Lucene search

K
cveCiscoCVE-2019-1781
HistoryMay 15, 2019 - 8:29 p.m.

CVE-2019-1781

2019-05-1520:29:01
CWE-77
CWE-88
cisco
web.nvd.nist.gov
32
cve-2019-1781
cisco
fxos software
nx-os software
vulnerability
cli
local attacker
arbitrary commands
nvd

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

6.7

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

AI Score

6.6

Confidence

High

EPSS

0

Percentile

5.1%

A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need administrator credentials to exploit this vulnerability.

Affected configurations

Nvd
Vulners
Node
cisconx-osRange5.26.2\(25\)
OR
cisconx-osRange7.38.3\(2\)
AND
ciscomds_9132tMatch-
OR
ciscomds_9148sMatch-
OR
ciscomds_9148tMatch-
OR
ciscomds_9222iMatch-
OR
ciscomds_9250iMatch-
OR
ciscomds_9706Match-
OR
ciscomds_9710Match-
OR
ciscomds_9718Match-
Node
cisconx-osRange<7.0\(3\)i4\(9\)
OR
cisconx-osRange7.0\(3\)i77.0\(3\)i7\(4\)
AND
cisconexus_3016Match-
OR
cisconexus_3048Match-
OR
cisconexus_3064Match-
OR
cisconexus_3064-tMatch-
OR
cisconexus_31108pc-vMatch-
OR
cisconexus_31108tc-vMatch-
OR
cisconexus_31128pqMatch-
OR
cisconexus_3132c-zMatch-
OR
cisconexus_3132qMatch-
OR
cisconexus_3132q-vMatch-
OR
cisconexus_3132q-xlMatch-
OR
cisconexus_3164qMatch-
OR
cisconexus_3172Match-
OR
cisconexus_3172pq-xlMatch-
OR
cisconexus_3172tqMatch-
OR
cisconexus_3172tq-32tMatch-
OR
cisconexus_3172tq-xlMatch-
OR
cisconexus_3232cMatch-
OR
cisconexus_3264c-eMatch-
OR
cisconexus_3264qMatch-
OR
cisconexus_3408-sMatch-
OR
cisconexus_34180ycMatch-
OR
cisconexus_3432d-sMatch-
OR
cisconexus_3464cMatch-
OR
cisconexus_9000vMatch-
OR
cisconexus_92160yc-xMatch-
OR
cisconexus_92300ycMatch-
OR
cisconexus_92304qcMatch-
OR
cisconexus_92348gc-xMatch-
OR
cisconexus_9236cMatch-
OR
cisconexus_9272qMatch-
OR
cisconexus_93108tc-exMatch-
OR
cisconexus_93108tc-fxMatch-
OR
cisconexus_93120txMatch-
OR
cisconexus_93128txMatch-
OR
cisconexus_93180lc-exMatch-
OR
cisconexus_93180yc-exMatch-
OR
cisconexus_93180yc-fxMatch-
OR
cisconexus_93216tc-fx2Match-
OR
cisconexus_93240yc-fx2Match-
OR
cisconexus_9332cMatch-
OR
cisconexus_9332pqMatch-
OR
cisconexus_93360yc-fx2Match-
OR
cisconexus_9336c-fx2Match-
OR
cisconexus_9336pq_aci_spineMatch-
OR
cisconexus_9348gc-fxpMatch-
OR
cisconexus_9364cMatch-
OR
cisconexus_9372pxMatch-
OR
cisconexus_9372px-eMatch-
OR
cisconexus_9372txMatch-
OR
cisconexus_9372tx-eMatch-
OR
cisconexus_9396pxMatch-
OR
cisconexus_9396txMatch-
Node
cisconx-osRange<7.3\(4\)n1\(1\)
AND
cisconexus_5548pMatch-
OR
cisconexus_5548upMatch-
OR
cisconexus_5596tMatch-
OR
cisconexus_5596upMatch-
OR
cisconexus_56128pMatch-
OR
cisconexus_5624qMatch-
OR
cisconexus_5648qMatch-
OR
cisconexus_5672upMatch-
OR
cisconexus_5696qMatch-
OR
cisconexus_6001Match-
OR
cisconexus_6004Match-
Node
cisconx-osRange<6.2\(22\)
OR
cisconx-osRange7.27.3\(3\)d1\(1\)
OR
cisconx-osRange8.08.2\(3\)
OR
cisconx-osRange8.38.3\(1\)
AND
cisconexus_7000Match-
OR
cisconexus_7700Match-
Node
ciscofx-osRange<2.2.2.91
OR
ciscofx-osRange2.32.3.1.130
OR
ciscofx-osRange2.42.4.1.222
AND
ciscofirepower_4110Match-
OR
ciscofirepower_4120Match-
OR
ciscofirepower_4140Match-
OR
ciscofirepower_4150Match-
OR
ciscofirepower_9300Match-
Node
cisconx-osRange<6.0\(2\)a8\(11\)
OR
cisconx-osRange7.0\(3\)i47.0\(3\)i4\(9\)
OR
cisconx-osRange7.0\(3\)i77.0\(3\)i7\(4\)
AND
cisconexus_3524Match-
OR
cisconexus_3524-xMatch-
OR
cisconexus_3524-xlMatch-
OR
cisconexus_3548Match-
OR
cisconexus_3548-xMatch-
OR
cisconexus_3548-xlMatch-
Node
cisconx-osRange<4.0\(1a\)
AND
ciscoucs_6248upMatch-
OR
ciscoucs_6296upMatch-
OR
ciscoucs_6324Match-
OR
ciscoucs_6332Match-
OR
ciscoucs_6332-16upMatch-
Node
cisconx-osRange7.0\(3\)7.0\(3\)f3\(5\)
AND
cisconexus_36180yc-rMatch-
OR
cisconexus_3636c-rMatch-
OR
cisconexus_9504Match-
OR
cisconexus_9508Match-
OR
cisconexus_9516Match-
VendorProductVersionCPE
cisconx-os*cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*
ciscomds_9132t-cpe:2.3:h:cisco:mds_9132t:-:*:*:*:*:*:*:*
ciscomds_9148s-cpe:2.3:h:cisco:mds_9148s:-:*:*:*:*:*:*:*
ciscomds_9148t-cpe:2.3:h:cisco:mds_9148t:-:*:*:*:*:*:*:*
ciscomds_9222i-cpe:2.3:h:cisco:mds_9222i:-:*:*:*:*:*:*:*
ciscomds_9250i-cpe:2.3:h:cisco:mds_9250i:-:*:*:*:*:*:*:*
ciscomds_9706-cpe:2.3:h:cisco:mds_9706:-:*:*:*:*:*:*:*
ciscomds_9710-cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*
ciscomds_9718-cpe:2.3:h:cisco:mds_9718:-:*:*:*:*:*:*:*
cisconexus_3016-cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*
Rows per page:
1-10 of 971

CNA Affected

[
  {
    "product": "Cisco NX-OS Software",
    "vendor": "Cisco",
    "versions": [
      {
        "lessThan": "8.3(1)",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

6.7

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

AI Score

6.6

Confidence

High

EPSS

0

Percentile

5.1%

Related for CVE-2019-1781