CVE-2019-1781

Name of the Vulnerable Software and Affected Versions Cisco FXOS Software versions prior to the fixed version Cisco NX-OS Software versions prior to the fixed version

Description The issue is related to insufficient validation of arguments passed to certain CLI commands, which could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need administrator credentials to exploit this issue. The attacker could exploit this by including malicious input as the argument of an affected command.

Recommendations For Cisco FXOS Software, update to a version that includes the fix for this issue. For Cisco NX-OS Software, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting access to the CLI commands that are vulnerable to this issue until a patch is available. Avoid using malicious input as arguments for CLI commands until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.