2 matches found
Cisco NX-OS Software Remote Package Manager Command Injection Vulnerability (cisco-sa-20190515-nxos-rpm-injec)
According to its self-reported version, Cisco NX-OS Software is affected by following vulnerability - A vulnerability in the Remote Package Manager RPM subsystem of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to leverage a time-of-check,...
CVE-2019-1732
Cisco NX-OS Software Remote Package Manager (RPM) is affected by a TOCTOU race in the RPM subsystem that can allow an authenticated local attacker with administrator credentials to corrupt variables and perform arbitrary command injection. The root cause is a lack of proper locking on critical va...