CVE-2019-1755

Name of the Vulnerable Software and Affected Versions Cisco IOS XE Software (affected versions not specified)

Description The issue exists due to insufficient input validation in the Web Services Management Agent (WSMA) component of Cisco IOS XE Software. This allows a remote attacker to execute arbitrary commands by sending specially crafted HTTP requests. The vulnerability occurs because the affected software improperly sanitizes user-supplied input, potentially leading to the execution of arbitrary Cisco IOS commands as a privilege level 15 user.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.