CVE-2019-1591

Name of the Vulnerable Software and Affected Versions Cisco Nexus 9000 Series ACI Mode Switch Software versions prior to 14.0(3d)

Description The issue is related to insufficient sanitization of user-supplied input when issuing a specific CLI command with parameters on an affected device. This could allow an authenticated, local attacker to escape a restricted shell and execute arbitrary commands with root-level privileges. The vulnerability is due to weaknesses in access restrictions to certain features in the Cisco NX-OS network operating system.

Recommendations For versions prior to 14.0(3d), update to a version 14.0(3d) or later to resolve the issue. As a temporary workaround, consider restricting access to the affected CLI commands until a patch is available. Avoid using parameters that could lead to exploitation of the vulnerability in the affected CLI commands.