CVE-2019-1778

CVE-2019-1778 affects Cisco NX-OS Software CLI. A vulnerable component is CLI argument handling, allowing an authenticated local attacker with administrator credentials to inject and execute arbitrary commands on the underlying Linux OS with root privileges. Impact is elevated command execution (...

CVE-2019-1774

Cisco NX-OS Software command injection vulnerability (CVE-2019-1774) affects the CLI; an authenticated, local attacker can exploit insufficient validation of CLI arguments to execute arbitrary commands on the underlying operating system with elevated privileges, requiring administrator credential...

CVE-2019-1775 Cisco NX-OS Software Command Injection Vulnerability

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker cou...

CVE-2019-1775

Cisco NX-OS Software Command Injection vulnerability CVE-2019-1775 affects the CLI of Cisco NX-OS, where an authenticated local attacker can pass malicious CLI arguments to cause arbitrary commands to run on the underlying OS with elevated privileges. Exploitation requires valid administrator cre...

CVE-2019-1776

CVE-2019-1776 affects Cisco NX-OS Software, where the CLI passes arguments to a specific command without proper validation. The issue allows an authenticated, local attacker with administrator credentials to run arbitrary commands on the underlying Linux OS with root privileges. The vulnerability...

CVE-2019-1776 Cisco NX-OS Software Command Injection Vulnerability

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with a privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command ...

CVE-2019-1767

A vulnerability in the implementation of a specific CLI command for Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to cause a buffer overflow condition or perform command injection. This could allow the attacker to execute arbitrary commands with...

Input validation

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI...

CVE-2019-1770 Cisco NX-OS Software Command Injection Vulnerability

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments...

CVE-2019-1770

CVE-2019-1770 describes a vulnerability in the CLI of Cisco NX-OS Software where an authenticated local attacker with administrator credentials can exploit insufficient validation of arguments to a specific CLI command to execute arbitrary commands on the underlying Linux OS with root privileges....

CVE-2019-1769 Cisco NX-OS Software Line Card Command Injection Vulnerability

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying Linux operating system of an attached line card with the privilege level of root. The vulnerability is due to insufficient...

CVE-2019-1769

CVE-2019-1769 affects Cisco NX-OS Software via a Line Card CLI injection vulnerability. An authenticated, local attacker with administrator credentials can exploit insufficient validation of arguments passed to a specific CLI command to execute arbitrary commands on the underlying Linux OS of an ...

CVE-2019-1735 Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1735)

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI...

CVE-2019-1735 Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1735)

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI...

CVE-2019-1735

CVE-2019-1735 affects Cisco NX-OS Software CLI. The issue is caused by insufficient validation of arguments passed to certain CLI commands, allowing an authenticated, local attacker to supply malicious input and execute arbitrary commands on the underlying Linux OS with elevated privileges. An at...

CVE-2019-1726

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to access internal services that should be restricted on an affected device, such as the NX-API. The vulnerability is due to insufficient validation of arguments passed to a certain CLI command. An...

CVE-2019-1729

A vulnerability in the CLI implementation of a specific command used for image maintenance for Cisco NX-OS Software could allow an authenticated, local attacker to overwrite any file on the file system including system files. These file overwrites by the attacker are accomplished at the root...

CVE-2019-1731

A vulnerability in the SSH CLI key management functionality of Cisco NX-OS Software could allow an authenticated, local attacker to expose a user's private SSH key to all authenticated users on the targeted device. The attacker must authenticate with valid administrator device credentials. The...

CVE-2019-1730

A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to bypass the limited command set of the restricted Guest Shell and execute commands at the privilege level of a network-admin user outside of the Guest Shell. The attacker must...

Design/Logic Flaw

A vulnerability in the CLI implementation of a specific command used for image maintenance for Cisco NX-OS Software could allow an authenticated, local attacker to overwrite any file on the file system including system files. These file overwrites by the attacker are accomplished at the root...