I4(4)"
},
{
"status": "affected",
"version": "6.0(2)U6(3)"
},
{
"status": "affected",
"version": "7.0(3)I7(1)"
},
{
"status": "affected",
"version": "7.0(3)F2(2)"
},
{
"status": "affected",
"version": "7.0(3)IA7(2)"
},
{
"status": "affected",
"version": "7.0(3)IA7(1)"
},
{
"status": "affected",
"version": "6.0(2)A8(7b)"
},
{
"status": "affected",
"version": "7.0(3)F1(1)"
},
{
"status": "affected",
"version": "6.0(2)A6(1a)"
},
{
"status": "affected",
"version": "6.0(2)A6(2)"
},
{
"status": "affected",
"version": "6.0(2)A8(4a)"
},
{
"status": "affected",
"version": "6.0(2)U6(4)"
},
{
"status": "affected",
"version": "9.3(3)"
},
{
"status": "affected",
"version": "7.0(3)I7(8)"
},
{
"status": "affected",
"version": "6.0(2)U6(10a)"
},
{
"status": "affected",
"version": "9.3(4)"
},
{
"status": "affected",
"version": "9.3(5)"
},
{
"status": "affected",
"version": "7.0(3)I7(9)"
},
{
"status": "affected",
"version": "9.3(6)"
},
{
"status": "affected",
"version": "10.1(2)"
},
{
"status": "affected",
"version": "10.1(1)"
},
{
"status": "affected",
"version": "9.3(5w)"
},
{
"status": "affected",
"version": "9.3(7)"
},
{
"status": "affected",
"version": "9.3(7k)"
},
{
"status": "affected",
"version": "7.0(3)I7(9w)"
},
{
"status": "affected",
"version": "10.2(1)"
},
{
"status": "affected",
"version": "9.3(7a)"
},
{
"status": "affected",
"version": "9.3(8)"
},
{
"status": "affected",
"version": "7.0(3)I7(10)"
},
{
"status": "affected",
"version": "10.2(1q)"
},
{
"status": "affected",
"version": "10.2(2)"
},
{
"status": "affected",
"version": "9.3(9)"
},
{
"status": "affected",
"version": "10.1(2t)"
},
{
"status": "affected",
"version": "10.2(3)"
},
{
"status": "affected",
"version": "10.2(3t)"
},
{
"status": "affected",
"version": "9.3(10)"
},
{
"status": "affected",
"version": "10.2(2a)"
},
{
"status": "affected",
"version": "10.3(1)"
},
{
"status": "affected",
"version": "10.2(4)"
},
{
"status": "affected",
"version": "10.3(2)"
},
{
"status": "affected",
"version": "9.3(11)"
},
{
"status": "affected",
"version": "10.3(3)"
},
{
"status": "affected",
"version": "10.2(5)"
},
{
"status": "affected",
"version": "9.3(12)"
},
{
"status": "affected",
"version": "10.2(3v)"
},
{
"status": "affected",
"version": "10.4(1)"
},
{
"status": "affected",
"version": "10.3(99w)"
},
{
"status": "affected",
"version": "10.2(6)"
},
{
"status": "affected",
"version": "10.3(3w)"
},
{
"status": "affected",
"version": "10.3(99x)"
},
{
"status": "affected",
"version": "10.3(3o)"
},
{
"status": "affected",
"version": "10.3(4)"
},
{
"status": "affected",
"version": "10.3(3p)"
},
{
"status": "affected",
"version": "10.3(4a)"
},
{
"status": "affected",
"version": "10.4(2)"
},
{
"status": "affected",
"version": "10.3(3q)"
},
{
"status": "affected",
"version": "9.3(13)"
},
{
"status": "affected",
"version": "10.2(7)"
},
{
"status": "affected",
"version": "10.3(3x)"
},
{
"status": "affected",
"version": "10.3(4g)"
},
{
"status": "affected",
"version": "10.3(3r)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco NX-OS Software could allow an authenticated, local attacker with privileges to access the Bash shell to\u0026nbsp;execute arbitrary code as root on an affected device.\r\n\r\nThis vulnerability is due to insufficient security restrictions when executing commands from the Bash shell. An attacker with privileges to access the Bash shell could exploit this vulnerability by executing a specific crafted command on the underlying operating system. A successful exploit could allow the attacker to execute arbitrary code with the privileges of root."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-267",
"description": "Privilege Defined With Unsafe Actions",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T16:27:38.420Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-nxos-bshacepe-bApeHSx7",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-bshacepe-bApeHSx7"
}
],
"source": {
"advisory": "cisco-sa-nxos-bshacepe-bApeHSx7",
"defects": [
"CSCwh77791"
],
"discovery": "INTERNAL"
},
"title": "Cisco NX-OS Bash Arbitrary Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20411",
"datePublished": "2024-08-28T16:27:38.420Z",
"dateReserved": "2023-11-08T15:08:07.662Z",
"dateUpdated": "2024-08-30T03:56:02.446Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20284 (GCVE-0-2024-20284)
Vulnerability from cvelistv5 – Published: 2024-08-28 16:37 – Updated: 2024-08-28 17:19
VLAI?
EPSS
Title
Cisco NX-OS Software Python Parser Escape Vulnerability
Summary
A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device.
The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by manipulating specific functions within the Python interpreter. A successful exploit could allow an attacker to escape the Python sandbox and execute arbitrary commands on the underlying operating system with the privileges of the authenticated user.
Note: An attacker must be authenticated with Python execution privileges to exploit these vulnerabilities. For more information regarding Python execution privileges, see product-specific documentation, such as the section of the Cisco Nexus 9000 Series NX-OS Programmability Guide.
Severity ?
5.3 (Medium)
CWE
- CWE-693 - Protection Mechanism Failure
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Affected:
8.2(5)
Affected: 7.3(6)N1(1a) Affected: 7.3(5)D1(1) Affected: 8.4(2) Affected: 7.3(6)N1(1) Affected: 6.2(2) Affected: 8.4(3) Affected: 9.2(3) Affected: 7.0(3)I5(2) Affected: 8.2(1) Affected: 6.0(2)A8(7a) Affected: 7.0(3)I4(5) Affected: 6.0(2)A6(1) Affected: 7.3(1)D1(1) Affected: 6.2(14a) Affected: 7.0(3)I4(6) Affected: 7.3(4)N1(1) Affected: 7.0(3)I4(3) Affected: 9.2(2v) Affected: 6.0(2)A6(5b) Affected: 7.3(0)D1(1) Affected: 6.2(17a) Affected: 7.0(3)I4(7) Affected: 6.0(2)U6(1a) Affected: 7.1(5)N1(1b) Affected: 7.0(3)I4(1) Affected: 7.0(3)I4(8) Affected: 7.0(3)I4(2) Affected: 7.1(4)N1(1c) Affected: 7.0(3)IM3(1) Affected: 6.0(2)U6(5a) Affected: 6.0(2)A8(11) Affected: 6.0(2)A6(4a) Affected: 6.2(9) Affected: 6.2(5) Affected: 7.3(4)D1(1) Affected: 6.2(20) Affected: 9.2(1) Affected: 9.2(2t) Affected: 9.2(3y) Affected: 7.0(3)I4(1t) Affected: 6.0(2)U6(5c) Affected: 6.0(2)A6(4) Affected: 7.0(3)I7(6z) Affected: 9.3(2) Affected: 7.3(1)DY(1) Affected: 7.0(3)F3(3) Affected: 6.0(2)U6(6) Affected: 6.2(29) Affected: 7.0(3)I7(3z) Affected: 7.0(3)IM7(2) Affected: 6.0(2)A8(11b) Affected: 6.2(9a) Affected: 7.3(0)N1(1) Affected: 7.0(3)I7(5a) Affected: 6.2(11d) Affected: 8.1(1) Affected: 7.0(3)I6(1) Affected: 6.0(2)U6(10) Affected: 7.2(2)D1(2) Affected: 7.0(3)IM3(2) Affected: 6.0(2)A6(8) Affected: 8.2(2) Affected: 6.0(2)U6(1) Affected: 7.3(2)N1(1c) Affected: 7.0(3)I5(3b) Affected: 8.3(2) Affected: 7.3(5)N1(1) Affected: 6.0(2)A6(2a) Affected: 7.3(2)N1(1b) Affected: 6.2(27) Affected: 7.3(2)D1(3a) Affected: 7.3(1)N1(1) Affected: 6.0(2)U6(7) Affected: 9.2(4) Affected: 7.1(4)N1(1a) Affected: 7.1(3)N1(4) Affected: 7.0(3)IM3(2a) Affected: 6.2(8b) Affected: 6.0(2)A8(10) Affected: 7.1(3)N1(2) Affected: 6.2(13) Affected: 6.0(2)A8(2) Affected: 7.0(3)IC4(4) Affected: 6.2(1) Affected: 7.3(4)N1(1a) Affected: 8.1(2) Affected: 6.0(2)A6(3) Affected: 6.0(2)U6(5b) Affected: 7.0(3)F3(3c) Affected: 7.3(3)D1(1) Affected: 7.0(3)F3(1) Affected: 6.0(2)U6(5) Affected: 7.0(3)F3(5) Affected: 7.1(2)N1(1) Affected: 7.1(3)N1(3) Affected: 8.2(3) Affected: 6.0(2)A6(7) Affected: 7.0(3)I7(2) Affected: 6.2(5a) Affected: 6.2(18) Affected: 6.0(2)A6(5) Affected: 7.0(3)IM3(2b) Affected: 7.1(3)N1(1) Affected: 6.0(2)U6(4a) Affected: 7.0(3)I5(3) Affected: 7.0(3)I7(3) Affected: 6.0(2)A8(6) Affected: 7.0(3)I6(2) Affected: 8.3(1) Affected: 6.2(3) Affected: 6.2(22) Affected: 7.1(1)N1(1) Affected: 8.4(1) Affected: 8.1(1b) Affected: 7.3(0)N1(1b) Affected: 7.2(2)D1(4) Affected: 6.0(2)A8(5) Affected: 7.3(0)DX(1) Affected: 7.1(4)N1(1d) Affected: 7.3(2)D1(1) Affected: 7.3(2)N1(1) Affected: 6.0(2)U6(8) Affected: 7.1(1)N1(1a) Affected: 7.0(3)IM3(3) Affected: 9.3(1) Affected: 6.0(2)U6(2) Affected: 6.2(9b) Affected: 7.1(3)N1(2a) Affected: 7.3(0)N1(1a) Affected: 6.0(2)A8(7) Affected: 7.0(3)I7(6) Affected: 7.3(2)D1(2) Affected: 6.2(25) Affected: 6.0(2)U6(3a) Affected: 8.0(1) Affected: 6.0(2)A8(11a) Affected: 6.2(11e) Affected: 7.1(3)N1(5) Affected: 7.0(3)I4(8z) Affected: 6.2(11) Affected: 7.0(3)I4(9) Affected: 6.2(16) Affected: 6.2(19) Affected: 8.2(4) Affected: 6.2(2a) Affected: 7.2(2)D1(3) Affected: 7.1(0)N1(1b) Affected: 7.0(3)I7(4) Affected: 7.0(3)I7(7) Affected: 6.2(5b) Affected: 7.3(0)DY(1) Affected: 6.0(2)A8(9) Affected: 6.0(2)A8(1) Affected: 7.1(5)N1(1) Affected: 7.2(1)D1(1) Affected: 6.2(15) Affected: 6.0(2)A6(6) Affected: 6.0(2)A8(10a) Affected: 7.0(3)I5(1) Affected: 9.3(1z) Affected: 9.2(2) Affected: 6.2(7) Affected: 6.2(9c) Affected: 7.0(3)F3(4) Affected: 7.3(3)N1(1) Affected: 6.2(6b) Affected: 7.0(3)I4(8b) Affected: 8.1(2a) Affected: 7.3(2)D1(3) Affected: 6.2(8) Affected: 6.0(2)A8(3) Affected: 6.2(11b) Affected: 7.0(3)I4(6t) Affected: 7.0(3)I5(3a) Affected: 8.1(1a) Affected: 6.2(13a) Affected: 6.0(2)A8(8) Affected: 7.0(3)I7(5) Affected: 7.0(3)F3(3a) Affected: 7.1(0)N1(1a) Affected: 6.0(2)A8(4) Affected: 6.0(2)A6(3a) Affected: 6.0(2)A6(5a) Affected: 7.0(3)F2(1) Affected: 7.0(3)I4(8a) Affected: 6.0(2)U6(9) Affected: 7.0(3)F3(2) Affected: 6.0(2)U6(2a) Affected: 6.2(12) Affected: 6.2(17) Affected: 7.0(3)I4(4) Affected: 6.2(23) Affected: 6.2(13b) Affected: 6.0(2)U6(3) Affected: 6.2(10) Affected: 6.2(6a) Affected: 6.2(6) Affected: 7.1(2)N1(1a) Affected: 6.2(14) Affected: 7.0(3)I7(1) Affected: 6.2(14b) Affected: 6.2(21) Affected: 7.2(2)D1(1) Affected: 7.0(3)F2(2) Affected: 7.0(3)IA7(2) Affected: 7.0(3)IA7(1) Affected: 6.0(2)A8(7b) Affected: 6.2(8a) Affected: 6.2(11c) Affected: 7.0(3)F1(1) Affected: 6.0(2)A6(1a) Affected: 7.1(0)N1(1) Affected: 7.2(0)D1(1) Affected: 6.0(2)A6(2) Affected: 7.1(4)N1(1) Affected: 6.0(2)A8(4a) Affected: 6.2(20a) Affected: 6.0(2)U6(4) Affected: 8.4(1a) Affected: 9.3(3) Affected: 7.3(2)D1(1d) Affected: 7.3(7)N1(1) Affected: 6.2(24) Affected: 6.2(31) Affected: 7.0(3)I7(8) Affected: 6.0(2)U6(10a) Affected: 7.3(7)N1(1a) Affected: 9.3(4) Affected: 7.3(6)D1(1) Affected: 6.2(26) Affected: 8.2(6) Affected: 6.2(33) Affected: 9.3(5) Affected: 8.4(2a) Affected: 8.4(2b) Affected: 7.3(8)N1(1) Affected: 7.0(3)I7(9) Affected: 7.3(7)N1(1b) Affected: 6.2(24a) Affected: 8.5(1) Affected: 9.3(6) Affected: 10.1(2) Affected: 10.1(1) Affected: 8.4(4) Affected: 7.3(7)D1(1) Affected: 8.4(2c) Affected: 9.3(5w) Affected: 8.2(7) Affected: 7.3(9)N1(1) Affected: 9.3(7) Affected: 9.3(7k) Affected: 7.0(3)I7(9w) Affected: 10.2(1) Affected: 7.3(8)N1(1a) Affected: 7.3(8)D1(1) Affected: 9.3(7a) Affected: 8.2(7a) Affected: 9.3(8) Affected: 8.4(4a) Affected: 8.4(2d) Affected: 7.3(10)N1(1) Affected: 8.4(5) Affected: 7.0(3)I7(10) Affected: 7.3(8)N1(1b) Affected: 8.2(8) Affected: 10.2(1q) Affected: 10.2(2) Affected: 9.3(9) Affected: 10.1(2t) Affected: 7.3(9)D1(1) Affected: 7.3(11)N1(1) Affected: 10.2(3) Affected: 8.4(6) Affected: 10.2(3t) Affected: 8.4(2e) Affected: 9.3(10) Affected: 7.3(11)N1(1a) Affected: 10.2(2a) Affected: 7.3(12)N1(1) Affected: 9.2(1a) Affected: 8.2(9) Affected: 10.3(1) Affected: 10.2(4) Affected: 7.3(13)N1(1) Affected: 8.4(7) Affected: 10.3(2) Affected: 8.4(6a) Affected: 9.3(11) Affected: 10.3(3) Affected: 10.2(5) Affected: 9.4(1) Affected: 9.3(2a) Affected: 8.4(2f) Affected: 8.2(10) Affected: 9.3(12) Affected: 10.2(3v) Affected: 10.4(1) Affected: 8.4(8) Affected: 10.3(99w) Affected: 7.3(14)N1(1) Affected: 10.2(6) Affected: 10.3(3w) Affected: 10.3(99x) Affected: 10.3(3o) Affected: 8.4(9) Affected: 10.3(4) Affected: 10.3(3p) Affected: 10.3(4a) Affected: 9.4(1a) Affected: 10.4(2) Affected: 10.3(3q) Affected: 9.3(13) Affected: 8.2(11) Affected: 10.3(5) Affected: 10.2(7) Affected: 10.4(3) Affected: 10.3(3x) Affected: 10.3(4g) Affected: 10.3(3r) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20284",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-28T17:19:10.303470Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T17:19:17.361Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco NX-OS Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "8.2(5)"
},
{
"status": "affected",
"version": "7.3(6)N1(1a)"
},
{
"status": "affected",
"version": "7.3(5)D1(1)"
},
{
"status": "affected",
"version": "8.4(2)"
},
{
"status": "affected",
"version": "7.3(6)N1(1)"
},
{
"status": "affected",
"version": "6.2(2)"
},
{
"status": "affected",
"version": "8.4(3)"
},
{
"status": "affected",
"version": "9.2(3)"
},
{
"status": "affected",
"version": "7.0(3)I5(2)"
},
{
"status": "affected",
"version": "8.2(1)"
},
{
"status": "affected",
"version": "6.0(2)A8(7a)"
},
{
"status": "affected",
"version": "7.0(3)I4(5)"
},
{
"status": "affected",
"version": "6.0(2)A6(1)"
},
{
"status": "affected",
"version": "7.3(1)D1(1)"
},
{
"status": "affected",
"version": "6.2(14a)"
},
{
"status": "affected",
"version": "7.0(3)I4(6)"
},
{
"status": "affected",
"version": "7.3(4)N1(1)"
},
{
"status": "affected",
"version": "7.0(3)I4(3)"
},
{
"status": "affected",
"version": "9.2(2v)"
},
{
"status": "affected",
"version": "6.0(2)A6(5b)"
},
{
"status": "affected",
"version": "7.3(0)D1(1)"
},
{
"status": "affected",
"version": "6.2(17a)"
},
{
"status": "affected",
"version": "7.0(3)I4(7)"
},
{
"status": "affected",
"version": "6.0(2)U6(1a)"
},
{
"status": "affected",
"version": "7.1(5)N1(1b)"
},
{
"status": "affected",
"version": "7.0(3)I4(1)"
},
{
"status": "affected",
"version": "7.0(3)I4(8)"
},
{
"status": "affected",
"version": "7.0(3)I4(2)"
},
{
"status": "affected",
"version": "7.1(4)N1(1c)"
},
{
"status": "affected",
"version": "7.0(3)IM3(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(5a)"
},
{
"status": "affected",
"version": "6.0(2)A8(11)"
},
{
"status": "affected",
"version": "6.0(2)A6(4a)"
},
{
"status": "affected",
"version": "6.2(9)"
},
{
"status": "affected",
"version": "6.2(5)"
},
{
"status": "affected",
"version": "7.3(4)D1(1)"
},
{
"status": "affected",
"version": "6.2(20)"
},
{
"status": "affected",
"version": "9.2(1)"
},
{
"status": "affected",
"version": "9.2(2t)"
},
{
"status": "affected",
"version": "9.2(3y)"
},
{
"status": "affected",
"version": "7.0(3)I4(1t)"
},
{
"status": "affected",
"version": "6.0(2)U6(5c)"
},
{
"status": "affected",
"version": "6.0(2)A6(4)"
},
{
"status": "affected",
"version": "7.0(3)I7(6z)"
},
{
"status": "affected",
"version": "9.3(2)"
},
{
"status": "affected",
"version": "7.3(1)DY(1)"
},
{
"status": "affected",
"version": "7.0(3)F3(3)"
},
{
"status": "affected",
"version": "6.0(2)U6(6)"
},
{
"status": "affected",
"version": "6.2(29)"
},
{
"status": "affected",
"version": "7.0(3)I7(3z)"
},
{
"status": "affected",
"version": "7.0(3)IM7(2)"
},
{
"status": "affected",
"version": "6.0(2)A8(11b)"
},
{
"status": "affected",
"version": "6.2(9a)"
},
{
"status": "affected",
"version": "7.3(0)N1(1)"
},
{
"status": "affected",
"version": "7.0(3)I7(5a)"
},
{
"status": "affected",
"version": "6.2(11d)"
},
{
"status": "affected",
"version": "8.1(1)"
},
{
"status": "affected",
"version": "7.0(3)I6(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(10)"
},
{
"status": "affected",
"version": "7.2(2)D1(2)"
},
{
"status": "affected",
"version": "7.0(3)IM3(2)"
},
{
"status": "affected",
"version": "6.0(2)A6(8)"
},
{
"status": "affected",
"version": "8.2(2)"
},
{
"status": "affected",
"version": "6.0(2)U6(1)"
},
{
"status": "affected",
"version": "7.3(2)N1(1c)"
},
{
"status": "affected",
"version": "7.0(3)I5(3b)"
},
{
"status": "affected",
"version": "8.3(2)"
},
{
"status": "affected",
"version": "7.3(5)N1(1)"
},
{
"status": "affected",
"version": "6.0(2)A6(2a)"
},
{
"status": "affected",
"version": "7.3(2)N1(1b)"
},
{
"status": "affected",
"version": "6.2(27)"
},
{
"status": "affected",
"version": "7.3(2)D1(3a)"
},
{
"status": "affected",
"version": "7.3(1)N1(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(7)"
},
{
"status": "affected",
"version": "9.2(4)"
},
{
"status": "affected",
"version": "7.1(4)N1(1a)"
},
{
"status": "affected",
"version": "7.1(3)N1(4)"
},
{
"status": "affected",
"version": "7.0(3)IM3(2a)"
},
{
"status": "affected",
"version": "6.2(8b)"
},
{
"status": "affected",
"version": "6.0(2)A8(10)"
},
{
"status": "affected",
"version": "7.1(3)N1(2)"
},
{
"status": "affected",
"version": "6.2(13)"
},
{
"status": "affected",
"version": "6.0(2)A8(2)"
},
{
"status": "affected",
"version": "7.0(3)IC4(4)"
},
{
"status": "affected",
"version": "6.2(1)"
},
{
"status": "affected",
"version": "7.3(4)N1(1a)"
},
{
"status": "affected",
"version": "8.1(2)"
},
{
"status": "affected",
"version": "6.0(2)A6(3)"
},
{
"status": "affected",
"version": "6.0(2)U6(5b)"
},
{
"status": "affected",
"version": "7.0(3)F3(3c)"
},
{
"status": "affected",
"version": "7.3(3)D1(1)"
},
{
"status": "affected",
"version": "7.0(3)F3(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(5)"
},
{
"status": "affected",
"version": "7.0(3)F3(5)"
},
{
"status": "affected",
"version": "7.1(2)N1(1)"
},
{
"status": "affected",
"version": "7.1(3)N1(3)"
},
{
"status": "affected",
"version": "8.2(3)"
},
{
"status": "affected",
"version": "6.0(2)A6(7)"
},
{
"status": "affected",
"version": "7.0(3)I7(2)"
},
{
"status": "affected",
"version": "6.2(5a)"
},
{
"status": "affected",
"version": "6.2(18)"
},
{
"status": "affected",
"version": "6.0(2)A6(5)"
},
{
"status": "affected",
"version": "7.0(3)IM3(2b)"
},
{
"status": "affected",
"version": "7.1(3)N1(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(4a)"
},
{
"status": "affected",
"version": "7.0(3)I5(3)"
},
{
"status": "affected",
"version": "7.0(3)I7(3)"
},
{
"status": "affected",
"version": "6.0(2)A8(6)"
},
{
"status": "affected",
"version": "7.0(3)I6(2)"
},
{
"status": "affected",
"version": "8.3(1)"
},
{
"status": "affected",
"version": "6.2(3)"
},
{
"status": "affected",
"version": "6.2(22)"
},
{
"status": "affected",
"version": "7.1(1)N1(1)"
},
{
"status": "affected",
"version": "8.4(1)"
},
{
"status": "affected",
"version": "8.1(1b)"
},
{
"status": "affected",
"version": "7.3(0)N1(1b)"
},
{
"status": "affected",
"version": "7.2(2)D1(4)"
},
{
"status": "affected",
"version": "6.0(2)A8(5)"
},
{
"status": "affected",
"version": "7.3(0)DX(1)"
},
{
"status": "affected",
"version": "7.1(4)N1(1d)"
},
{
"status": "affected",
"version": "7.3(2)D1(1)"
},
{
"status": "affected",
"version": "7.3(2)N1(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(8)"
},
{
"status": "affected",
"version": "7.1(1)N1(1a)"
},
{
"status": "affected",
"version": "7.0(3)IM3(3)"
},
{
"status": "affected",
"version": "9.3(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(2)"
},
{
"status": "affected",
"version": "6.2(9b)"
},
{
"status": "affected",
"version": "7.1(3)N1(2a)"
},
{
"status": "affected",
"version": "7.3(0)N1(1a)"
},
{
"status": "affected",
"version": "6.0(2)A8(7)"
},
{
"status": "affected",
"version": "7.0(3)I7(6)"
},
{
"status": "affected",
"version": "7.3(2)D1(2)"
},
{
"status": "affected",
"version": "6.2(25)"
},
{
"status": "affected",
"version": "6.0(2)U6(3a)"
},
{
"status": "affected",
"version": "8.0(1)"
},
{
"status": "affected",
"version": "6.0(2)A8(11a)"
},
{
"status": "affected",
"version": "6.2(11e)"
},
{
"status": "affected",
"version": "7.1(3)N1(5)"
},
{
"status": "affected",
"version": "7.0(3)I4(8z)"
},
{
"status": "affected",
"version": "6.2(11)"
},
{
"status": "affected",
"version": "7.0(3)I4(9)"
},
{
"status": "affected",
"version": "6.2(16)"
},
{
"status": "affected",
"version": "6.2(19)"
},
{
"status": "affected",
"version": "8.2(4)"
},
{
"status": "affected",
"version": "6.2(2a)"
},
{
"status": "affected",
"version": "7.2(2)D1(3)"
},
{
"status": "affected",
"version": "7.1(0)N1(1b)"
},
{
"status": "affected",
"version": "7.0(3)I7(4)"
},
{
"status": "affected",
"version": "7.0(3)I7(7)"
},
{
"status": "affected",
"version": "6.2(5b)"
},
{
"status": "affected",
"version": "7.3(0)DY(1)"
},
{
"status": "affected",
"version": "6.0(2)A8(9)"
},
{
"status": "affected",
"version": "6.0(2)A8(1)"
},
{
"status": "affected",
"version": "7.1(5)N1(1)"
},
{
"status": "affected",
"version": "7.2(1)D1(1)"
},
{
"status": "affected",
"version": "6.2(15)"
},
{
"status": "affected",
"version": "6.0(2)A6(6)"
},
{
"status": "affected",
"version": "6.0(2)A8(10a)"
},
{
"status": "affected",
"version": "7.0(3)I5(1)"
},
{
"status": "affected",
"version": "9.3(1z)"
},
{
"status": "affected",
"version": "9.2(2)"
},
{
"status": "affected",
"version": "6.2(7)"
},
{
"status": "affected",
"version": "6.2(9c)"
},
{
"status": "affected",
"version": "7.0(3)F3(4)"
},
{
"status": "affected",
"version": "7.3(3)N1(1)"
},
{
"status": "affected",
"version": "6.2(6b)"
},
{
"status": "affected",
"version": "7.0(3)I4(8b)"
},
{
"status": "affected",
"version": "8.1(2a)"
},
{
"status": "affected",
"version": "7.3(2)D1(3)"
},
{
"status": "affected",
"version": "6.2(8)"
},
{
"status": "affected",
"version": "6.0(2)A8(3)"
},
{
"status": "affected",
"version": "6.2(11b)"
},
{
"status": "affected",
"version": "7.0(3)I4(6t)"
},
{
"status": "affected",
"version": "7.0(3)I5(3a)"
},
{
"status": "affected",
"version": "8.1(1a)"
},
{
"status": "affected",
"version": "6.2(13a)"
},
{
"status": "affected",
"version": "6.0(2)A8(8)"
},
{
"status": "affected",
"version": "7.0(3)I7(5)"
},
{
"status": "affected",
"version": "7.0(3)F3(3a)"
},
{
"status": "affected",
"version": "7.1(0)N1(1a)"
},
{
"status": "affected",
"version": "6.0(2)A8(4)"
},
{
"status": "affected",
"version": "6.0(2)A6(3a)"
},
{
"status": "affected",
"version": "6.0(2)A6(5a)"
},
{
"status": "affected",
"version": "7.0(3)F2(1)"
},
{
"status": "affected",
"version": "7.0(3)I4(8a)"
},
{
"status": "affected",
"version": "6.0(2)U6(9)"
},
{
"status": "affected",
"version": "7.0(3)F3(2)"
},
{
"status": "affected",
"version": "6.0(2)U6(2a)"
},
{
"status": "affected",
"version": "6.2(12)"
},
{
"status": "affected",
"version": "6.2(17)"
},
{
"status": "affected",
"version": "7.0(3)I4(4)"
},
{
"status": "affected",
"version": "6.2(23)"
},
{
"status": "affected",
"version": "6.2(13b)"
},
{
"status": "affected",
"version": "6.0(2)U6(3)"
},
{
"status": "affected",
"version": "6.2(10)"
},
{
"status": "affected",
"version": "6.2(6a)"
},
{
"status": "affected",
"version": "6.2(6)"
},
{
"status": "affected",
"version": "7.1(2)N1(1a)"
},
{
"status": "affected",
"version": "6.2(14)"
},
{
"status": "affected",
"version": "7.0(3)I7(1)"
},
{
"status": "affected",
"version": "6.2(14b)"
},
{
"status": "affected",
"version": "6.2(21)"
},
{
"status": "affected",
"version": "7.2(2)D1(1)"
},
{
"status": "affected",
"version": "7.0(3)F2(2)"
},
{
"status": "affected",
"version": "7.0(3)IA7(2)"
},
{
"status": "affected",
"version": "7.0(3)IA7(1)"
},
{
"status": "affected",
"version": "6.0(2)A8(7b)"
},
{
"status": "affected",
"version": "6.2(8a)"
},
{
"status": "affected",
"version": "6.2(11c)"
},
{
"status": "affected",
"version": "7.0(3)F1(1)"
},
{
"status": "affected",
"version": "6.0(2)A6(1a)"
},
{
"status": "affected",
"version": "7.1(0)N1(1)"
},
{
"status": "affected",
"version": "7.2(0)D1(1)"
},
{
"status": "affected",
"version": "6.0(2)A6(2)"
},
{
"status": "affected",
"version": "7.1(4)N1(1)"
},
{
"status": "affected",
"version": "6.0(2)A8(4a)"
},
{
"status": "affected",
"version": "6.2(20a)"
},
{
"status": "affected",
"version": "6.0(2)U6(4)"
},
{
"status": "affected",
"version": "8.4(1a)"
},
{
"status": "affected",
"version": "9.3(3)"
},
{
"status": "affected",
"version": "7.3(2)D1(1d)"
},
{
"status": "affected",
"version": "7.3(7)N1(1)"
},
{
"status": "affected",
"version": "6.2(24)"
},
{
"status": "affected",
"version": "6.2(31)"
},
{
"status": "affected",
"version": "7.0(3)I7(8)"
},
{
"status": "affected",
"version": "6.0(2)U6(10a)"
},
{
"status": "affected",
"version": "7.3(7)N1(1a)"
},
{
"status": "affected",
"version": "9.3(4)"
},
{
"status": "affected",
"version": "7.3(6)D1(1)"
},
{
"status": "affected",
"version": "6.2(26)"
},
{
"status": "affected",
"version": "8.2(6)"
},
{
"status": "affected",
"version": "6.2(33)"
},
{
"status": "affected",
"version": "9.3(5)"
},
{
"status": "affected",
"version": "8.4(2a)"
},
{
"status": "affected",
"version": "8.4(2b)"
},
{
"status": "affected",
"version": "7.3(8)N1(1)"
},
{
"status": "affected",
"version": "7.0(3)I7(9)"
},
{
"status": "affected",
"version": "7.3(7)N1(1b)"
},
{
"status": "affected",
"version": "6.2(24a)"
},
{
"status": "affected",
"version": "8.5(1)"
},
{
"status": "affected",
"version": "9.3(6)"
},
{
"status": "affected",
"version": "10.1(2)"
},
{
"status": "affected",
"version": "10.1(1)"
},
{
"status": "affected",
"version": "8.4(4)"
},
{
"status": "affected",
"version": "7.3(7)D1(1)"
},
{
"status": "affected",
"version": "8.4(2c)"
},
{
"status": "affected",
"version": "9.3(5w)"
},
{
"status": "affected",
"version": "8.2(7)"
},
{
"status": "affected",
"version": "7.3(9)N1(1)"
},
{
"status": "affected",
"version": "9.3(7)"
},
{
"status": "affected",
"version": "9.3(7k)"
},
{
"status": "affected",
"version": "7.0(3)I7(9w)"
},
{
"status": "affected",
"version": "10.2(1)"
},
{
"status": "affected",
"version": "7.3(8)N1(1a)"
},
{
"status": "affected",
"version": "7.3(8)D1(1)"
},
{
"status": "affected",
"version": "9.3(7a)"
},
{
"status": "affected",
"version": "8.2(7a)"
},
{
"status": "affected",
"version": "9.3(8)"
},
{
"status": "affected",
"version": "8.4(4a)"
},
{
"status": "affected",
"version": "8.4(2d)"
},
{
"status": "affected",
"version": "7.3(10)N1(1)"
},
{
"status": "affected",
"version": "8.4(5)"
},
{
"status": "affected",
"version": "7.0(3)I7(10)"
},
{
"status": "affected",
"version": "7.3(8)N1(1b)"
},
{
"status": "affected",
"version": "8.2(8)"
},
{
"status": "affected",
"version": "10.2(1q)"
},
{
"status": "affected",
"version": "10.2(2)"
},
{
"status": "affected",
"version": "9.3(9)"
},
{
"status": "affected",
"version": "10.1(2t)"
},
{
"status": "affected",
"version": "7.3(9)D1(1)"
},
{
"status": "affected",
"version": "7.3(11)N1(1)"
},
{
"status": "affected",
"version": "10.2(3)"
},
{
"status": "affected",
"version": "8.4(6)"
},
{
"status": "affected",
"version": "10.2(3t)"
},
{
"status": "affected",
"version": "8.4(2e)"
},
{
"status": "affected",
"version": "9.3(10)"
},
{
"status": "affected",
"version": "7.3(11)N1(1a)"
},
{
"status": "affected",
"version": "10.2(2a)"
},
{
"status": "affected",
"version": "7.3(12)N1(1)"
},
{
"status": "affected",
"version": "9.2(1a)"
},
{
"status": "affected",
"version": "8.2(9)"
},
{
"status": "affected",
"version": "10.3(1)"
},
{
"status": "affected",
"version": "10.2(4)"
},
{
"status": "affected",
"version": "7.3(13)N1(1)"
},
{
"status": "affected",
"version": "8.4(7)"
},
{
"status": "affected",
"version": "10.3(2)"
},
{
"status": "affected",
"version": "8.4(6a)"
},
{
"status": "affected",
"version": "9.3(11)"
},
{
"status": "affected",
"version": "10.3(3)"
},
{
"status": "affected",
"version": "10.2(5)"
},
{
"status": "affected",
"version": "9.4(1)"
},
{
"status": "affected",
"version": "9.3(2a)"
},
{
"status": "affected",
"version": "8.4(2f)"
},
{
"status": "affected",
"version": "8.2(10)"
},
{
"status": "affected",
"version": "9.3(12)"
},
{
"status": "affected",
"version": "10.2(3v)"
},
{
"status": "affected",
"version": "10.4(1)"
},
{
"status": "affected",
"version": "8.4(8)"
},
{
"status": "affected",
"version": "10.3(99w)"
},
{
"status": "affected",
"version": "7.3(14)N1(1)"
},
{
"status": "affected",
"version": "10.2(6)"
},
{
"status": "affected",
"version": "10.3(3w)"
},
{
"status": "affected",
"version": "10.3(99x)"
},
{
"status": "affected",
"version": "10.3(3o)"
},
{
"status": "affected",
"version": "8.4(9)"
},
{
"status": "affected",
"version": "10.3(4)"
},
{
"status": "affected",
"version": "10.3(3p)"
},
{
"status": "affected",
"version": "10.3(4a)"
},
{
"status": "affected",
"version": "9.4(1a)"
},
{
"status": "affected",
"version": "10.4(2)"
},
{
"status": "affected",
"version": "10.3(3q)"
},
{
"status": "affected",
"version": "9.3(13)"
},
{
"status": "affected",
"version": "8.2(11)"
},
{
"status": "affected",
"version": "10.3(5)"
},
{
"status": "affected",
"version": "10.2(7)"
},
{
"status": "affected",
"version": "10.4(3)"
},
{
"status": "affected",
"version": "10.3(3x)"
},
{
"status": "affected",
"version": "10.3(4g)"
},
{
"status": "affected",
"version": "10.3(3r)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device.\r\n\r\nThe vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by manipulating specific functions within the Python interpreter. A successful exploit could allow an attacker to escape the Python sandbox and execute arbitrary commands on the underlying operating system with the privileges of the authenticated user.\u0026nbsp;\r\nNote: An attacker must be authenticated with Python execution privileges to exploit these vulnerabilities. For more information regarding Python execution privileges, see product-specific documentation, such as the section of the Cisco Nexus 9000 Series NX-OS Programmability Guide."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-693",
"description": "Protection Mechanism Failure",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T16:37:35.281Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-nxos-psbe-ce-YvbTn5du",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-psbe-ce-YvbTn5du"
},
{
"name": "Cisco NX-OS Security with Python",
"url": "https://www.cisco.com/c/en/us/td/docs/dcn/nx-os/nexus9000/105x/programmability/cisco-nexus-9000-series-nx-os-programmability-guide-105x/m-n9k-python-api-101x.html?bookSearch=true#concept_A2CFF094ADCB414C983EA06AD8E9A410"
}
],
"source": {
"advisory": "cisco-sa-nxos-psbe-ce-YvbTn5du",
"defects": [
"CSCwh77779"
],
"discovery": "INTERNAL"
},
"title": "Cisco NX-OS Software Python Parser Escape Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20284",
"datePublished": "2024-08-28T16:37:35.281Z",
"dateReserved": "2023-11-08T15:08:07.626Z",
"dateUpdated": "2024-08-28T17:19:17.361Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20285 (GCVE-0-2024-20285)
Vulnerability from cvelistv5 – Published: 2024-08-28 16:37 – Updated: 2024-08-28 17:19
VLAI?
EPSS
Title
Cisco NX-OS Software Python Parser Escape Vulnerability
Summary
A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device.
The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by manipulating specific functions within the Python interpreter. A successful exploit could allow an attacker to escape the Python sandbox and execute arbitrary commands on the underlying operating system with the privileges of the authenticated user.
Note: An attacker must be authenticated with Python execution privileges to exploit these vulnerabilities. For more information regarding Python execution privileges, see product-specific documentation, such as the section of the Cisco Nexus 9000 Series NX-OS Programmability Guide.
Severity ?
5.3 (Medium)
CWE
- CWE-653 - Insufficient Compartmentalization
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Affected:
7.3(6)N1(1a)
Affected: 8.4(2) Affected: 7.3(6)N1(1) Affected: 9.2(3) Affected: 7.0(3)I5(2) Affected: 8.2(1) Affected: 6.0(2)A8(7a) Affected: 7.0(3)I4(5) Affected: 6.0(2)A6(1) Affected: 7.3(1)D1(1) Affected: 7.0(3)I4(6) Affected: 7.3(4)N1(1) Affected: 7.0(3)I4(3) Affected: 9.2(2v) Affected: 6.0(2)A6(5b) Affected: 7.3(0)D1(1) Affected: 6.2(17a) Affected: 7.0(3)I4(7) Affected: 6.0(2)U6(1a) Affected: 7.1(5)N1(1b) Affected: 7.0(3)I4(1) Affected: 7.0(3)I4(8) Affected: 7.0(3)I4(2) Affected: 7.1(4)N1(1c) Affected: 7.0(3)IM3(1) Affected: 6.0(2)U6(5a) Affected: 6.0(2)A8(11) Affected: 6.0(2)A6(4a) Affected: 6.2(9) Affected: 6.2(5) Affected: 9.2(1) Affected: 9.2(2t) Affected: 9.2(3y) Affected: 7.0(3)I4(1t) Affected: 6.0(2)U6(5c) Affected: 6.0(2)A6(4) Affected: 7.0(3)I7(6z) Affected: 9.3(2) Affected: 7.3(1)DY(1) Affected: 7.0(3)F3(3) Affected: 6.0(2)U6(6) Affected: 6.2(29) Affected: 7.0(3)I7(3z) Affected: 7.0(3)IM7(2) Affected: 6.0(2)A8(11b) Affected: 6.2(9a) Affected: 7.3(0)N1(1) Affected: 7.0(3)I7(5a) Affected: 6.2(11d) Affected: 7.0(3)I6(1) Affected: 6.0(2)U6(10) Affected: 7.0(3)IM3(2) Affected: 6.0(2)A6(8) Affected: 6.0(2)U6(1) Affected: 7.3(2)N1(1c) Affected: 7.0(3)I5(3b) Affected: 7.3(5)N1(1) Affected: 6.0(2)A6(2a) Affected: 7.3(2)N1(1b) Affected: 6.2(27) Affected: 7.3(1)N1(1) Affected: 6.0(2)U6(7) Affected: 9.2(4) Affected: 7.1(4)N1(1a) Affected: 8.1(1) Affected: 7.1(3)N1(4) Affected: 7.0(3)IM3(2a) Affected: 6.0(2)A8(10) Affected: 7.1(3)N1(2) Affected: 8.2(2) Affected: 6.2(13) Affected: 6.0(2)A8(2) Affected: 7.0(3)IC4(4) Affected: 6.2(1) Affected: 8.3(2) Affected: 7.3(4)N1(1a) Affected: 6.0(2)A6(3) Affected: 6.0(2)U6(5b) Affected: 7.0(3)F3(3c) Affected: 7.0(3)F3(1) Affected: 6.0(2)U6(5) Affected: 7.0(3)F3(5) Affected: 7.1(2)N1(1) Affected: 7.1(3)N1(3) Affected: 6.0(2)A6(7) Affected: 7.0(3)I7(2) Affected: 6.2(5a) Affected: 6.0(2)A6(5) Affected: 7.0(3)IM3(2b) Affected: 7.1(3)N1(1) Affected: 6.0(2)U6(4a) Affected: 7.0(3)I5(3) Affected: 7.0(3)I7(3) Affected: 6.0(2)A8(6) Affected: 7.0(3)I6(2) Affected: 8.3(1) Affected: 6.2(3) Affected: 7.1(1)N1(1) Affected: 8.1(1b) Affected: 7.3(0)N1(1b) Affected: 6.0(2)A8(5) Affected: 7.1(4)N1(1d) Affected: 7.3(2)N1(1) Affected: 6.0(2)U6(8) Affected: 7.1(1)N1(1a) Affected: 7.0(3)IM3(3) Affected: 9.3(1) Affected: 6.0(2)U6(2) Affected: 6.2(9b) Affected: 7.1(3)N1(2a) Affected: 7.3(0)N1(1a) Affected: 6.0(2)A8(7) Affected: 7.0(3)I7(6) Affected: 8.4(1) Affected: 6.2(25) Affected: 6.0(2)U6(3a) Affected: 6.0(2)A8(11a) Affected: 6.2(11e) Affected: 7.1(3)N1(5) Affected: 7.0(3)I4(8z) Affected: 6.2(11) Affected: 7.0(3)I4(9) Affected: 6.2(19) Affected: 7.1(0)N1(1b) Affected: 7.0(3)I7(4) Affected: 7.0(3)I7(7) Affected: 6.2(5b) Affected: 7.3(0)DY(1) Affected: 6.0(2)A8(9) Affected: 6.0(2)A8(1) Affected: 7.1(5)N1(1) Affected: 6.2(15) Affected: 6.0(2)A6(6) Affected: 6.0(2)A8(10a) Affected: 7.0(3)I5(1) Affected: 9.3(1z) Affected: 9.2(2) Affected: 6.2(7) Affected: 6.2(9c) Affected: 7.0(3)F3(4) Affected: 7.3(3)N1(1) Affected: 7.0(3)I4(8b) Affected: 6.0(2)A8(3) Affected: 6.2(11b) Affected: 7.0(3)I4(6t) Affected: 7.0(3)I5(3a) Affected: 8.1(1a) Affected: 6.2(13a) Affected: 6.0(2)A8(8) Affected: 7.0(3)I7(5) Affected: 7.0(3)F3(3a) Affected: 7.1(0)N1(1a) Affected: 6.0(2)A8(4) Affected: 6.0(2)A6(3a) Affected: 6.0(2)A6(5a) Affected: 7.0(3)F2(1) Affected: 7.0(3)I4(8a) Affected: 6.0(2)U6(9) Affected: 7.0(3)F3(2) Affected: 6.0(2)U6(2a) Affected: 6.2(17) Affected: 7.0(3)I4(4) Affected: 6.2(23) Affected: 6.2(13b) Affected: 6.0(2)U6(3) Affected: 7.1(2)N1(1a) Affected: 7.0(3)I7(1) Affected: 6.2(21) Affected: 7.0(3)F2(2) Affected: 7.0(3)IA7(2) Affected: 7.0(3)IA7(1) Affected: 6.0(2)A8(7b) Affected: 6.2(11c) Affected: 7.0(3)F1(1) Affected: 6.0(2)A6(1a) Affected: 7.1(0)N1(1) Affected: 6.0(2)A6(2) Affected: 7.1(4)N1(1) Affected: 6.0(2)A8(4a) Affected: 6.0(2)U6(4) Affected: 8.4(1a) Affected: 9.3(3) Affected: 7.3(7)N1(1) Affected: 6.2(31) Affected: 7.0(3)I7(8) Affected: 6.0(2)U6(10a) Affected: 7.3(7)N1(1a) Affected: 9.3(4) Affected: 6.2(33) Affected: 9.3(5) Affected: 8.4(2a) Affected: 8.4(2b) Affected: 7.3(8)N1(1) Affected: 7.0(3)I7(9) Affected: 7.3(7)N1(1b) Affected: 8.5(1) Affected: 9.3(6) Affected: 10.1(2) Affected: 10.1(1) Affected: 8.4(2c) Affected: 9.3(5w) Affected: 7.3(9)N1(1) Affected: 9.3(7) Affected: 9.3(7k) Affected: 7.0(3)I7(9w) Affected: 10.2(1) Affected: 7.3(8)N1(1a) Affected: 9.3(7a) Affected: 9.3(8) Affected: 8.4(2d) Affected: 7.3(10)N1(1) Affected: 7.0(3)I7(10) Affected: 7.3(8)N1(1b) Affected: 10.2(1q) Affected: 10.2(2) Affected: 9.3(9) Affected: 10.1(2t) Affected: 7.3(11)N1(1) Affected: 10.2(3) Affected: 10.2(3t) Affected: 8.4(2e) Affected: 9.3(10) Affected: 7.3(11)N1(1a) Affected: 10.2(2a) Affected: 7.3(12)N1(1) Affected: 9.2(1a) Affected: 10.3(1) Affected: 10.2(4) Affected: 7.3(13)N1(1) Affected: 10.3(2) Affected: 9.3(11) Affected: 10.3(3) Affected: 10.2(5) Affected: 9.4(1) Affected: 9.3(2a) Affected: 8.4(2f) Affected: 9.3(12) Affected: 10.2(3v) Affected: 10.4(1) Affected: 10.3(99w) Affected: 7.3(14)N1(1) Affected: 10.2(6) Affected: 10.3(3w) Affected: 10.3(99x) Affected: 10.3(3o) Affected: 10.3(4) Affected: 10.3(3p) Affected: 10.3(4a) Affected: 9.4(1a) Affected: 10.4(2) Affected: 10.3(3q) Affected: 9.3(13) Affected: 10.3(5) Affected: 10.2(7) Affected: 10.4(3) Affected: 10.3(3x) Affected: 10.3(4g) Affected: 10.3(3r) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20285",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-28T17:19:39.299396Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T17:19:57.207Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco NX-OS Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "7.3(6)N1(1a)"
},
{
"status": "affected",
"version": "8.4(2)"
},
{
"status": "affected",
"version": "7.3(6)N1(1)"
},
{
"status": "affected",
"version": "9.2(3)"
},
{
"status": "affected",
"version": "7.0(3)I5(2)"
},
{
"status": "affected",
"version": "8.2(1)"
},
{
"status": "affected",
"version": "6.0(2)A8(7a)"
},
{
"status": "affected",
"version": "7.0(3)I4(5)"
},
{
"status": "affected",
"version": "6.0(2)A6(1)"
},
{
"status": "affected",
"version": "7.3(1)D1(1)"
},
{
"status": "affected",
"version": "7.0(3)I4(6)"
},
{
"status": "affected",
"version": "7.3(4)N1(1)"
},
{
"status": "affected",
"version": "7.0(3)I4(3)"
},
{
"status": "affected",
"version": "9.2(2v)"
},
{
"status": "affected",
"version": "6.0(2)A6(5b)"
},
{
"status": "affected",
"version": "7.3(0)D1(1)"
},
{
"status": "affected",
"version": "6.2(17a)"
},
{
"status": "affected",
"version": "7.0(3)I4(7)"
},
{
"status": "affected",
"version": "6.0(2)U6(1a)"
},
{
"status": "affected",
"version": "7.1(5)N1(1b)"
},
{
"status": "affected",
"version": "7.0(3)I4(1)"
},
{
"status": "affected",
"version": "7.0(3)I4(8)"
},
{
"status": "affected",
"version": "7.0(3)I4(2)"
},
{
"status": "affected",
"version": "7.1(4)N1(1c)"
},
{
"status": "affected",
"version": "7.0(3)IM3(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(5a)"
},
{
"status": "affected",
"version": "6.0(2)A8(11)"
},
{
"status": "affected",
"version": "6.0(2)A6(4a)"
},
{
"status": "affected",
"version": "6.2(9)"
},
{
"status": "affected",
"version": "6.2(5)"
},
{
"status": "affected",
"version": "9.2(1)"
},
{
"status": "affected",
"version": "9.2(2t)"
},
{
"status": "affected",
"version": "9.2(3y)"
},
{
"status": "affected",
"version": "7.0(3)I4(1t)"
},
{
"status": "affected",
"version": "6.0(2)U6(5c)"
},
{
"status": "affected",
"version": "6.0(2)A6(4)"
},
{
"status": "affected",
"version": "7.0(3)I7(6z)"
},
{
"status": "affected",
"version": "9.3(2)"
},
{
"status": "affected",
"version": "7.3(1)DY(1)"
},
{
"status": "affected",
"version": "7.0(3)F3(3)"
},
{
"status": "affected",
"version": "6.0(2)U6(6)"
},
{
"status": "affected",
"version": "6.2(29)"
},
{
"status": "affected",
"version": "7.0(3)I7(3z)"
},
{
"status": "affected",
"version": "7.0(3)IM7(2)"
},
{
"status": "affected",
"version": "6.0(2)A8(11b)"
},
{
"status": "affected",
"version": "6.2(9a)"
},
{
"status": "affected",
"version": "7.3(0)N1(1)"
},
{
"status": "affected",
"version": "7.0(3)I7(5a)"
},
{
"status": "affected",
"version": "6.2(11d)"
},
{
"status": "affected",
"version": "7.0(3)I6(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(10)"
},
{
"status": "affected",
"version": "7.0(3)IM3(2)"
},
{
"status": "affected",
"version": "6.0(2)A6(8)"
},
{
"status": "affected",
"version": "6.0(2)U6(1)"
},
{
"status": "affected",
"version": "7.3(2)N1(1c)"
},
{
"status": "affected",
"version": "7.0(3)I5(3b)"
},
{
"status": "affected",
"version": "7.3(5)N1(1)"
},
{
"status": "affected",
"version": "6.0(2)A6(2a)"
},
{
"status": "affected",
"version": "7.3(2)N1(1b)"
},
{
"status": "affected",
"version": "6.2(27)"
},
{
"status": "affected",
"version": "7.3(1)N1(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(7)"
},
{
"status": "affected",
"version": "9.2(4)"
},
{
"status": "affected",
"version": "7.1(4)N1(1a)"
},
{
"status": "affected",
"version": "8.1(1)"
},
{
"status": "affected",
"version": "7.1(3)N1(4)"
},
{
"status": "affected",
"version": "7.0(3)IM3(2a)"
},
{
"status": "affected",
"version": "6.0(2)A8(10)"
},
{
"status": "affected",
"version": "7.1(3)N1(2)"
},
{
"status": "affected",
"version": "8.2(2)"
},
{
"status": "affected",
"version": "6.2(13)"
},
{
"status": "affected",
"version": "6.0(2)A8(2)"
},
{
"status": "affected",
"version": "7.0(3)IC4(4)"
},
{
"status": "affected",
"version": "6.2(1)"
},
{
"status": "affected",
"version": "8.3(2)"
},
{
"status": "affected",
"version": "7.3(4)N1(1a)"
},
{
"status": "affected",
"version": "6.0(2)A6(3)"
},
{
"status": "affected",
"version": "6.0(2)U6(5b)"
},
{
"status": "affected",
"version": "7.0(3)F3(3c)"
},
{
"status": "affected",
"version": "7.0(3)F3(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(5)"
},
{
"status": "affected",
"version": "7.0(3)F3(5)"
},
{
"status": "affected",
"version": "7.1(2)N1(1)"
},
{
"status": "affected",
"version": "7.1(3)N1(3)"
},
{
"status": "affected",
"version": "6.0(2)A6(7)"
},
{
"status": "affected",
"version": "7.0(3)I7(2)"
},
{
"status": "affected",
"version": "6.2(5a)"
},
{
"status": "affected",
"version": "6.0(2)A6(5)"
},
{
"status": "affected",
"version": "7.0(3)IM3(2b)"
},
{
"status": "affected",
"version": "7.1(3)N1(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(4a)"
},
{
"status": "affected",
"version": "7.0(3)I5(3)"
},
{
"status": "affected",
"version": "7.0(3)I7(3)"
},
{
"status": "affected",
"version": "6.0(2)A8(6)"
},
{
"status": "affected",
"version": "7.0(3)I6(2)"
},
{
"status": "affected",
"version": "8.3(1)"
},
{
"status": "affected",
"version": "6.2(3)"
},
{
"status": "affected",
"version": "7.1(1)N1(1)"
},
{
"status": "affected",
"version": "8.1(1b)"
},
{
"status": "affected",
"version": "7.3(0)N1(1b)"
},
{
"status": "affected",
"version": "6.0(2)A8(5)"
},
{
"status": "affected",
"version": "7.1(4)N1(1d)"
},
{
"status": "affected",
"version": "7.3(2)N1(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(8)"
},
{
"status": "affected",
"version": "7.1(1)N1(1a)"
},
{
"status": "affected",
"version": "7.0(3)IM3(3)"
},
{
"status": "affected",
"version": "9.3(1)"
},
{
"status": "affected",
"version": "6.0(2)U6(2)"
},
{
"status": "affected",
"version": "6.2(9b)"
},
{
"status": "affected",
"version": "7.1(3)N1(2a)"
},
{
"status": "affected",
"version": "7.3(0)N1(1a)"
},
{
"status": "affected",
"version": "6.0(2)A8(7)"
},
{
"status": "affected",
"version": "7.0(3)I7(6)"
},
{
"status": "affected",
"version": "8.4(1)"
},
{
"status": "affected",
"version": "6.2(25)"
},
{
"status": "affected",
"version": "6.0(2)U6(3a)"
},
{
"status": "affected",
"version": "6.0(2)A8(11a)"
},
{
"status": "affected",
"version": "6.2(11e)"
},
{
"status": "affected",
"version": "7.1(3)N1(5)"
},
{
"status": "affected",
"version": "7.0(3)I4(8z)"
},
{
"status": "affected",
"version": "6.2(11)"
},
{
"status": "affected",
"version": "7.0(3)I4(9)"
},
{
"status": "affected",
"version": "6.2(19)"
},
{
"status": "affected",
"version": "7.1(0)N1(1b)"
},
{
"status": "affected",
"version": "7.0(3)I7(4)"
},
{
"status": "affected",
"version": "7.0(3)I7(7)"
},
{
"status": "affected",
"version": "6.2(5b)"
},
{
"status": "affected",
"version": "7.3(0)DY(1)"
},
{
"status": "affected",
"version": "6.0(2)A8(9)"
},
{
"status": "affected",
"version": "6.0(2)A8(1)"
},
{
"status": "affected",
"version": "7.1(5)N1(1)"
},
{
"status": "affected",
"version": "6.2(15)"
},
{
"status": "affected",
"version": "6.0(2)A6(6)"
},
{
"status": "affected",
"version": "6.0(2)A8(10a)"
},
{
"status": "affected",
"version": "7.0(3)I5(1)"
},
{
"status": "affected",
"version": "9.3(1z)"
},
{
"status": "affected",
"version": "9.2(2)"
},
{
"status": "affected",
"version": "6.2(7)"
},
{
"status": "affected",
"version": "6.2(9c)"
},
{
"status": "affected",
"version": "7.0(3)F3(4)"
},
{
"status": "affected",
"version": "7.3(3)N1(1)"
},
{
"status": "affected",
"version": "7.0(3)I4(8b)"
},
{
"status": "affected",
"version": "6.0(2)A8(3)"
},
{
"status": "affected",
"version": "6.2(11b)"
},
{
"status": "affected",
"version": "7.0(3)I4(6t)"
},
{
"status": "affected",
"version": "7.0(3)I5(3a)"
},
{
"status": "affected",
"version": "8.1(1a)"
},
{
"status": "affected",
"version": "6.2(13a)"
},
{
"status": "affected",
"version": "6.0(2)A8(8)"
},
{
"status": "affected",
"version": "7.0(3)I7(5)"
},
{
"status": "affected",
"version": "7.0(3)F3(3a)"
},
{
"status": "affected",
"version": "7.1(0)N1(1a)"
},
{
"status": "affected",
"version": "6.0(2)A8(4)"
},
{
"status": "affected",
"version": "6.0(2)A6(3a)"
},
{
"status": "affected",
"version": "6.0(2)A6(5a)"
},
{
"status": "affected",
"version": "7.0(3)F2(1)"
},
{
"status": "affected",
"version": "7.0(3)I4(8a)"
},
{
"status": "affected",
"version": "6.0(2)U6(9)"
},
{
"status": "affected",
"version": "7.0(3)F3(2)"
},
{
"status": "affected",
"version": "6.0(2)U6(2a)"
},
{
"status": "affected",
"version": "6.2(17)"
},
{
"status": "affected",
"version": "7.0(3)I4(4)"
},
{
"status": "affected",
"version": "6.2(23)"
},
{
"status": "affected",
"version": "6.2(13b)"
},
{
"status": "affected",
"version": "6.0(2)U6(3)"
},
{
"status": "affected",
"version": "7.1(2)N1(1a)"
},
{
"status": "affected",
"version": "7.0(3)I7(1)"
},
{
"status": "affected",
"version": "6.2(21)"
},
{
"status": "affected",
"version": "7.0(3)F2(2)"
},
{
"status": "affected",
"version": "7.0(3)IA7(2)"
},
{
"status": "affected",
"version": "7.0(3)IA7(1)"
},
{
"status": "affected",
"version": "6.0(2)A8(7b)"
},
{
"status": "affected",
"version": "6.2(11c)"
},
{
"status": "affected",
"version": "7.0(3)F1(1)"
},
{
"status": "affected",
"version": "6.0(2)A6(1a)"
},
{
"status": "affected",
"version": "7.1(0)N1(1)"
},
{
"status": "affected",
"version": "6.0(2)A6(2)"
},
{
"status": "affected",
"version": "7.1(4)N1(1)"
},
{
"status": "affected",
"version": "6.0(2)A8(4a)"
},
{
"status": "affected",
"version": "6.0(2)U6(4)"
},
{
"status": "affected",
"version": "8.4(1a)"
},
{
"status": "affected",
"version": "9.3(3)"
},
{
"status": "affected",
"version": "7.3(7)N1(1)"
},
{
"status": "affected",
"version": "6.2(31)"
},
{
"status": "affected",
"version": "7.0(3)I7(8)"
},
{
"status": "affected",
"version": "6.0(2)U6(10a)"
},
{
"status": "affected",
"version": "7.3(7)N1(1a)"
},
{
"status": "affected",
"version": "9.3(4)"
},
{
"status": "affected",
"version": "6.2(33)"
},
{
"status": "affected",
"version": "9.3(5)"
},
{
"status": "affected",
"version": "8.4(2a)"
},
{
"status": "affected",
"version": "8.4(2b)"
},
{
"status": "affected",
"version": "7.3(8)N1(1)"
},
{
"status": "affected",
"version": "7.0(3)I7(9)"
},
{
"status": "affected",
"version": "7.3(7)N1(1b)"
},
{
"status": "affected",
"version": "8.5(1)"
},
{
"status": "affected",
"version": "9.3(6)"
},
{
"status": "affected",
"version": "10.1(2)"
},
{
"status": "affected",
"version": "10.1(1)"
},
{
"status": "affected",
"version": "8.4(2c)"
},
{
"status": "affected",
"version": "9.3(5w)"
},
{
"status": "affected",
"version": "7.3(9)N1(1)"
},
{
"status": "affected",
"version": "9.3(7)"
},
{
"status": "affected",
"version": "9.3(7k)"
},
{
"status": "affected",
"version": "7.0(3)I7(9w)"
},
{
"status": "affected",
"version": "10.2(1)"
},
{
"status": "affected",
"version": "7.3(8)N1(1a)"
},
{
"status": "affected",
"version": "9.3(7a)"
},
{
"status": "affected",
"version": "9.3(8)"
},
{
"status": "affected",
"version": "8.4(2d)"
},
{
"status": "affected",
"version": "7.3(10)N1(1)"
},
{
"status": "affected",
"version": "7.0(3)I7(10)"
},
{
"status": "affected",
"version": "7.3(8)N1(1b)"
},
{
"status": "affected",
"version": "10.2(1q)"
},
{
"status": "affected",
"version": "10.2(2)"
},
{
"status": "affected",
"version": "9.3(9)"
},
{
"status": "affected",
"version": "10.1(2t)"
},
{
"status": "affected",
"version": "7.3(11)N1(1)"
},
{
"status": "affected",
"version": "10.2(3)"
},
{
"status": "affected",
"version": "10.2(3t)"
},
{
"status": "affected",
"version": "8.4(2e)"
},
{
"status": "affected",
"version": "9.3(10)"
},
{
"status": "affected",
"version": "7.3(11)N1(1a)"
},
{
"status": "affected",
"version": "10.2(2a)"
},
{
"status": "affected",
"version": "7.3(12)N1(1)"
},
{
"status": "affected",
"version": "9.2(1a)"
},
{
"status": "affected",
"version": "10.3(1)"
},
{
"status": "affected",
"version": "10.2(4)"
},
{
"status": "affected",
"version": "7.3(13)N1(1)"
},
{
"status": "affected",
"version": "10.3(2)"
},
{
"status": "affected",
"version": "9.3(11)"
},
{
"status": "affected",
"version": "10.3(3)"
},
{
"status": "affected",
"version": "10.2(5)"
},
{
"status": "affected",
"version": "9.4(1)"
},
{
"status": "affected",
"version": "9.3(2a)"
},
{
"status": "affected",
"version": "8.4(2f)"
},
{
"status": "affected",
"version": "9.3(12)"
},
{
"status": "affected",
"version": "10.2(3v)"
},
{
"status": "affected",
"version": "10.4(1)"
},
{
"status": "affected",
"version": "10.3(99w)"
},
{
"status": "affected",
"version": "7.3(14)N1(1)"
},
{
"status": "affected",
"version": "10.2(6)"
},
{
"status": "affected",
"version": "10.3(3w)"
},
{
"status": "affected",
"version": "10.3(99x)"
},
{
"status": "affected",
"version": "10.3(3o)"
},
{
"status": "affected",
"version": "10.3(4)"
},
{
"status": "affected",
"version": "10.3(3p)"
},
{
"status": "affected",
"version": "10.3(4a)"
},
{
"status": "affected",
"version": "9.4(1a)"
},
{
"status": "affected",
"version": "10.4(2)"
},
{
"status": "affected",
"version": "10.3(3q)"
},
{
"status": "affected",
"version": "9.3(13)"
},
{
"status": "affected",
"version": "10.3(5)"
},
{
"status": "affected",
"version": "10.2(7)"
},
{
"status": "affected",
"version": "10.4(3)"
},
{
"status": "affected",
"version": "10.3(3x)"
},
{
"status": "affected",
"version": "10.3(4g)"
},
{
"status": "affected",
"version": "10.3(3r)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device.\r\n\r\nThe vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by manipulating specific functions within the Python interpreter. A successful exploit could allow an attacker to escape the Python sandbox and execute arbitrary commands on the underlying operating system with the privileges of the authenticated user.\u0026nbsp;\r\nNote: An attacker must be authenticated with Python execution privileges to exploit these vulnerabilities. For more information regarding Python execution privileges, see product-specific documentation, such as the section of the Cisco Nexus 9000 Series NX-OS Programmability Guide."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-653",
"description": "Insufficient Compartmentalization",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T16:37:27.149Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-nxos-psbe-ce-YvbTn5du",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-psbe-ce-YvbTn5du"
},
{
"name": "Cisco NX-OS Security with Python",
"url": "https://www.cisco.com/c/en/us/td/docs/dcn/nx-os/nexus9000/105x/programmability/cisco-nexus-9000-series-nx-os-programmability-guide-105x/m-n9k-python-api-101x.html?bookSearch=true#concept_A2CFF094ADCB414C983EA06AD8E9A410"
}
],
"source": {
"advisory": "cisco-sa-nxos-psbe-ce-YvbTn5du",
"defects": [
"CSCwh77780"
],
"discovery": "INTERNAL"
},
"title": "Cisco NX-OS Software Python Parser Escape Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20285",
"datePublished": "2024-08-28T16:37:27.149Z",
"dateReserved": "2023-11-08T15:08:07.626Z",
"dateUpdated": "2024-08-28T17:19:57.207Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20289 (GCVE-0-2024-20289)
Vulnerability from cvelistv5 – Published: 2024-08-28 16:31 – Updated: 2024-08-28 17:24
VLAI?
EPSS
Title
Cisco NX-OS Software Command Injection Vulnerability
Summary
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to execute arbitrary commands on the underlying operating system of an affected device.
This vulnerability is due to insufficient validation of arguments for a specific CLI command. An attacker could exploit this vulnerability by including crafted input as the argument of the affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privileges of the currently logged-in user.
Severity ?
4.4 (Medium)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Affected:
9.3(3)
Affected: 9.3(4) Affected: 9.3(5) Affected: 9.3(6) Affected: 10.1(2) Affected: 10.1(1) Affected: 9.3(5w) Affected: 9.3(7) Affected: 9.3(7k) Affected: 10.2(1) Affected: 9.3(7a) Affected: 9.3(8) Affected: 10.2(1q) Affected: 10.2(2) Affected: 9.3(9) Affected: 10.1(2t) Affected: 10.2(3) Affected: 10.2(3t) Affected: 9.3(10) Affected: 10.2(2a) Affected: 10.3(1) Affected: 10.2(4) Affected: 10.3(2) Affected: 9.3(11) Affected: 10.3(3) Affected: 10.2(5) Affected: 9.3(12) Affected: 10.2(3v) Affected: 10.4(1) Affected: 10.3(99w) Affected: 10.2(6) Affected: 10.3(3w) Affected: 10.3(99x) Affected: 10.3(3o) Affected: 10.3(4) Affected: 10.3(3p) Affected: 10.3(4a) Affected: 10.4(2) Affected: 10.3(3q) Affected: 10.3(3x) Affected: 10.3(4g) Affected: 10.3(3r) |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20289",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-28T17:24:09.815266Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T17:24:18.101Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco NX-OS Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "9.3(3)"
},
{
"status": "affected",
"version": "9.3(4)"
},
{
"status": "affected",
"version": "9.3(5)"
},
{
"status": "affected",
"version": "9.3(6)"
},
{
"status": "affected",
"version": "10.1(2)"
},
{
"status": "affected",
"version": "10.1(1)"
},
{
"status": "affected",
"version": "9.3(5w)"
},
{
"status": "affected",
"version": "9.3(7)"
},
{
"status": "affected",
"version": "9.3(7k)"
},
{
"status": "affected",
"version": "10.2(1)"
},
{
"status": "affected",
"version": "9.3(7a)"
},
{
"status": "affected",
"version": "9.3(8)"
},
{
"status": "affected",
"version": "10.2(1q)"
},
{
"status": "affected",
"version": "10.2(2)"
},
{
"status": "affected",
"version": "9.3(9)"
},
{
"status": "affected",
"version": "10.1(2t)"
},
{
"status": "affected",
"version": "10.2(3)"
},
{
"status": "affected",
"version": "10.2(3t)"
},
{
"status": "affected",
"version": "9.3(10)"
},
{
"status": "affected",
"version": "10.2(2a)"
},
{
"status": "affected",
"version": "10.3(1)"
},
{
"status": "affected",
"version": "10.2(4)"
},
{
"status": "affected",
"version": "10.3(2)"
},
{
"status": "affected",
"version": "9.3(11)"
},
{
"status": "affected",
"version": "10.3(3)"
},
{
"status": "affected",
"version": "10.2(5)"
},
{
"status": "affected",
"version": "9.3(12)"
},
{
"status": "affected",
"version": "10.2(3v)"
},
{
"status": "affected",
"version": "10.4(1)"
},
{
"status": "affected",
"version": "10.3(99w)"
},
{
"status": "affected",
"version": "10.2(6)"
},
{
"status": "affected",
"version": "10.3(3w)"
},
{
"status": "affected",
"version": "10.3(99x)"
},
{
"status": "affected",
"version": "10.3(3o)"
},
{
"status": "affected",
"version": "10.3(4)"
},
{
"status": "affected",
"version": "10.3(3p)"
},
{
"status": "affected",
"version": "10.3(4a)"
},
{
"status": "affected",
"version": "10.4(2)"
},
{
"status": "affected",
"version": "10.3(3q)"
},
{
"status": "affected",
"version": "10.3(3x)"
},
{
"status": "affected",
"version": "10.3(4g)"
},
{
"status": "affected",
"version": "10.3(3r)"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco NX-OS System Software in ACI Mode",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "16.0(2h)"
},
{
"status": "affected",
"version": "16.0(2j)"
},
{
"status": "affected",
"version": "16.0(3d)"
},
{
"status": "affected",
"version": "16.0(3e)"
},
{
"status": "affected",
"version": "16.0(4c)"
},
{
"status": "affected",
"version": "16.0(5h)"
},
{
"status": "affected",
"version": "16.0(3g)"
},
{
"status": "affected",
"version": "16.0(5j)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to execute arbitrary commands on the underlying operating system of an affected device.\u0026nbsp;\r\n\r\nThis vulnerability is due to insufficient validation of arguments for a specific CLI command. An attacker could exploit this vulnerability by including crafted input as the argument of the affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privileges of the currently logged-in user."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T16:31:23.856Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-nxos-cmdinj-Lq6jsZhH",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-cmdinj-Lq6jsZhH"
}
],
"source": {
"advisory": "cisco-sa-nxos-cmdinj-Lq6jsZhH",
"defects": [
"CSCwh77786"
],
"discovery": "INTERNAL"
},
"title": "Cisco NX-OS Software Command Injection Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20289",
"datePublished": "2024-08-28T16:31:23.856Z",
"dateReserved": "2023-11-08T15:08:07.627Z",
"dateUpdated": "2024-08-28T17:24:18.101Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20446 (GCVE-0-2024-20446)
Vulnerability from cvelistv5 – Published: 2024-08-28 16:31 – Updated: 2024-08-28 18:49
VLAI?
EPSS
Title
Cisco NX-OS Software DHCPv6 Relay Agent Denial of Service Vulnerability
Summary
A vulnerability in the DHCPv6 relay agent of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
This vulnerability is due to improper handling of specific fields in a DHCPv6 RELAY-REPLY message. An attacker could exploit this vulnerability by sending a crafted DHCPv6 packet to any IPv6 address that is configured on an affected device. A successful exploit could allow the attacker to cause the dhcp_snoop process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition.
Severity ?
8.6 (High)
CWE
- CWE-476 - NULL Pointer Dereference
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Affected:
10.2(1)
Affected: 10.2(1q) Affected: 9.3(9) Affected: 8.2(11) |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:cisco:nx-os:10.2\\(1\\):*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "nx-os",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "10.2\\(1\\)"
}
]
},
{
"cpes": [
"cpe:2.3:o:cisco:nx-os:10.2\\(1q\\):*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "nx-os",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "10.2\\(1q\\)"
}
]
},
{
"cpes": [
"cpe:2.3:o:cisco:nx-os:9.3\\(9\\):*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "nx-os",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "9.3\\(9\\)"
}
]
},
{
"cpes": [
"cpe:2.3:o:cisco:nx-os:8.2\\(11\\):*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "nx-os",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "8.2\\(11\\)"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20446",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-28T18:45:44.020456Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T18:49:32.927Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco NX-OS Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "10.2(1)"
},
{
"status": "affected",
"version": "10.2(1q)"
},
{
"status": "affected",
"version": "9.3(9)"
},
{
"status": "affected",
"version": "8.2(11)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the DHCPv6 relay agent of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r\nThis vulnerability is due to improper handling of specific fields in a DHCPv6 RELAY-REPLY message. An attacker could exploit this vulnerability by sending a crafted DHCPv6 packet to any IPv6 address that is configured on an affected device. A successful exploit could allow the attacker to cause the dhcp_snoop process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "NULL Pointer Dereference",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T16:31:32.514Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-nxos-dhcp6-relay-dos-znEAA6xn",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-dhcp6-relay-dos-znEAA6xn"
}
],
"source": {
"advisory": "cisco-sa-nxos-dhcp6-relay-dos-znEAA6xn",
"defects": [
"CSCwk27906"
],
"discovery": "EXTERNAL"
},
"title": "Cisco NX-OS Software DHCPv6 Relay Agent Denial of Service Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20446",
"datePublished": "2024-08-28T16:31:32.514Z",
"dateReserved": "2023-11-08T15:08:07.678Z",
"dateUpdated": "2024-08-28T18:49:32.927Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…