The vulnerability of the command-line interface of the Cisco NX-OSS network operating system in Cisco devices allows a attacker to gain access to internal services.

🗓️ 14 Jun 2019 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 1 Views

Cisco NX-OSS CLI vulnerability due to insufficient argument validation enables attackers to access internal services.

Reporter	Title	Published	Views	Family All 21
BDU FSTEC	The vulnerability of the NX-API Sandbox interface of the Cisco NX-OS routing system’s Cisco routers allows attackers to perform cross-site scripting attacks.	14 Jun 201900:00	–	bdu_fstec
Cisco	Cisco NX-OS Software CLI Bypass to Internal Service Vulnerability	16 May 201916:00	–	cisco
Cisco	Cisco NX-OS Software NX-API Sandbox Cross-Site Scripting Vulnerability	15 May 201916:00	–	cisco
Tenable Nessus	Cisco NX-OS Software CLI to Internal Service Bypass (cisco-sa-20190515-nxos-cli-bypass)	18 Aug 202000:00	–	nessus
Tenable Nessus	Cisco NX-OS Software NX-API Sandbox Cross-Site Scripting Vulnerability	3 Jun 201900:00	–	nessus
Tenable Nessus	Cisco NX-OS Software CLI Bypass to Internal Service (CVE-2019-1726)	25 Jul 202300:00	–	nessus
Tenable Nessus	Cisco NX-OS Software NX-API Sandbox Cross-site Scripting (CVE-2019-1733)	25 Jul 202300:00	–	nessus
CVE	CVE-2019-1726	15 May 201916:40	–	cve
CVE	CVE-2019-1733	15 May 201916:50	–	cve
Cvelist	CVE-2019-1726 Cisco NX-OS Software CLI Bypass to Internal Service Vulnerability	15 May 201916:40	–	cvelist

Source	Link
tools	www.tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cli-bypass
nvd	www.nvd.nist.gov/vuln/detail/CVE-2019-1733
web	www.web.nvd.nist.gov/view/vuln/detail

23 Mar 2021 00:00Current

6.2Medium risk

Vulners AI Score6.2

CVSS 24.6

CVSS 35.3

EPSS0.00311

Cisco NX-OSS command line interface argument validation internal services