Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2019-1732
HistoryMay 15, 2019 - 5:29 p.m.

Race condition

2019-05-1517:29:00
PRIOn knowledge base
www.prio-n.com
2

6.7 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.2%

JSON

A vulnerability in the Remote Package Manager (RPM) subsystem of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to leverage a time-of-check, time-of-use (TOCTOU) race condition to corrupt local variables, which could lead to arbitrary command injection. The vulnerability is due to the lack of a proper locking mechanism on critical variables that need to stay static until used. An attacker could exploit this vulnerability by authenticating to an affected device and issuing a set of RPM-related CLI commands. A successful exploit could allow the attacker to perform arbitrary command injection. The attacker would need administrator credentials for the targeted device.

Related

cisco 1
cve 1
nessus 2
cvelist 1
nvd 1
cisco
cisco
Cisco NX-OS Software Remote Package Manager Command Injection Vulnerability
2019-05-15 16:00:00
cve
cve
CVE-2019-1732
2019-05-15 17:29:01
nessus
nessus
Cisco NX-OS Software Remote Package Manager Command Injection (CVE-2019-1732)
2023-07-25 00:00:00
Cisco NX-OS Software Remote Package Manager Command Injection Vulnerability (cisco-sa-20190515-nxos-rpm-injec)
2020-05-12 00:00:00
cvelist
cvelist
CVE-2019-1732 Cisco NX-OS Software Remote Package Manager Command Injection Vulnerability
2019-05-15 00:00:00
nvd
nvd
CVE-2019-1732
2019-05-15 17:29:01

6.7 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.2%

JSON
Related for PRION:CVE-2019-1732
cisco1cve1nessus2cvelist1nvd1