CVE-2019-1592

Name of the Vulnerable Software and Affected Versions Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software (affected versions not specified)

Description The issue is related to insufficient validation of user-supplied files, allowing an authenticated, local attacker to gain elevated privileges as root on an affected device. An attacker could exploit this by logging in to the CLI of the affected device and creating a crafted file in a specific directory on the filesystem, potentially executing arbitrary operating system commands as root.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.