high
7.2
CWE
264
Advisory Published
Updated

CVE-2019-1730

First published: Wed May 15 2019(Updated: )

A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to bypass the limited command set of the restricted Guest Shell and execute commands at the privilege level of a network-admin user outside of the Guest Shell. The attacker must authenticate with valid administrator device credentials. The vulnerability is due to the incorrect implementation of a CLI command that allows a Bash command to be incorrectly invoked on the Guest Shell CLI. An attacker could exploit this vulnerability by authenticating to the device and entering a crafted command at the Guest Shell prompt. A successful exploit could allow the attacker to issue commands that should be restricted by a Guest Shell account.

Credit: ykramarz@cisco.com

Affected SoftwareAffected VersionHow to fix
Cisco Nx-os>=7.0\(3\)i4<7.0\(3\)i4\(9\)
Cisco Nx-os>=7.0\(3\)i7<7.0\(3\)i7\(4\)
Cisco Nexus 3000
Cisco Nexus 3100
Cisco Nexus 3100-z
Cisco Nexus 3100v
Cisco Nexus 3200
Cisco Nexus 3400
Cisco Nexus 3500
Cisco Nexus 3524-x
Cisco Nexus 3524-xl
Cisco Nexus 3548-x
Cisco Nexus 3548-xl
Cisco Nexus 9000v
Cisco Nexus 92160yc-x
Cisco Nexus 92300yc
Cisco Nexus 92304qc
Cisco Nexus 92348gc-x
Cisco Nexus 9236c
Cisco Nexus 9272q
Cisco Nexus 93108tc-ex
Cisco Nexus 93108tc-fx
Cisco Nexus 93120tx
Cisco Nexus 93128tx
Cisco Nexus 93180lc-ex
Cisco Nexus 93180yc-ex
Cisco Nexus 93180yc-fx
Cisco Nexus 93216tc-fx2
Cisco Nexus 93240yc-fx2
Cisco Nexus 9332c
Cisco Nexus 9332pq
Cisco Nexus 93360yc-fx2
Cisco Nexus 9336c-fx2
Cisco Nexus 9336pq Aci Spine
Cisco Nexus 9348gc-fxp
Cisco Nexus 9364c
Cisco Nexus 9372px
Cisco Nexus 9372px-e
Cisco Nexus 9372tx
Cisco Nexus 9372tx-e
Cisco Nexus 9396px
Cisco Nexus 9396tx
Cisco Nx-os>=8.1<8.3\(1\)
Cisco Nexus 7000
Cisco Nexus 7700
Cisco Nx-os>=7.0\(3\)<7.0\(3\)f3\(5\)
Cisco Nexus 36180yc-r
Cisco Nexus 3636c-r
Cisco Nexus 9504
Cisco Nexus 9508
Cisco Nexus 9516

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is CVE-2019-1730?

    CVE-2019-1730 is a vulnerability in the Bash shell implementation for Cisco NX-OS Software that allows an authenticated, local attacker to bypass the limited command set of the restricted Guest Shell.

  • What is the severity of CVE-2019-1730?

    The severity of CVE-2019-1730 is high with a CVSS score of 6.7.

  • How does CVE-2019-1730 impact Cisco NX-OS Software?

    CVE-2019-1730 allows an attacker to execute commands at the privilege level of a network-admin user outside of the Guest Shell.

  • What is the affected software for CVE-2019-1730?

    The affected software for CVE-2019-1730 is Cisco NX-OS Software versions 7.0(3)i4 through 7.0(3)i4(9) and 7.0(3)i7 through 7.0(3)i7(4).

  • How can I fix CVE-2019-1730?

    To fix CVE-2019-1730, Cisco recommends upgrading to a fixed software release.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203