CVE-2019-1589

Name of the Vulnerable Software and Affected Versions Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode (affected versions not specified)

Description The issue is related to the Trusted Platform Module (TPM) functionality, where a lack of proper data-protection mechanisms for disk encryption keys allows an attacker to view sensitive information. An unauthenticated, local attacker with physical access to the device could exploit this by obtaining access to the device to view certain cleartext keys. A successful exploit could allow the attacker to execute a custom boot process or conduct further attacks on the device.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.