CVE-2019-1735: Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1735)
First published: Wed May 15 2019(Updated: )
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid user credentials to exploit this vulnerability.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco NX-OS | <8.3\(1\) | |
| Cisco MDS 9000 Series Multilayer Switches | ||
| Cisco MDS 9100 | ||
| Cisco MDS 9200 | ||
| Cisco MDS 9500 | ||
| Cisco MDS 9700 | ||
| Cisco NX-OS | <7.0\(3\)i7\(6\) | |
| Cisco Nexus 3016Q Firmware | ||
| Cisco Nexus 3048 Firmware | ||
| Cisco Nexus 3064 Firmware | ||
| Cisco Nexus 3064 | ||
| Cisco Nexus 31108PC-V Firmware | ||
| Cisco Nexus 31108TC-V Firmware | ||
| Cisco Nexus 31128PQ | ||
| Cisco Nexus 3132C-Z Firmware | ||
| Cisco Nexus 3132Q-XL | ||
| Cisco Nexus 3132Q-V Firmware | ||
| Cisco Nexus 3132Q-XL Firmware | ||
| Cisco Nexus 3164Q Firmware | ||
| Cisco Nexus 3172 Firmware | ||
| Cisco Nexus 3172PQ-XL Firmware | ||
| Cisco Nexus 3172TQ Firmware | ||
| Cisco Nexus 3172TQ-XL | ||
| Cisco Nexus 3172TQ-XL Firmware | ||
| Cisco Nexus 3232C | ||
| Cisco Nexus 3264C-E Firmware | ||
| Cisco Nexus 3264Q Firmware | ||
| Cisco Nexus 3408-S Firmware | ||
| Cisco Nexus 34180YC Firmware | ||
| Cisco Nexus 3432D-S Firmware | ||
| Cisco Nexus 3464C Firmware | ||
| Cisco NX-OS Nexus 9000 Series | ||
| Cisco Nexus 92160YC Switch | ||
| Cisco Nexus 92300YC Firmware | ||
| Cisco Nexus 92304QC Switch | ||
| Cisco Nexus 92348GC-X Switch | ||
| Cisco Nexus 9236C Switch | ||
| Cisco Nexus 9272Q Switch | ||
| Cisco Nexus | ||
| Cisco Nexus 93108TC-FX Switch | ||
| Cisco Nexus 93120TX Firmware | ||
| Cisco Nexus 93128 Firmware | ||
| Cisco Nexus 93180LC-EX Switch | ||
| Cisco Nexus 93180YC-EX-24 | ||
| Cisco Nexus 93180YC-FX Firmware | ||
| Cisco Nexus 93216TC-FX2 Firmware | ||
| Cisco Nexus 93240YC-FX2 Firmware | ||
| Cisco Nexus 9332C Firmware | ||
| Cisco Nexus 9332PQ Firmware | ||
| Cisco Nexus 93360YC-FX2 | ||
| Cisco Nexus 9336C-FX2 Firmware | ||
| Cisco Nexus N9336PQ-X | ||
| Cisco Nexus 9348GC-FXP Firmware | ||
| Cisco Nexus 9364c-h1 | ||
| Cisco Nexus 9372PX-E | ||
| Cisco Nexus 9372PX-E Firmware | ||
| Cisco Nexus 9372TX | ||
| Cisco Nexus 9372TX-E Switch | ||
| Cisco Nexus 9396PX Firmware | ||
| Cisco Nexus 9396TX Firmware | ||
| Cisco Nexus 9504 firmware | ||
| Cisco Nexus 9508 | ||
| Cisco Nexus 9516 firmware | ||
| Cisco NX-OS | <6.0\(2\)a8\(11\) | |
| Cisco NX-OS | >=7.0\(3\)i4<7.0\(3\)i7\(6\) | |
| Cisco Nexus 3524-xl | ||
| Cisco Nexus 3524-xl | ||
| Cisco Nexus 3524-XL Firmware | ||
| Cisco Nexus 3548-X/XL Firmware | ||
| Cisco Nexus 3548-X/XL | ||
| Cisco Nexus 3548-X/XL | ||
| Cisco NX-OS | >=7.3<7.3\(4\)n1\(1\) | |
| Cisco NX-OS for Nexus 5500 Platform Switches | ||
| Cisco Nexus 5600 Firmware | ||
| Cisco Nexus 6000 firmware | ||
| Cisco NX-OS | >=6.2<6.2\(22\) | |
| Cisco NX-OS | >=7.2<7.3\(3\)d1\(1\) | |
| Cisco NX-OS | >=8.0<8.3\(1\) | |
| Cisco Nexus 7000 | ||
| Cisco Nexus 7700 series | ||
| Cisco NX-OS | <4.0\(2a\) | |
| Cisco UCS 6248UP | ||
| Cisco UCS 6296UP | ||
| Cisco UCS 6324 firmware | ||
| Cisco UCS 6332 | ||
| Cisco UCS 6332-16UP | ||
| Cisco NX-OS | >=5.2<=5.2\(1\)sv5\(1.1\) | |
| Cisco Nexus 1000 Virtual Edge | ||
| Cisco NX-OS | <=5.2 | |
| Cisco Nexus 1000V for Hyper-V | ||
| Cisco NX-OS | <5.2\(1\)sv3\(4.1a\) | |
| Cisco Nexus 1000V | ||
| Cisco NX-OS | >=7.0\(3\)<7.0\(3\)f3\(5\) | |
| Cisco Nexus 36180YC-R Firmware | ||
| Cisco Nexus 3636C-R Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2019-1735?
The severity of CVE-2019-1735 is rated as high due to the potential for authenticated attackers to execute arbitrary commands with elevated privileges.
How do I fix CVE-2019-1735?
To fix CVE-2019-1735, update your Cisco NX-OS Software to the latest version that is not affected by this vulnerability.
Which versions of Cisco NX-OS are affected by CVE-2019-1735?
Cisco NX-OS versions prior to 8.3(1) and between 7.0(3)i4 and 7.0(3)i7(6) are affected by CVE-2019-1735.
Can CVE-2019-1735 be exploited remotely?
No, CVE-2019-1735 requires local authentication, meaning an attacker must have local access to the device to exploit the vulnerability.
What type of devices are impacted by CVE-2019-1735?
CVE-2019-1735 impacts devices running Cisco NX-OS Software, specifically those versions noted in the advisory.
- agent/references
- agent/type
- agent/title
- agent/weakness
- agent/author
- agent/severity
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco nx-os
- canonical/cisco mds 9000 series multilayer switches
- canonical/cisco mds 9100
- canonical/cisco mds 9200
- canonical/cisco mds 9500
- canonical/cisco mds 9700
- canonical/cisco nexus 3016q firmware
- canonical/cisco nexus 3048 firmware
- canonical/cisco nexus 3064 firmware
- canonical/cisco nexus 3064
- canonical/cisco nexus 31108pc-v firmware
- canonical/cisco nexus 31108tc-v firmware
- canonical/cisco nexus 31128pq
- canonical/cisco nexus 3132c-z firmware
- canonical/cisco nexus 3132q-xl
- canonical/cisco nexus 3132q-v firmware
- canonical/cisco nexus 3132q-xl firmware
- canonical/cisco nexus 3164q firmware
- canonical/cisco nexus 3172 firmware
- canonical/cisco nexus 3172pq-xl firmware
- canonical/cisco nexus 3172tq firmware
- canonical/cisco nexus 3172tq-xl
- canonical/cisco nexus 3172tq-xl firmware
- canonical/cisco nexus 3232c
- canonical/cisco nexus 3264c-e firmware
- canonical/cisco nexus 3264q firmware
- canonical/cisco nexus 3408-s firmware
- canonical/cisco nexus 34180yc firmware
- canonical/cisco nexus 3432d-s firmware
- canonical/cisco nexus 3464c firmware
- canonical/cisco nx-os nexus 9000 series
- canonical/cisco nexus 92160yc switch
- canonical/cisco nexus 92300yc firmware
- canonical/cisco nexus 92304qc switch
- canonical/cisco nexus 92348gc-x switch
- canonical/cisco nexus 9236c switch
- canonical/cisco nexus 9272q switch
- canonical/cisco nexus
- canonical/cisco nexus 93108tc-fx switch
- canonical/cisco nexus 93120tx firmware
- canonical/cisco nexus 93128 firmware
- canonical/cisco nexus 93180lc-ex switch
- canonical/cisco nexus 93180yc-ex-24
- canonical/cisco nexus 93180yc-fx firmware
- canonical/cisco nexus 93216tc-fx2 firmware
- canonical/cisco nexus 93240yc-fx2 firmware
- canonical/cisco nexus 9332c firmware
- canonical/cisco nexus 9332pq firmware
- canonical/cisco nexus 93360yc-fx2
- canonical/cisco nexus 9336c-fx2 firmware
- canonical/cisco nexus n9336pq-x
- canonical/cisco nexus 9348gc-fxp firmware
- canonical/cisco nexus 9364c-h1
- canonical/cisco nexus 9372px-e
- canonical/cisco nexus 9372px-e firmware
- canonical/cisco nexus 9372tx
- canonical/cisco nexus 9372tx-e switch
- canonical/cisco nexus 9396px firmware
- canonical/cisco nexus 9396tx firmware
- canonical/cisco nexus 9504 firmware
- canonical/cisco nexus 9508
- canonical/cisco nexus 9516 firmware
- version/cisco nx-os/7.0\(3\)i4
- canonical/cisco nexus 3524-xl
- canonical/cisco nexus 3524-xl firmware
- canonical/cisco nexus 3548-x/xl firmware
- canonical/cisco nexus 3548-x/xl
- version/cisco nx-os/7.3
- canonical/cisco nx-os for nexus 5500 platform switches
- canonical/cisco nexus 5600 firmware
- canonical/cisco nexus 6000 firmware
- version/cisco nx-os/6.2
- version/cisco nx-os/7.2
- version/cisco nx-os/8.0
- canonical/cisco nexus 7000
- canonical/cisco nexus 7700 series
- canonical/cisco ucs 6248up
- canonical/cisco ucs 6296up
- canonical/cisco ucs 6324 firmware
- canonical/cisco ucs 6332
- canonical/cisco ucs 6332-16up
- version/cisco nx-os/5.2
- version/cisco nx-os/5.2\(1\)sv5\(1.1\)
- canonical/cisco nexus 1000 virtual edge
- canonical/cisco nexus 1000v for hyper-v
- canonical/cisco nexus 1000v
- version/cisco nx-os/7.0\(3\)
- canonical/cisco nexus 36180yc-r firmware
- canonical/cisco nexus 3636c-r firmware