cisco-sa-nxos-cli-cmdinject-euQVK9u: Cisco NX-OS Software CLI Command Injection Vulnerability
First published: Wed Feb 22 2023(Updated: )
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device.This vulnerability is due to insufficient validation of arguments that are passed to specific CLI
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco NX-OS |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of cisco-sa-nxos-cli-cmdinject-euQVK9u?
The severity of cisco-sa-nxos-cli-cmdinject-euQVK9u is classified as high, indicating a significant security risk.
How do I fix cisco-sa-nxos-cli-cmdinject-euQVK9u?
To fix cisco-sa-nxos-cli-cmdinject-euQVK9u, update to the latest version of Cisco NX-OS Software as recommended in the advisory.
What kind of attack does cisco-sa-nxos-cli-cmdinject-euQVK9u allow?
cisco-sa-nxos-cli-cmdinject-euQVK9u allows authenticated, local attackers to execute arbitrary commands on the underlying operating system.
What causes the vulnerability identified as cisco-sa-nxos-cli-cmdinject-euQVK9u?
The vulnerability cisco-sa-nxos-cli-cmdinject-euQVK9u is caused by insufficient validation of arguments passed to specific CLI commands.
Who is affected by cisco-sa-nxos-cli-cmdinject-euQVK9u?
All users running affected versions of Cisco NX-OS Software are at risk from cisco-sa-nxos-cli-cmdinject-euQVK9u.
- collector/cisco-recent
- agent/type
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/title
- agent/severity
- agent/weakness
- agent/description
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco nx-os