First published: Wed Mar 06 2019(Updated: )
A vulnerability in a specific CLI command implementation of Cisco Nexus 9000 Series ACI Mode Switch Software could allow an authenticated, local attacker to escape a restricted shell on an affected device. The vulnerability is due to insufficient sanitization of user-supplied input when issuing a specific CLI command with parameters on an affected device. An attacker could exploit this vulnerability by authenticating to the device CLI and issuing certain commands. A successful exploit could allow the attacker to escape the restricted shell and execute arbitrary commands with root-level privileges on the affected device. This vulnerability only affects Cisco Nexus 9000 Series ACI Mode Switches that are running a release prior to 14.0(3d).
Credit: ykramarz@cisco.com ykramarz@cisco.com
Affected Software | Affected Version | How to fix |
---|---|---|
Cisco Nx-os | <14.0\(3d\) | |
Cisco Nexus 9000 | ||
All of | ||
Cisco Nx-os | <14.0\(3d\) | |
Cisco Nexus 9000 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this Cisco Nexus 9000 Series ACI Mode Switch Software vulnerability is CVE-2019-1591.
The severity of CVE-2019-1591 is high with a CVSS score of 7.8.
CVE-2019-1591 allows an authenticated, local attacker to escape a restricted shell on an affected device.
To fix CVE-2019-1591, Cisco recommends upgrading to a fixed release of the Cisco Nexus 9000 Series ACI Mode Switch Software.
You can find more information about CVE-2019-1591 on the Cisco Security Advisory page and the SecurityFocus website.