CVE-2019-1727

Name of the Vulnerable Software and Affected Versions Cisco NX-OS Software (affected versions not specified)

Description The issue is related to insufficient sanitization of user-supplied parameters passed to certain Python functions in the scripting sandbox, allowing an authenticated, local attacker to escape the Python parser and execute arbitrary commands to elevate their privilege level. The attacker must have local access and be authenticated to the targeted device with administrative or Python execution privileges.

Recommendations To resolve the issue, update to a version of Cisco NX-OS Software that includes the fix for this vulnerability. As a temporary workaround, consider restricting access to the Python scripting subsystem to minimize the risk of exploitation. Restrict access to the scripting sandbox to limit the possibility of a successful exploit. Avoid using the vulnerable Python functions in the scripting sandbox until the issue is resolved.