CVE-2019-1959: Cisco Enterprise NFV Infrastructure Software Arbitrary File Read Vulnerabilities
First published: Thu Aug 08 2019(Updated: )
Multiple vulnerabilities in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local attacker to read arbitrary files on the underlying operating system (OS) of an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Enterprise Network Functions Virtualization Infrastructure Software | <3.11.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2019-1959?
CVE-2019-1959 is rated as a medium severity vulnerability.
How do I fix CVE-2019-1959?
To fix CVE-2019-1959, update to Cisco Enterprise Network Functions Virtualization Infrastructure Software version 3.11.1 or later.
Who is affected by CVE-2019-1959?
CVE-2019-1959 affects Cisco Enterprise Network Functions Virtualization Infrastructure Software versions prior to 3.11.1.
What type of attacker can exploit CVE-2019-1959?
An authenticated, local attacker can exploit CVE-2019-1959 to read arbitrary files on the operating system.
What are the potential impacts of CVE-2019-1959?
The potential impacts of CVE-2019-1959 include unauthorized access to sensitive files on the affected device's operating system.
- agent/weakness
- agent/type
- agent/softwarecombine
- agent/severity
- agent/references
- agent/title
- agent/author
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/first-publish-date
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco enterprise network functions virtualization infrastructure software