CVE-2019-1780

Name of the Vulnerable Software and Affected Versions Cisco NX-OS versions prior to 8.3(1) Cisco FX-OS (affected versions not specified)

Description The issue is related to insufficient validation of arguments passed to certain CLI commands, which could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying operating system of an affected device with elevated privileges. An attacker could exploit this by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges.

Recommendations For Cisco NX-OS versions prior to 8.3(1), update to version 8.3(1) or later to resolve the issue. For Cisco FX-OS, at the moment, there is no information about a newer version that contains a fix for this vulnerability.