{"containers": {"cna": {"affected": [{"product": "Cisco NX-OS Software", "vendor": "Cisco", "versions": [{"lessThan": "8.3(1)", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "datePublic": "2019-05-15T00:00:00", "descriptions": [{"lang": "en", "value": "A vulnerability in the SSH CLI key management functionality of Cisco NX-OS Software could allow an authenticated, local attacker to expose a user's private SSH key to all authenticated users on the targeted device. The attacker must authenticate with valid administrator device credentials. The vulnerability is due to incomplete error handling if a specific error type occurs during the SSH key export. An attacker could exploit this vulnerability by authenticating to the device and entering a crafted command at the CLI. A successful exploit could allow the attacker to expose a user's private SSH key. In addition, a similar type of error in the SSH key import could cause the passphrase-protected private SSH key to be imported unintentionally."}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "}], "metrics": [{"cvssV3_0": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-200", "description": "CWE-200", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2019-05-17T06:06:02", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "20190515 Cisco NX-OS Software SSH Key Information Disclosure Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-ssh-info"}, {"name": "108353", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/108353"}], "source": {"advisory": "cisco-sa-20190515-nxos-ssh-info", "defect": [["CSCvh76123", "CSCvj01385", "CSCvj01386", "CSCvj01393"]], "discovery": "INTERNAL"}, "title": "Cisco NX-OS Software SSH Key Information Disclosure Vulnerability", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "DATE_PUBLIC": "2019-05-15T16:00:00-0700", "ID": "CVE-2019-1731", "STATE": "PUBLIC", "TITLE": "Cisco NX-OS Software SSH Key Information Disclosure Vulnerability"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Cisco NX-OS Software", "version": {"version_data": [{"affected": "<", "version_affected": "<", "version_value": "8.3(1)"}]}}]}, "vendor_name": "Cisco"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability in the SSH CLI key management functionality of Cisco NX-OS Software could allow an authenticated, local attacker to expose a user's private SSH key to all authenticated users on the targeted device. The attacker must authenticate with valid administrator device credentials. The vulnerability is due to incomplete error handling if a specific error type occurs during the SSH key export. An attacker could exploit this vulnerability by authenticating to the device and entering a crafted command at the CLI. A successful exploit could allow the attacker to expose a user's private SSH key. In addition, a similar type of error in the SSH key import could cause the passphrase-protected private SSH key to be imported unintentionally."}]}, "exploit": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "}], "impact": {"cvss": {"baseScore": "5.1", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N ", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-200"}]}]}, "references": {"reference_data": [{"name": "20190515 Cisco NX-OS Software SSH Key Information Disclosure Vulnerability", "refsource": "CISCO", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-ssh-info"}, {"name": "108353", "refsource": "BID", "url": "http://www.securityfocus.com/bid/108353"}]}, "source": {"advisory": "cisco-sa-20190515-nxos-ssh-info", "defect": [["CSCvh76123", "CSCvj01385", "CSCvj01386", "CSCvj01393"]], "discovery": "INTERNAL"}}}}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2019-1731", "datePublished": "2019-05-15T00:00:00", "dateReserved": "2018-12-06T00:00:00", "dateUpdated": "2019-05-17T06:06:02", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "92B576CF-5EAD-4830-A7B7-ACC434349691", "versionEndExcluding": "7.0\\(3\\)i4\\(9\\)", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "EF06D835-FBE6-4866-B410-C2F66AEF68CD", "versionEndExcluding": "7.0\\(3\\)i7\\(4\\)", "versionStartIncluding": "7.0\\(3\\)i7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", "matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", "matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", "matchCriteriaId": "76C10D85-88AC-4A79-8866-BED88A0F8DF8", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", "matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", "matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", "matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", "matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", "matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", "matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", "matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", "matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", "matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", "matchCriteriaId": "7817F4E6-B2DA-4F06-95A4-AF329F594C02", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", "matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", "matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", "matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", "matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", "matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", "matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", "matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", "matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", "matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", "matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", "matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", "matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", "matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", "matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", "matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", "matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", "matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", "matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", "matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", "matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", "matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", "matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", "matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", "matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", "matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", "matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", "matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", "matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", "matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", "matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", "matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", "matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", "matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", "matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", "matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", "matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", "matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", "matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "6B1386A3-38D8-40A7-9828-AF76A910F533", "versionEndExcluding": "6.0\\(2\\)a8\\(10\\)", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "01EAB41F-6AE7-47D9-80EC-C9974E331506", "versionEndExcluding": "7.0\\(3\\)i7\\(4\\)", "versionStartIncluding": "7.0\\(3\\)i4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", "matchCriteriaId": "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", "matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", "matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", "matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "EA0C7252-4931-47EF-9AFD-0CE05C786613", "versionEndExcluding": "7.3\\(4\\)n1\\(1\\)", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", "matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", "matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", "matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", "matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", "matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", "matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", "matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", "matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", "matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*", "matchCriteriaId": "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*", "matchCriteriaId": "4F557E38-09F6-42C6-BABA-3C3168B38BBA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "96BFEE5D-EF9F-4C21-BC51-FBA71029A6A7", "versionEndExcluding": "7.0\\(3\\)f3\\(5\\)", "versionStartIncluding": "7.0\\(3\\)", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", "matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", "matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", "matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", "matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", "matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A vulnerability in the SSH CLI key management functionality of Cisco NX-OS Software could allow an authenticated, local attacker to expose a user's private SSH key to all authenticated users on the targeted device. The attacker must authenticate with valid administrator device credentials. The vulnerability is due to incomplete error handling if a specific error type occurs during the SSH key export. An attacker could exploit this vulnerability by authenticating to the device and entering a crafted command at the CLI. A successful exploit could allow the attacker to expose a user's private SSH key. In addition, a similar type of error in the SSH key import could cause the passphrase-protected private SSH key to be imported unintentionally."}, {"lang": "es", "value": "Una vulnerabilidad en la funcionalidad de administraci\u00f3n de claves CLI SSH del software Cisco NX-OS podr\u00eda permitir que un atacante local autorizado exponga la clave SSH privada de un usuario a todos los usuarios autorizados en el dispositivo de destino. El atacante debe identificarse con credenciales de dispositivo de administrador v\u00e1lidas. La vulnerabilidad se debe a un manejo de errores incompleto si se produce un tipo de error espec\u00edfico durante la exportaci\u00f3n de la clave SSH. Un atacante podr\u00eda explotar esta vulnerabilidad al identificarse en el dispositivo e ingresar un comando creado en la CLI. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante exponer la clave SSH privada de un usuario. Adem\u00e1s, un tipo de error similar en la importaci\u00f3n de la clave SSH podr\u00eda hacer que la clave privada SSH protegida por contrase\u00f1a se importara involuntariamente."}], "id": "CVE-2019-1731", "lastModified": "2020-10-09T17:14:10.087", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 0.8, "impactScore": 4.2, "source": "ykramarz@cisco.com", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-05-15T17:29:01.780", "references": [{"source": "ykramarz@cisco.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/108353"}, {"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-ssh-info"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-755"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-200"}], "source": "ykramarz@cisco.com", "type": "Secondary"}]}

{}