{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-30T05:04:57.029","vulnerabilities":[{"cve":{"id":"CVE-2019-1803","sourceIdentifier":"psirt@cisco.com","published":"2019-05-03T17:29:00.737","lastModified":"2024-11-21T04:37:24.733","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the filesystem management for the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an authenticated, local attacker with administrator rights to gain elevated privileges as the root user on an affected device. The vulnerability is due to overly permissive file permissions of specific system files. An attacker could exploit this vulnerability by authenticating to an affected device, creating a crafted command string, and writing this crafted string to a specific file location. A successful exploit could allow the attacker to execute arbitrary operating system commands as root on an affected device. The attacker would need to have valid administrator credentials for the device."},{"lang":"es","value":"Una vulnerabilidad en la administración del sistema de archivos para el programa Cisco Nexus 9000 Series Application Centric Infrastructure (ACI), podría permitir a un atacante local autorizado con derechos de administrador conseguir privilegios elevados como usuario tipo root en un dispositivo afectado. La vulnerabilidad se debe a los permisos de archivos excesivamente flexibles de archivos específicos del sistema. Un atacante podría aprovechar esta vulnerabilidad al identificarse en un dispositivo afectado, crear una cadena de comandos creada y escribir esta cadena en una ubicación específica del archivo. Una operación exito podría permitir al atacante ejecutar comandos de sistema operativo arbitrarios tipo root en un dispositivo afectado. El atacante debería tener credenciales de administrador válidas para el dispositivo."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":6.7,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.8,"impactScore":5.9}],"cvssMetricV30":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","baseScore":7.2,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":3.9,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-264"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-732"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:nexus_9000_series_application_centric_infrastructure:-:*:*:*:*:*:*:*","matchCriteriaId":"1F856D67-3314-4B08-BD96-DACBFEA6979B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*","matchCriteriaId":"A90184B3-C82F-4CE5-B2AD-97D5E4690871"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*","matchCriteriaId":"07DE6F63-2C7D-415B-8C34-01EC05C062F3"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*","matchCriteriaId":"F423E45D-A6DD-4305-9C6A-EAB26293E53A"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*","matchCriteriaId":"E952A96A-0F48-4357-B7DD-1127D8827650"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_93180tc-ex:-:*:*:*:*:*:*:*","matchCriteriaId":"B7DB6FC5-762A-4F16-AE8C-69330EFCF640"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*","matchCriteriaId":"F70D81F1-8B12-4474-9060-B4934D8A3873"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*","matchCriteriaId":"7349D69B-D8FA-4462-AA28-69DD18A652D9"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*","matchCriteriaId":"113772B6-E9D2-4094-9468-3F4E1A87D07D"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*","matchCriteriaId":"F1FC2B1F-232E-4754-8076-CC82F3648730"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*","matchCriteriaId":"785FD17C-F32E-4042-9DDE-A89B3AAE0334"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*","matchCriteriaId":"17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*","matchCriteriaId":"63842B25-8C32-4988-BBBD-61E9CB09B4F3"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*","matchCriteriaId":"4364ADB9-8162-451D-806A-B98924E6B2CF"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*","matchCriteriaId":"B53BCB42-ED61-4FCF-8068-CB467631C63C"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*","matchCriteriaId":"49E0371B-FDE2-473C-AA59-47E1269D050F"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*","matchCriteriaId":"489D11EC-5A18-4F32-BC7C-AC1FCEC27222"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*","matchCriteriaId":"1BC5293E-F2B4-46DC-85DA-167EA323FCFD"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*","matchCriteriaId":"EA022E77-6557-4A33-9A3A-D028E2DB669A"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*","matchCriteriaId":"768BE390-5ED5-48A7-9E80-C4DE8BA979B1"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*","matchCriteriaId":"DDC2F709-AFBE-48EA-A3A2-DA1134534FB6"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*","matchCriteriaId":"7E02DC82-0D26-436F-BA64-73C958932B0A"}]}]}],"references":[{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-nexus9k-rpe","source":"psirt@cisco.com","tags":["Vendor Advisory"]},{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-nexus9k-rpe","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}