Cisco · Cisco Nexus 9000 Series Fabric Switches · CVE-2019-1588
**Name of the Vulnerable Software and Affected Versions**
Cisco Nexus 9000 Series Fabric Switches versions prior to 14.0(1h)
**Description**
The issue is related to a lack of proper input and validation checking mechanisms of user-supplied input sent to an affected device. This could allow an authenticated, local attacker to read arbitrary files on the device. A successful exploit could result in unauthorized access to read arbitrary files.
**Recommendations**
For versions prior to 14.0(1h), update to version 14.0(1h) or later to resolve the issue. As a temporary workaround, consider restricting access to the device to minimize the risk of exploitation.