CVE-2019-1729

Name of the Vulnerable Software and Affected Versions Cisco NX-OS Software (affected versions not specified)

Description A vulnerability in the CLI implementation of a specific command used for image maintenance could allow an authenticated, local attacker to overwrite any file on the file system, including system files, at the root privilege level. This occurs due to the lack of verification of user-input parameters and digital-signature verification for image files when using a specific CLI command. An attacker could exploit this vulnerability by authenticating to the device and issuing a command at the CLI, potentially leading to a denial of service (DoS) condition.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.