How can an attacker exploit CVE-2019-1768?

An authenticated, local attacker with administrator credentials can exploit CVE-2019-1768 to cause a buffer overflow condition or perform command injection.

What is the severity of CVE-2019-1768?

CVE-2019-1768 has a severity rating of 6.7 (high).

Which software versions are affected by CVE-2019-1768?

Cisco NX-OS Software versions up to and excluding 8.3(1) are affected by CVE-2019-1768.

Where can I find more information about CVE-2019-1768?

More information about CVE-2019-1768 can be found at the following references: [SecurityFocus](http://www.securityfocus.com/bid/108386) and [Cisco Security Advisory](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-overflow-inj).

Vulnerability/
CVE-2019-1768

high

7.2

CWE

78 119 77

16/5/2019

20/11/2024

CVE-2019-1768: Cisco NX-OS Software Buffer Overflow and Command Injection Vulnerability

Q: What is CVE-2019-1768?

CVE-2019-1768 is a vulnerability in the implementation of a specific CLI command for Cisco NX-OS Software.

First published: Thu May 16 2019(Updated: )

A vulnerability in the implementation of a specific CLI command for Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to cause a buffer overflow condition or perform command injection. This could allow the attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to a certain CLI command. An attacker could exploit this vulnerability by including malicious input as the argument of the affected CLI command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges. An attacker would need valid administrator credentials to exploit these vulnerabilities.

Credit: ykramarz@cisco.com

Affected Software	Affected Version	How to fix
Cisco NX-OS	<8.3\(1\)
Cisco Nexus 3016Q Firmware
Cisco Nexus 3048 Firmware
Cisco Nexus 3064 Firmware
Cisco Nexus 3064
Cisco Nexus 31108PC-V Firmware
Cisco Nexus 31108TC-V Firmware
Cisco Nexus 31128PQ
Cisco Nexus 3132C-Z Firmware
Cisco Nexus 3132Q-XL
Cisco Nexus 3132Q-V Firmware
Cisco Nexus 3132Q-XL Firmware
Cisco Nexus 3164Q Firmware
Cisco Nexus 3172 Firmware
Cisco Nexus 3172PQ-XL Firmware
Cisco Nexus 3172TQ Firmware
Cisco Nexus 3172TQ-XL
Cisco Nexus 3172TQ-XL Firmware
Cisco Nexus 3232C
Cisco Nexus 3264C-E Firmware
Cisco Nexus 3264Q Firmware
Cisco Nexus 3408-S Firmware
Cisco Nexus 34180YC Firmware
Cisco Nexus 3432D-S Firmware
Cisco Nexus 3464C Firmware
Cisco Nexus 3524-xl
Cisco Nexus 3524-xl
Cisco Nexus 3524-XL Firmware
Cisco Nexus 3548-X/XL Firmware
Cisco Nexus 3548-X/XL
Cisco Nexus 3548-X/XL
Cisco Nexus 36180YC-R Firmware
Cisco Nexus 3636C-R Firmware
Cisco NX-OS Nexus 9000 Series
Cisco Nexus 92160YC Switch
Cisco Nexus 92300YC Firmware
Cisco Nexus 92304QC Switch
Cisco Nexus 92348GC-X Switch
Cisco Nexus 9236C Switch
Cisco Nexus 9272Q Switch
Cisco Nexus
Cisco Nexus 93108TC-FX Switch
Cisco Nexus 93120TX Firmware
Cisco Nexus 93128 Firmware
Cisco Nexus 93180LC-EX Switch
Cisco Nexus 93180YC-EX-24
Cisco Nexus 93180YC-FX Firmware
Cisco Nexus 93216TC-FX2 Firmware
Cisco Nexus 93240YC-FX2 Firmware
Cisco Nexus 9332C Firmware
Cisco Nexus 9332PQ Firmware
Cisco Nexus 93360YC-FX2
Cisco Nexus 9336C-FX2 Firmware
Cisco Nexus N9336PQ-X
Cisco Nexus 9348GC-FXP Firmware
Cisco Nexus 9364c-h1
Cisco Nexus 9372PX-E
Cisco Nexus 9372PX-E Firmware
Cisco Nexus 9372TX
Cisco Nexus 9372TX-E Switch
Cisco Nexus 9396PX Firmware
Cisco Nexus 9396TX Firmware
Cisco Nexus 9504 firmware
Cisco Nexus 9508
Cisco Nexus 9516 firmware

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2019-1768?
CVE-2019-1768 is a vulnerability in the implementation of a specific CLI command for Cisco NX-OS Software.
How can an attacker exploit CVE-2019-1768?
An authenticated, local attacker with administrator credentials can exploit CVE-2019-1768 to cause a buffer overflow condition or perform command injection.
What is the severity of CVE-2019-1768?
CVE-2019-1768 has a severity rating of 6.7 (high).
Which software versions are affected by CVE-2019-1768?
Cisco NX-OS Software versions up to and excluding 8.3(1) are affected by CVE-2019-1768.
Where can I find more information about CVE-2019-1768?
More information about CVE-2019-1768 can be found at the following references: [SecurityFocus](http://www.securityfocus.com/bid/108386) and [Cisco Security Advisory](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-overflow-inj).

CVE-2019-1768: Cisco NX-OS Software Buffer Overflow and Command Injection Vulnerability

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2019-1768?

How can an attacker exploit CVE-2019-1768?

What is the severity of CVE-2019-1768?

Which software versions are affected by CVE-2019-1768?

Where can I find more information about CVE-2019-1768?

Company

Resources

Contact