CVE-2019-1732: Cisco NX-OS Software Remote Package Manager Command Injection Vulnerability
First published: Wed May 15 2019(Updated: )
A vulnerability in the Remote Package Manager (RPM) subsystem of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to leverage a time-of-check, time-of-use (TOCTOU) race condition to corrupt local variables, which could lead to arbitrary command injection. The vulnerability is due to the lack of a proper locking mechanism on critical variables that need to stay static until used. An attacker could exploit this vulnerability by authenticating to an affected device and issuing a set of RPM-related CLI commands. A successful exploit could allow the attacker to perform arbitrary command injection. The attacker would need administrator credentials for the targeted device.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Nx-os | >=7.0\(3\)i4<7.0\(3\)i7\(4\) | |
| Cisco Nexus 3000 | ||
| Cisco Nexus 3100 | ||
| Cisco Nexus 3100-z | ||
| Cisco Nexus 3100v | ||
| Cisco Nexus 3200 | ||
| Cisco Nexus 3400 | ||
| Cisco Nexus 3500 | ||
| Cisco Nexus 3524-x | ||
| Cisco Nexus 3524-xl | ||
| Cisco Nexus 3548-x | ||
| Cisco Nexus 3548-xl | ||
| Cisco Nexus 9000 | ||
| Cisco Nexus 9200 | ||
| Cisco Nexus 9300 | ||
| Cisco Nexus 9500 | ||
| Cisco Nx Os | >=7.0\(3\)<7.0\(3\)f3\(5\) | |
| Cisco Nexus 3600 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this vulnerability in the Remote Package Manager (RPM) subsystem of Cisco NX-OS Software?
The vulnerability ID for this vulnerability is CVE-2019-1732.
What is the severity of CVE-2019-1732?
CVE-2019-1732 has a severity keyword of 'medium' and a severity value of 6.4.
How does CVE-2019-1732 impact Cisco NX-OS Software?
CVE-2019-1732 allows an authenticated, local attacker with administrator credentials to leverage a time-of-check, time-of-use (TOCTOU) race condition to corrupt local variables, leading to arbitrary command injection.
What is the affected software for CVE-2019-1732?
The affected software is Cisco NX-OS Software versions 7.0(3)i4 through 7.0(3)i7(4).
How can I fix CVE-2019-1732?
To fix CVE-2019-1732, users should apply the necessary updates provided by Cisco.
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/title
- agent/weakness
- agent/author
- agent/severity
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- vendor/cisco
- canonical/cisco nx-os
- version/cisco nx-os/7.0\(3\)i4
- canonical/cisco nexus 3000
- canonical/cisco nexus 3100
- canonical/cisco nexus 3100-z
- canonical/cisco nexus 3100v
- canonical/cisco nexus 3200
- canonical/cisco nexus 3400
- canonical/cisco nexus 3500
- canonical/cisco nexus 3524-x
- canonical/cisco nexus 3524-xl
- canonical/cisco nexus 3548-x
- canonical/cisco nexus 3548-xl
- canonical/cisco nexus 9000
- canonical/cisco nexus 9200
- canonical/cisco nexus 9300
- canonical/cisco nexus 9500
- canonical/cisco nx os
- version/cisco nx os/7.0\(3\)
- canonical/cisco nexus 3600