First published: Wed May 15 2019(Updated: )
A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to bypass the limited command set of the restricted Guest Shell and execute commands at the privilege level of a network-admin user outside of the Guest Shell. The attacker must authenticate with valid administrator device credentials. The vulnerability is due to the incorrect implementation of a CLI command that allows a Bash command to be incorrectly invoked on the Guest Shell CLI. An attacker could exploit this vulnerability by authenticating to the device and entering a crafted command at the Guest Shell prompt. A successful exploit could allow the attacker to issue commands that should be restricted by a Guest Shell account. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-bash-bypass
Affected Software | Affected Version | How to fix |
---|---|---|
Cisco NX-OS Software |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
It is a vulnerability in the Bash shell implementation for Cisco NX-OS Software that allows an authenticated, local attacker to bypass the limited command set of the restricted Guest Shell and execute commands at the privilege level of a network-admin user outside of the Guest Shell.
The vulnerability allows an attacker to bypass the restricted Guest Shell and run commands with the network-admin privilege level.
The severity of this vulnerability is medium with a severity value of 6 out of 10.
The attacker needs to have authenticated access to the target device and can then exploit the vulnerability to execute unauthorized commands.
There is no specific remedy provided by Cisco for this vulnerability, but updating the affected software to the latest version may mitigate the risk.