{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-28T04:34:53.465","vulnerabilities":[{"cve":{"id":"CVE-2019-1585","sourceIdentifier":"psirt@cisco.com","published":"2019-03-06T21:29:00.323","lastModified":"2024-11-21T04:36:51.620","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the controller authorization functionality of Cisco Nexus 9000 Series ACI Mode Switch Software could allow an authenticated, local attacker to escalate standard users with root privilege on an affected device. The vulnerability is due to a misconfiguration of certain sudoers files for the bashroot component on an affected device. An attacker could exploit this vulnerability by authenticating to the affected device with a crafted user ID, which may allow temporary administrative access to escalate privileges. A successful exploit could allow the attacker to escalate privileges on an affected device. This Vulnerability has been fixed in version 4.0(1h)"},{"lang":"es","value":"Una vulnerabilidad en la funcionalidad de autorización de Cisco Nexus 9000 Series ACI Mode Switch Software puede permitir a un atacante local autenticado escalar usuarios estándares con privilegios root en un dispositivo afectado. La vulnerabilidad se debe a una mala configuración de determinados archivos sudoers para el componente bashroot en un dispositivo afectado. Un atacante podría explotar esta vulnerabilidad autenticándose en el dispositivo afectado con un ID de usuario manipulado, el cual podría permitir el acceso del administrador temporal para escalar privilegios. Un exploit exitoso podría permitir que el atacante escale sus privilegios en el dispositivo afectado. Esta vulnerabilidad se ha solucionado en la versión 4.0(1h)."}],"metrics":{"cvssMetricV30":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":6.7,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.8,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","baseScore":7.2,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":3.9,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-16"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-16"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:nx-os:8.3\\(0\\)sk\\(0.39\\):*:*:*:*:*:*:*","matchCriteriaId":"39E9A017-225B-4FCB-A5AA-8CEA1435A1AE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*","matchCriteriaId":"4283E433-7F8C-4410-B565-471415445811"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*","matchCriteriaId":"D5B2E4C1-2627-4B9D-8E92-4B483F647651"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*","matchCriteriaId":"11411BFD-3F4D-4309-AB35-A3629A360FB0"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*","matchCriteriaId":"E663DE91-C86D-48DC-B771-FA72A8DF7A7C"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*","matchCriteriaId":"A90184B3-C82F-4CE5-B2AD-97D5E4690871"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*","matchCriteriaId":"07DE6F63-2C7D-415B-8C34-01EC05C062F3"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*","matchCriteriaId":"F423E45D-A6DD-4305-9C6A-EAB26293E53A"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*","matchCriteriaId":"F70D81F1-8B12-4474-9060-B4934D8A3873"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*","matchCriteriaId":"113772B6-E9D2-4094-9468-3F4E1A87D07D"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*","matchCriteriaId":"785FD17C-F32E-4042-9DDE-A89B3AAE0334"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*","matchCriteriaId":"4364ADB9-8162-451D-806A-B98924E6B2CF"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*","matchCriteriaId":"49E0371B-FDE2-473C-AA59-47E1269D050F"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*","matchCriteriaId":"1BC5293E-F2B4-46DC-85DA-167EA323FCFD"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*","matchCriteriaId":"EA022E77-6557-4A33-9A3A-D028E2DB669A"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_9500:-:*:*:*:*:*:*:*","matchCriteriaId":"63BE0266-1C00-4D6A-AD96-7F82532ABAA7"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*","matchCriteriaId":"768BE390-5ED5-48A7-9E80-C4DE8BA979B1"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*","matchCriteriaId":"DDC2F709-AFBE-48EA-A3A2-DA1134534FB6"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*","matchCriteriaId":"7E02DC82-0D26-436F-BA64-73C958932B0A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:application_policy_infrastructure_controller_software:*:*:*:*:*:*:*:*","versionEndIncluding":"4.0\\(1h\\)","matchCriteriaId":"0CA33812-34D5-4A3D-95A4-D949DE9AC25E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*","matchCriteriaId":"4283E433-7F8C-4410-B565-471415445811"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*","matchCriteriaId":"D5B2E4C1-2627-4B9D-8E92-4B483F647651"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*","matchCriteriaId":"11411BFD-3F4D-4309-AB35-A3629A360FB0"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*","matchCriteriaId":"E663DE91-C86D-48DC-B771-FA72A8DF7A7C"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*","matchCriteriaId":"A90184B3-C82F-4CE5-B2AD-97D5E4690871"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*","matchCriteriaId":"07DE6F63-2C7D-415B-8C34-01EC05C062F3"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*","matchCriteriaId":"F423E45D-A6DD-4305-9C6A-EAB26293E53A"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*","matchCriteriaId":"F70D81F1-8B12-4474-9060-B4934D8A3873"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*","matchCriteriaId":"113772B6-E9D2-4094-9468-3F4E1A87D07D"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*","matchCriteriaId":"785FD17C-F32E-4042-9DDE-A89B3AAE0334"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*","matchCriteriaId":"4364ADB9-8162-451D-806A-B98924E6B2CF"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*","matchCriteriaId":"49E0371B-FDE2-473C-AA59-47E1269D050F"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*","matchCriteriaId":"1BC5293E-F2B4-46DC-85DA-167EA323FCFD"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*","matchCriteriaId":"EA022E77-6557-4A33-9A3A-D028E2DB669A"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_9500:-:*:*:*:*:*:*:*","matchCriteriaId":"63BE0266-1C00-4D6A-AD96-7F82532ABAA7"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*","matchCriteriaId":"768BE390-5ED5-48A7-9E80-C4DE8BA979B1"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*","matchCriteriaId":"DDC2F709-AFBE-48EA-A3A2-DA1134534FB6"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*","matchCriteriaId":"7E02DC82-0D26-436F-BA64-73C958932B0A"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/107312","source":"psirt@cisco.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-aci-controller-privsec","source":"psirt@cisco.com","tags":["Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/107312","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-aci-controller-privsec","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}