Cisco FXOS and NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1611)

A vulnerability in the CLI of Cisco NX-OS Software and Cisco FXOS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI...

Cisco Unified Computing System Fabric Interconnect root Privilege Escalation (CVE-2019-1966)

A vulnerability in a specific CLI command within the local management local-mgmt context for Cisco UCS Fabric Interconnect Software could allow an authenticated, local attacker to gain elevated privileges as the root user on an affected device. The vulnerability is due to extraneous subcommand...

Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Shell Escape (CVE-2019-1591)

A vulnerability in a specific CLI command implementation of Cisco Nexus 9000 Series ACI Mode Switch Software could allow an authenticated, local attacker to escape a restricted shell on an affected device. The vulnerability is due to insufficient sanitization of user-supplied input when issuing a...

Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1607)

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker coul...

Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1609)

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker coul...

Cisco FXOS and NX-OS Software Command Injection Vulnerability (CVE-2019-1795)

A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments passed ...

Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1610)

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker coul...

Cisco FXOS and NX-OS Software Unauthorized Administrator Account (CVE-2018-0294)

A vulnerability in the write-erase feature of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to configure an unauthorized administrator account for an affected device. The vulnerability exists because the affected software does not properly delete...

Cisco NX-OS Software SSH Key Information Disclosure (CVE-2019-1731)

A vulnerability in the SSH CLI key management functionality of Cisco NX-OS Software could allow an authenticated, local attacker to expose a user's private SSH key to all authenticated users on the targeted device. The attacker must authenticate with valid administrator device credentials. The...

Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1791)

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of...

Cisco NX-OS Software CLI Bypass to Internal Service (CVE-2019-1726)

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to access internal services that should be restricted on an affected device, such as the NX-API. The vulnerability is due to insufficient validation of arguments passed to a certain CLI command. An...

Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1612)

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker coul...

Cisco NX-OS Software Virtualization Manager Command Injection (CVE-2019-12717)

A vulnerability in a CLI command related to the virtualization manager VMAN in Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with root privileges. The vulnerability is due to insufficient validation of...

Cisco NX-OS Software Arbitrary File Overwrite (CVE-2019-1729)

A vulnerability in the CLI implementation of a specific command used for image maintenance for Cisco NX-OS Software could allow an authenticated, local attacker to overwrite any file on the file system including system files. These file overwrites by the attacker are accomplished at the root...

Cisco FXOS and NX-OS Software Command Injection (CVE-2019-1782)

A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI...

Cisco Nexus 3000 and 9000 Series CLI and Simple Network Management Protocol Polling Denial of Service (CVE-2018-0309)

A vulnerability in the implementation of a specific CLI command and the associated Simple Network Management Protocol SNMP MIB for Cisco NX-OS in standalone NX-OS mode on Cisco Nexus 3000 and 9000 Series Switches could allow an authenticated, remote attacker to exhaust system memory on an affecte...

Cisco FXOS and NX-OS Software Sensitive File Read Information Disclosure (CVE-2019-1734)

A vulnerability in the implementation of a CLI diagnostic command in Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to view sensitive system files that should be restricted. The attacker could use this information to conduct additional reconnaissance...

Cisco NX-OS Software CLI Arbitrary Command Execution (CVE-2018-0306)

A vulnerability in the CLI parser of Cisco NX-OS Software could allow an authenticated, local attacker to perform a command-injection attack on an affected device. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by...

Cisco FXOS and NX-OS Software Command Injection Vulnerability (CVE-2019-1780)

A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying operating system of an affected device with elevated privileges. The vulnerability is due to...

Cisco FXOS and NX-OS Software Command Injection (CVE-2019-1781)

A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI...