CVE-2019-1588

Name of the Vulnerable Software and Affected Versions Cisco Nexus 9000 Series Fabric Switches versions prior to 14.0(1h)

Description The issue is related to a lack of proper input and validation checking mechanisms of user-supplied input sent to an affected device. This could allow an authenticated, local attacker to read arbitrary files on the device. A successful exploit could result in unauthorized access to read arbitrary files.

Recommendations For versions prior to 14.0(1h), update to version 14.0(1h) or later to resolve the issue. As a temporary workaround, consider restricting access to the device to minimize the risk of exploitation.