4 matches found
Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Shell Escape (CVE-2019-1591)
A vulnerability in a specific CLI command implementation of Cisco Nexus 9000 Series ACI Mode Switch Software could allow an authenticated, local attacker to escape a restricted shell on an affected device. The vulnerability is due to insufficient sanitization of user-supplied input when issuing a...
Cisco Nexus 9000 ACI Mode Shell Escape Vulnerability (cisco-sa-20190306-aci-shell-escape)
A shell escape / privilege escalation vulnerability exists in ACI Mode due to insufficient sanitization of user-supplied input. Therefore, an authenticated, remote attacker can exploit this, via a specifically crafted CLI command, to escape the ACI shell and gain root access to the system. Please...
Important: kernel-livepatch-4.14.165-131.185
Issue Overview: An issue was discovered in the Linux kernel before 5.0.10. SMB2negotiate in fs/cifs/smb2pdu.c has an out-of-bounds read because data structures are incompletely updated after a change from smb30 to smb21.CVE-2019-1591 Affected Packages: kernel-livepatch-4.14.165-131.185 Issue...
CVE-2019-1591
CVE-2019-1591 affects Cisco Nexus 9000 Series switches in ACI Mode. Affected due to insufficient sanitization of user input in a specific CLI command, allowing an authenticated, local attacker to escape the restricted shell and execute arbitrary commands with root-level privileges. Affected devic...