CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Prion•added 2019/05/15 5:29 p.m.•18 views

Design/Logic Flaw

A vulnerability in the SSH CLI key management functionality of Cisco NX-OS Software could allow an authenticated, local attacker to expose a user's private SSH key to all authenticated users on the targeted device. The attacker must authenticate with valid administrator device credentials. The...

2.1CVSS4.7AI score0.00354EPSS

Prion•added 2019/05/15 5:29 p.m.•17 views

Race condition

A vulnerability in the Remote Package Manager RPM subsystem of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to leverage a time-of-check, time-of-use TOCTOU race condition to corrupt local variables, which could lead to arbitrary command injectio...

6.9CVSS6.7AI score0.00357EPSS

Exploits0References2Affected Software2

Vulnrichment•added 2019/05/15 4:50 p.m.•11 views

CVE-2019-1730 Cisco NX-OS Software Bash Bypass Guest Shell Vulnerability

A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to bypass the limited command set of the restricted Guest Shell and execute commands at the privilege level of a network-admin user outside of the Guest Shell. The attacker must...

6CVSS7.1AI score0.00398EPSS

CVE•added 2019/05/15 4:50 p.m.•55 views

CVE-2019-1730

Cisco NX-OS Software contains a Bash bypass vulnerability (CVE-2019-1730) where the Bash shell invocation in the restricted Guest Shell can be exploited by an authenticated, local attacker to run commands at the network-admin level outside the Guest Shell. The root cause is the incorrect implemen...

7.2CVSS6.4AI score0.00398EPSS

Cvelist•added 2019/05/15 4:50 p.m.•28 views

CVE-2019-1731 Cisco NX-OS Software SSH Key Information Disclosure Vulnerability

5.1CVSS4.6AI score0.00354EPSS

Vulnrichment•added 2019/05/15 4:45 p.m.•9 views

CVE-2019-1729 Cisco NX-OS Software Arbitrary File Overwrite Vulnerability

A vulnerability in the CLI implementation of a specific command used for image maintenance for Cisco NX-OS Software could allow an authenticated, local attacker to overwrite any file on the file system including system files. These file overwrites by the attacker are accomplished at the root...

6.7CVSS6.8AI score0.00227EPSS

CVE•added 2019/05/15 4:45 p.m.•63 views

CVE-2019-1729

CVE-2019-1729 affects Cisco NX-OS Software. A vulnerability in the CLI built for image maintenance allows an authenticated, local attacker to overwrite any file on the file system (including system files) due to lack of verification of user-input parameters and image-signature checks. Exploitatio...

6.7CVSS6AI score0.00227EPSS

Cvelist•added 2019/05/15 4:40 p.m.•19 views

CVE-2019-1726 Cisco NX-OS Software CLI Bypass to Internal Service Vulnerability

5.3CVSS7.5AI score0.00423EPSS

Vulnrichment•added 2019/05/15 4:40 p.m.•9 views

CVE-2019-1726 Cisco NX-OS Software CLI Bypass to Internal Service Vulnerability

5.3CVSS6.6AI score0.00423EPSS

CVE•added 2019/05/15 4:40 p.m.•65 views

CVE-2019-1726

Cisco NX-OS Software CLI bypass (CVE-2019-1726) is verified in multiple sources as a vulnerability where an authenticated, local attacker could bypass restrictions by supplying crafted arguments to a CLI command, potentially gaining access to internal services such as NX-API. Root cause is insuff...

7.8CVSS6.1AI score0.00423EPSS

Prion•added 2019/05/15 4:29 p.m.•15 views

Command injection

Dell EMC RecoverPoint versions prior to 5.1.3 and RecoverPoint for VMs versions prior to 5.2.0.2 contain an OS command injection vulnerability in the installation feature of Boxmgmt CLI. A malicious boxmgmt user may potentially be able to execute arbitrary commands as root...

7.2CVSS7.1AI score0.00657EPSS

Exploits0References2Affected Software2

NVD•added 2019/05/15 4:29 p.m.•20 views

CVE-2019-3727

7.2CVSS6.9AI score0.00657EPSS

Cisco•added 2019/05/15 4:0 p.m.•97 views

Cisco NX-OS Software Bash Bypass Guest Shell Vulnerability

6CVSS6.4AI score0.00398EPSS

Cisco•added 2019/05/15 4:0 p.m.•27 views

Cisco NX-OS Software Buffer Overflow and Command Injection Vulnerabilities

Multiple vulnerabilities in the implementation of a specific CLI command for Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to cause a buffer overflow condition or perform command injection. This could allow the attacker to execute arbitrary...

6.7CVSS7.4AI score

Cisco•added 2019/05/15 4:0 p.m.•63 views

Cisco Nexus 3000 Series and 9000 Series Switches in NX-OS Mode CLI Command Software Image Signature Verification Vulnerability

A vulnerability in the Image Signature Verification feature used in an NX-OS CLI command in Cisco Nexus 3000 Series and 9000 Series Switches could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The...

6.7CVSS2.4AI score0.00263EPSS

Cisco•added 2019/05/15 4:0 p.m.•75 views

Cisco NX-OS Software SSH Key Information Disclosure Vulnerability

5.1CVSS4.7AI score0.00354EPSS

Cisco•added 2019/05/15 4:0 p.m.•35 views

Cisco FXOS and NX-OS Software Sensitive File Read Information Disclosure Vulnerability

A vulnerability in the implementation of a CLI diagnostic command in Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to view sensitive system files that should be restricted. The attacker could use this information to conduct additional reconnaissance...

5.5CVSS5.4AI score0.00309EPSS

Cisco•added 2019/05/15 4:0 p.m.•51 views

Cisco NX-OS Software Arbitrary File Overwrite Vulnerability

6.7CVSS6.1AI score0.00227EPSS

Cisco•added 2019/05/15 4:0 p.m.•90 views

Cisco FXOS and NX-OS Software Command Injection Vulnerability (CVE-2019-1780)

A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying operating system of an affected device with elevated privileges. The vulnerability is due to...

4.2CVSS2.6AI score0.00543EPSS