First published: Wed May 15 2019(Updated: )
A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to bypass the limited command set of the restricted Guest Shell and execute commands at the privilege level of a network-admin user outside of the Guest Shell. The attacker must authenticate with valid administrator device credentials. The vulnerability is due to the incorrect implementation of a CLI command that allows a Bash command to be incorrectly invoked on the Guest Shell CLI. An attacker could exploit this vulnerability by authenticating to the device and entering a crafted command at the Guest Shell prompt. A successful exploit could allow the attacker to issue commands that should be restricted by a Guest Shell account.
Credit: ykramarz@cisco.com
Affected Software | Affected Version | How to fix |
---|---|---|
Cisco NX-OS | >=7.0\(3\)i4<7.0\(3\)i4\(9\) | |
Cisco NX-OS | >=7.0\(3\)i7<7.0\(3\)i7\(4\) | |
Cisco Nexus 3000 | ||
Cisco Nexus 3100 Firmware | ||
Cisco Nexus 3100-Z firmware | ||
Cisco Nexus 3100V Firmware | ||
Cisco Nexus 3200 | ||
Cisco Nexus 3400 Firmware | ||
Cisco Nexus 3500 Platform | ||
Cisco Nexus 3524-xl | ||
Cisco Nexus 3524-X/XL | ||
Cisco Nexus 3548-X/XL | ||
Cisco Nexus 3548-X/XL | ||
Cisco NX-OS Nexus 9000 Series | ||
Cisco Nexus 92160YC Switch | ||
Cisco Nexus 92300YC Firmware | ||
Cisco Nexus 92304QC Firmware | ||
Cisco Nexus 92348GC-X Switch | ||
Cisco Nexus 9236C | ||
Cisco Nexus 9272Q Switch | ||
Cisco Nexus | ||
Cisco Nexus 93108TC-FX Switch | ||
Cisco Nexus 93120TX Firmware | ||
Cisco Nexus 93128TX | ||
Cisco Nexus 9000 Series Switch | ||
Cisco Nexus 93180YC-EX-24 | ||
Cisco Nexus 93180YC-FX Firmware | ||
Cisco Nexus 93216TC-FX2 Firmware | ||
Cisco Nexus 93240YC-FX2 Firmware | ||
Cisco Nexus 9332C Firmware | ||
Cisco Nexus 9332PQ Firmware | ||
Cisco Nexus 93360YC-FX2 | ||
Cisco Nexus 9336C-FX2 Firmware | ||
Cisco Nexus N9336PQ-X | ||
Cisco Nexus 9348GC-FXP Firmware | ||
Cisco Nexus 9364c-h1 | ||
Cisco Nexus 9372PX-E | ||
Cisco Nexus 9372PX-E Firmware | ||
Cisco Nexus 9372TX Firmware | ||
Cisco Nexus 9372TX-E Switch | ||
Cisco Nexus 9396PX Firmware | ||
Cisco Nexus 9396TX Firmware | ||
Cisco NX-OS | >=8.1<8.3\(1\) | |
Cisco Nexus 7000 Series Switch | ||
Cisco Nexus 7700 Series Switch | ||
Cisco NX-OS | >=7.0\(3\)<7.0\(3\)f3\(5\) | |
Cisco Nexus 36180YC-R Firmware | ||
Cisco Nexus 3636C-R Firmware | ||
Cisco Nexus 9504 Firmware | ||
Cisco Nexus 9508 | ||
Cisco Nexus 9516 firmware |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-1730 is a vulnerability in the Bash shell implementation for Cisco NX-OS Software that allows an authenticated, local attacker to bypass the limited command set of the restricted Guest Shell.
The severity of CVE-2019-1730 is high with a CVSS score of 6.7.
CVE-2019-1730 allows an attacker to execute commands at the privilege level of a network-admin user outside of the Guest Shell.
The affected software for CVE-2019-1730 is Cisco NX-OS Software versions 7.0(3)i4 through 7.0(3)i4(9) and 7.0(3)i7 through 7.0(3)i7(4).
To fix CVE-2019-1730, Cisco recommends upgrading to a fixed software release.