Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ciscoCiscoCISCO-SA-20190306-ACI-SHELL-ESCAPE
HistoryMar 06, 2019 - 4:00 p.m.

Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Shell Escape Vulnerability

2019-03-0616:00:00
tools.cisco.com
77

EPSS

0

Percentile

5.2%

JSON

A vulnerability in a specific CLI command implementation of Cisco Nexus 9000 Series ACI Mode Switch Software could allow an authenticated, local attacker to escape a restricted shell on an affected device.

The vulnerability is due to insufficient sanitization of user-supplied input when issuing a specific CLI command with parameters on an affected device. An attacker could exploit this vulnerability by authenticating to the device CLI and issuing certain commands. A successful exploit could allow the attacker to escape the restricted shell and execute arbitrary commands with root-level privileges on the affected device.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-aci-shell-escape [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-aci-shell-escape”]
This advisory is part of the March 2019 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication, which includes 25 Cisco Security Advisories that describe 26 vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication [“https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-70757”].

Affected configurations

Vulners
Node
cisconx_osMatch11.0
OR
cisconx_osMatch11.1
OR
cisconx_osMatch11.2
OR
cisconx_osMatch12.0
OR
cisconx_osMatch12.1
OR
cisconx_osMatch12.2
OR
cisconx_osMatch12.3
OR
cisconx_osMatch13.0
OR
cisconx_osMatch13.1
OR
cisconx_osMatch13.2
OR
cisconx_osMatch11.3
OR
cisconx_osMatch14.0
OR
cisconx_osMatch11.0\(1b\)
OR
cisconx_osMatch11.0\(1c\)
OR
cisconx_osMatch11.0\(1d\)
OR
cisconx_osMatch11.0\(1e\)
OR
cisconx_osMatch11.0\(2j\)
OR
cisconx_osMatch11.0\(2m\)
OR
cisconx_osMatch11.0\(3f\)
OR
cisconx_osMatch11.0\(3i\)
OR
cisconx_osMatch11.0\(3k\)
OR
cisconx_osMatch11.0\(3n\)
OR
cisconx_osMatch11.0\(3o\)
OR
cisconx_osMatch11.0\(4h\)
OR
cisconx_osMatch11.0\(4o\)
OR
cisconx_osMatch11.0\(4q\)
OR
cisconx_osMatch11.1\(1j\)
OR
cisconx_osMatch11.1\(1o\)
OR
cisconx_osMatch11.1\(1r\)
OR
cisconx_osMatch11.1\(1s\)
OR
cisconx_osMatch11.1\(2h\)
OR
cisconx_osMatch11.1\(2i\)
OR
cisconx_osMatch11.1\(3f\)
OR
cisconx_osMatch11.1\(4e\)
OR
cisconx_osMatch11.1\(4f\)
OR
cisconx_osMatch11.1\(4g\)
OR
cisconx_osMatch11.1\(4i\)
OR
cisconx_osMatch11.1\(4l\)
OR
cisconx_osMatch11.1\(4m\)
OR
cisconx_osMatch11.2\(1i\)
OR
cisconx_osMatch11.2\(2g\)
OR
cisconx_osMatch11.2\(3c\)
OR
cisconx_osMatch11.2\(2h\)
OR
cisconx_osMatch11.2\(2i\)
OR
cisconx_osMatch11.2\(3e\)
OR
cisconx_osMatch11.2\(3h\)
OR
cisconx_osMatch11.2\(3m\)
OR
cisconx_osMatch11.2\(1k\)
OR
cisconx_osMatch11.2\(1m\)
OR
cisconx_osMatch11.2\(2j\)
OR
cisconx_osMatch12.0\(1m\)
OR
cisconx_osMatch12.0\(2g\)
OR
cisconx_osMatch12.0\(1n\)
OR
cisconx_osMatch12.0\(1o\)
OR
cisconx_osMatch12.0\(1p\)
OR
cisconx_osMatch12.0\(1q\)
OR
cisconx_osMatch12.0\(2h\)
OR
cisconx_osMatch12.0\(2l\)
OR
cisconx_osMatch12.0\(2m\)
OR
cisconx_osMatch12.0\(2n\)
OR
cisconx_osMatch12.0\(2o\)
OR
cisconx_osMatch12.0\(2f\)
OR
cisconx_osMatch12.0\(1r\)
OR
cisconx_osMatch12.1\(1h\)
OR
cisconx_osMatch12.1\(2e\)
OR
cisconx_osMatch12.1\(3g\)
OR
cisconx_osMatch12.1\(4a\)
OR
cisconx_osMatch12.1\(1i\)
OR
cisconx_osMatch12.1\(2g\)
OR
cisconx_osMatch12.1\(2k\)
OR
cisconx_osMatch12.1\(3h\)
OR
cisconx_osMatch12.1\(3j\)
OR
cisconx_osMatch12.2\(1n\)
OR
cisconx_osMatch12.2\(2e\)
OR
cisconx_osMatch12.2\(3j\)
OR
cisconx_osMatch12.2\(4f\)
OR
cisconx_osMatch12.2\(4p\)
OR
cisconx_osMatch12.2\(3p\)
OR
cisconx_osMatch12.2\(3r\)
OR
cisconx_osMatch12.2\(3s\)
OR
cisconx_osMatch12.2\(3t\)
OR
cisconx_osMatch12.2\(2f\)
OR
cisconx_osMatch12.2\(2i\)
OR
cisconx_osMatch12.2\(2j\)
OR
cisconx_osMatch12.2\(2k\)
OR
cisconx_osMatch12.2\(2q\)
OR
cisconx_osMatch12.2\(1o\)
OR
cisconx_osMatch12.2\(4q\)
OR
cisconx_osMatch12.2\(4r\)
OR
cisconx_osMatch12.3\(1e\)
OR
cisconx_osMatch12.3\(1f\)
OR
cisconx_osMatch12.3\(1i\)
OR
cisconx_osMatch12.3\(1l\)
OR
cisconx_osMatch12.3\(1o\)
OR
cisconx_osMatch12.3\(1p\)
OR
cisconx_osMatch13.0\(1k\)
OR
cisconx_osMatch13.0\(2h\)
OR
cisconx_osMatch13.0\(2k\)
OR
cisconx_osMatch13.0\(2n\)
OR
cisconx_osMatch13.1\(1i\)
OR
cisconx_osMatch13.1\(2m\)
OR
cisconx_osMatch13.1\(2o\)
OR
cisconx_osMatch13.1\(2p\)
OR
cisconx_osMatch13.1\(2q\)
OR
cisconx_osMatch13.1\(2s\)
OR
cisconx_osMatch13.1\(2t\)
OR
cisconx_osMatch13.2\(1l\)
OR
cisconx_osMatch13.2\(1m\)
OR
cisconx_osMatch13.2\(2l\)
OR
cisconx_osMatch13.2\(2o\)
OR
cisconx_osMatch13.2\(3i\)
OR
cisconx_osMatch13.2\(3n\)
OR
cisconx_osMatch13.2\(3o\)
OR
cisconx_osMatch13.2\(3r\)
OR
cisconx_osMatch13.2\(4d\)
OR
cisconx_osMatch13.2\(4e\)
OR
cisconx_osMatch11.3\(1g\)
OR
cisconx_osMatch11.3\(2f\)
OR
cisconx_osMatch11.3\(1h\)
OR
cisconx_osMatch11.3\(1i\)
OR
cisconx_osMatch11.3\(2h\)
OR
cisconx_osMatch11.3\(2i\)
OR
cisconx_osMatch11.3\(2k\)
OR
cisconx_osMatch11.3\(1j\)
OR
cisconx_osMatch11.3\(2j\)
OR
cisconx_osMatch14.0\(1h\)
OR
cisconx_osMatch14.0\(2c\)
VendorProductVersionCPE
cisconx_os11.0cpe:2.3:o:cisco:nx_os:11.0:*:*:*:*:*:*:*
cisconx_os11.1cpe:2.3:o:cisco:nx_os:11.1:*:*:*:*:*:*:*
cisconx_os11.2cpe:2.3:o:cisco:nx_os:11.2:*:*:*:*:*:*:*
cisconx_os12.0cpe:2.3:o:cisco:nx_os:12.0:*:*:*:*:*:*:*
cisconx_os12.1cpe:2.3:o:cisco:nx_os:12.1:*:*:*:*:*:*:*
cisconx_os12.2cpe:2.3:o:cisco:nx_os:12.2:*:*:*:*:*:*:*
cisconx_os12.3cpe:2.3:o:cisco:nx_os:12.3:*:*:*:*:*:*:*
cisconx_os13.0cpe:2.3:o:cisco:nx_os:13.0:*:*:*:*:*:*:*
cisconx_os13.1cpe:2.3:o:cisco:nx_os:13.1:*:*:*:*:*:*:*
cisconx_os13.2cpe:2.3:o:cisco:nx_os:13.2:*:*:*:*:*:*:*
Rows per page:
1-10 of 1271

Related

prion 1
nessus 2
cve 1
cvelist 1
nvd 1
prion
prion
Input validation
2019-03-06 22:29:00
nessus
nessus
Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Shell Escape (CVE-2019-1591)
2023-07-25 00:00:00
Cisco Nexus 9000 ACI Mode Shell Escape Vulnerability (cisco-sa-20190306-aci-shell-escape)
2020-06-01 00:00:00
cve
cve
CVE-2019-1591
2019-03-06 22:29:00
cvelist
cvelist
CVE-2019-1591 Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Shell Escape Vulnerability
2019-03-06 22:00:00
nvd
nvd
CVE-2019-1591
2019-03-06 22:29:00

EPSS

0

Percentile

5.2%

JSON
Related for CISCO-SA-20190306-ACI-SHELL-ESCAPE
prion1nessus2cve1cvelist1nvd1