CVE-2019-1779

Name of the Vulnerable Software and Affected Versions Cisco FXOS Software and Cisco NX-OS Software (affected versions not specified)

Description A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device with elevated privileges. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid device credentials to exploit this vulnerability.

Recommendations For Cisco FXOS Software and Cisco NX-OS Software, update to a version that includes the software updates released by Cisco to address this vulnerability. At the moment, there is no information about specific versions that contain a fix for this vulnerability, but applying the software updates from Cisco is recommended.