Lucene search
CiscoCISCO-SA-20190515-NXOS-CMDINJ-1791HistoryMay 15, 2019 - 4:00 p.m.
Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1791)
2019-05-1516:00:00
tools.cisco.com
44
0.0004 Low
EPSS
Percentile
5.1%
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device.
The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1791 [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1791”]
Affected configurations
Node
cisconx-osMatch6.0\(2\)a8nexus_9000_series
ORcisconx-osMatch6.2nexus_9000_series
ORcisconx-osMatch7.0\(3\)f3nexus_9000_series
ORcisconx-osMatch7.0\(3\)i4nexus_9000_series
ORcisconx-osMatch7.0\(3\)i7nexus_9000_series
ORcisconx-osMatch8.2nexus_9000_series
ORcisconx-osMatch6.0\(2\)a8\(1\)nexus_9000_series
ORcisconx-osMatch6.0\(2\)a8\(2\)nexus_9000_series
ORcisconx-osMatch6.0\(2\)a8\(3\)nexus_9000_series
ORcisconx-osMatch6.0\(2\)a8\(4\)nexus_9000_series
ORcisconx-osMatch6.0\(2\)a8\(4a\)nexus_9000_series
ORcisconx-osMatch6.0\(2\)a8\(5\)nexus_9000_series
ORcisconx-osMatch6.0\(2\)a8\(6\)nexus_9000_series
ORcisconx-osMatch6.0\(2\)a8\(7\)nexus_9000_series
ORcisconx-osMatch6.0\(2\)a8\(7a\)nexus_9000_series
ORcisconx-osMatch6.0\(2\)a8\(7b\)nexus_9000_series
ORcisconx-osMatch6.0\(2\)a8\(8\)nexus_9000_series
ORcisconx-osMatch6.0\(2\)a8\(9\)nexus_9000_series
ORcisconx-osMatch6.0\(2\)a8\(10a\)nexus_9000_series
ORcisconx-osMatch6.0\(2\)a8\(10\)nexus_9000_series
ORcisconx-osMatch6.2\(2\)nexus_9000_series
ORcisconx-osMatch6.2\(2a\)nexus_9000_series
ORcisconx-osMatch6.2\(6\)nexus_9000_series
ORcisconx-osMatch6.2\(6b\)nexus_9000_series
ORcisconx-osMatch6.2\(8\)nexus_9000_series
ORcisconx-osMatch6.2\(8a\)nexus_9000_series
ORcisconx-osMatch6.2\(8b\)nexus_9000_series
ORcisconx-osMatch6.2\(10\)nexus_9000_series
ORcisconx-osMatch6.2\(12\)nexus_9000_series
ORcisconx-osMatch6.2\(18\)nexus_9000_series
ORcisconx-osMatch6.2\(16\)nexus_9000_series
ORcisconx-osMatch6.2\(14b\)nexus_9000_series
ORcisconx-osMatch6.2\(14\)nexus_9000_series
ORcisconx-osMatch6.2\(14a\)nexus_9000_series
ORcisconx-osMatch6.2\(6a\)nexus_9000_series
ORcisconx-osMatch6.2\(20\)nexus_9000_series
ORcisconx-osMatch6.2\(1\)nexus_9000_series
ORcisconx-osMatch6.2\(3\)nexus_9000_series
ORcisconx-osMatch6.2\(5\)nexus_9000_series
ORcisconx-osMatch6.2\(5a\)nexus_9000_series
ORcisconx-osMatch6.2\(5b\)nexus_9000_series
ORcisconx-osMatch6.2\(7\)nexus_9000_series
ORcisconx-osMatch6.2\(9\)nexus_9000_series
ORcisconx-osMatch6.2\(9a\)nexus_9000_series
ORcisconx-osMatch6.2\(9b\)nexus_9000_series
ORcisconx-osMatch6.2\(9c\)nexus_9000_series
ORcisconx-osMatch6.2\(11\)nexus_9000_series
ORcisconx-osMatch6.2\(11b\)nexus_9000_series
ORcisconx-osMatch6.2\(11c\)nexus_9000_series
ORcisconx-osMatch6.2\(11d\)nexus_9000_series
ORcisconx-osMatch6.2\(11e\)nexus_9000_series
ORcisconx-osMatch6.2\(13\)nexus_9000_series
ORcisconx-osMatch6.2\(13a\)nexus_9000_series
ORcisconx-osMatch6.2\(13b\)nexus_9000_series
ORcisconx-osMatch6.2\(15\)nexus_9000_series
ORcisconx-osMatch6.2\(17\)nexus_9000_series
ORcisconx-osMatch6.2\(19\)nexus_9000_series
ORcisconx-osMatch6.2\(21\)nexus_9000_series
ORcisconx-osMatch6.2\(20a\)nexus_9000_series
ORcisconx-osMatch7.0\(3\)f3\(1\)nexus_9000_series
ORcisconx-osMatch7.0\(3\)f3\(2\)nexus_9000_series
ORcisconx-osMatch7.0\(3\)f3\(3\)nexus_9000_series
ORcisconx-osMatch7.0\(3\)f3\(3a\)nexus_9000_series
ORcisconx-osMatch7.0\(3\)f3\(4\)nexus_9000_series
ORcisconx-osMatch7.0\(3\)f3\(3c\)nexus_9000_series
ORcisconx-osMatch7.0\(3\)f3\(3b\)nexus_9000_series
ORcisconx-osMatch7.0\(3\)i4\(1\)nexus_9000_series
ORcisconx-osMatch7.0\(3\)i4\(2\)nexus_9000_series
ORcisconx-osMatch7.0\(3\)i4\(3\)nexus_9000_series
ORcisconx-osMatch7.0\(3\)i4\(4\)nexus_9000_series
ORcisconx-osMatch7.0\(3\)i4\(5\)nexus_9000_series
ORcisconx-osMatch7.0\(3\)i4\(6\)nexus_9000_series
ORcisconx-osMatch7.0\(3\)i4\(7\)nexus_9000_series
ORcisconx-osMatch7.0\(3\)i4\(8\)nexus_9000_series
ORcisconx-osMatch7.0\(3\)i4\(8a\)nexus_9000_series
ORcisconx-osMatch7.0\(3\)i4\(8b\)nexus_9000_series
ORcisconx-osMatch7.0\(3\)i4\(8z\)nexus_9000_series
ORcisconx-osMatch7.0\(3\)i7\(5a\)nexus_9000_series
ORcisconx-osMatch7.0\(3\)i7\(1\)nexus_9000_series
ORcisconx-osMatch7.0\(3\)i7\(2\)nexus_9000_series
ORcisconx-osMatch7.0\(3\)i7\(3\)nexus_9000_series
ORcisconx-osMatch7.0\(3\)i7\(4\)nexus_9000_series
ORcisconx-osMatch7.0\(3\)i7\(5\)nexus_9000_series
ORcisconx-osMatch7.0\(3\)i7\(5a\)nexus_9000_series
ORcisconx-osMatch8.2\(1\)nexus_9000_series
ORcisconx-osMatch8.2\(2\)nexus_9000_series
Related
cisco
cisco
Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1784)
2019-05-15 16:00:00
Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1778)
2019-05-15 16:00:00
nessus
nessus
cvelist
cvelist
CVE-2019-1778 Cisco NX-OS Software Command Injection Vulnerability
2019-05-15 00:00:00
CVE-2019-1779 Cisco FXOS and NX-OS Software Command Injection Vulnerability
2019-05-15 00:00:00
CVE-2019-1795 Cisco FXOS and NX-OS Software Command Injection Vulnerability
2019-05-15 00:00:00
prion
prion
Input validation
2019-05-15 20:29:00
Input validation
2019-05-16 17:29:00
Input validation
2019-05-15 20:29:00
cve
cve
nvd
nvd
threatpost
threatpost
Cisco Starts Patching Firmware Bug; Millions of Devices Still Vulnerable
2019-05-21 16:01:08