{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-02T18:45:14.738","vulnerabilities":[{"cve":{"id":"CVE-2019-1729","sourceIdentifier":"psirt@cisco.com","published":"2019-05-15T17:29:01.657","lastModified":"2024-11-21T04:37:11.700","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the CLI implementation of a specific command used for image maintenance for Cisco NX-OS Software could allow an authenticated, local attacker to overwrite any file on the file system including system files. These file overwrites by the attacker are accomplished at the root privilege level. The vulnerability occurs because there is no verification of user-input parameters and or digital-signature verification for image files when using a specific CLI command. An attacker could exploit this vulnerability by authenticating to the device and issuing a command at the CLI. Because an exploit could allow the attacker to overwrite any file on the disk, including system files, a denial of service (DoS) condition could occur. The attacker must have valid administrator credentials for the affected device to exploit this vulnerability."},{"lang":"es","value":"Una vulnerabilidad en la implementación de la CLI de un comando específico utilizado para el mantenimiento de imágenes del programa NX-OS de Cisco podría permitir que un atacante local identificado sobrescribiera cualquier archivo en el sistema de archivos, incluidos los archivos del sistema. Estos archivos sobrescritos por el atacante se realizan en el nivel de privilegio de tipo root. La vulnerabilidad se produce porque no hay comprobación de los parámetros de entrada del usuario ni comprobación de firma digital para los archivos de imagen cuando se usa un comando CLI específico. Un atacante podría explotar esta vulnerabilidad al identificarse en el dispositivo y emitir un comando en la CLI. Debido a que una vulnerabilidad podría permitir al atacante sobrescribir cualquier archivo en el disco, incluidos los archivos del sistema, podría ocurrir una condición de Denegación de Servicio (DoS). El atacante deber contar con credenciales de administrador válidas para que el dispositivo afectado ataque esta vulnerabilidad."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H","baseScore":6.0,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.8,"impactScore":5.2}],"cvssMetricV30":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":6.7,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:N/I:C/A:C","baseScore":6.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"MEDIUM","exploitabilityScore":3.9,"impactScore":9.2,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-347"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*","versionEndExcluding":"7.0\\(3\\)i4\\(9\\)","matchCriteriaId":"92B576CF-5EAD-4830-A7B7-ACC434349691"},{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0\\(3\\)i7","versionEndExcluding":"7.0\\(3\\)i7\\(4\\)","matchCriteriaId":"EF06D835-FBE6-4866-B410-C2F66AEF68CD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_3000:-:*:*:*:*:*:*:*","matchCriteriaId":"10FFC5E8-CC5A-4D31-A63A-19E72EC442AB"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_3100:-:*:*:*:*:*:*:*","matchCriteriaId":"41C14CC9-C244-4B86-AEA6-C50BAD5DA9A6"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_3100-z:-:*:*:*:*:*:*:*","matchCriteriaId":"D14D4B4E-120E-4607-A4F1-447C7BF3052E"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_3100v:-:*:*:*:*:*:*:*","matchCriteriaId":"15702ACB-29F3-412D-8805-E107E0729E35"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_3200:-:*:*:*:*:*:*:*","matchCriteriaId":"32A532C0-B0E3-484A-B356-88970E7D0248"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_3400:-:*:*:*:*:*:*:*","matchCriteriaId":"43913A0E-50D5-47DD-94D8-DD3391633619"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_3500:-:*:*:*:*:*:*:*","matchCriteriaId":"A8E1073F-D374-4311-8F12-AD8C72FAA293"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*","matchCriteriaId":"10F80A72-AD54-4699-B8AE-82715F0B58E2"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*","matchCriteriaId":"9354B6A2-D7D6-442E-BF4C-FE8A336D9E94"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*","matchCriteriaId":"74CB4002-7636-4382-B33E-FBA060A13C34"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*","matchCriteriaId":"10CEBF73-3EE0-459A-86C5-F8F6243FE27C"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_9000:-:*:*:*:*:*:*:*","matchCriteriaId":"8EBEBA5B-5589-417B-BF3B-976083E9FE54"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_9200:-:*:*:*:*:*:*:*","matchCriteriaId":"532CE4B0-A3C9-4613-AAAF-727817D06FB4"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_9300:-:*:*:*:*:*:*:*","matchCriteriaId":"92E2CB2B-DA11-4CF7-9D57-3D4D48990DC0"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0\\(3\\)","versionEndExcluding":"7.0\\(3\\)f3\\(5\\)","matchCriteriaId":"96BFEE5D-EF9F-4C21-BC51-FBA71029A6A7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*","matchCriteriaId":"95D2C4C3-65CE-4612-A027-AF70CEFC3233"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*","matchCriteriaId":"57572E4A-78D5-4D1A-938B-F05F01759612"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*","matchCriteriaId":"768BE390-5ED5-48A7-9E80-C4DE8BA979B1"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*","matchCriteriaId":"DDC2F709-AFBE-48EA-A3A2-DA1134534FB6"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*","matchCriteriaId":"7E02DC82-0D26-436F-BA64-73C958932B0A"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/108378","source":"psirt@cisco.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-file-write","source":"psirt@cisco.com","tags":["Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/108378","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-file-write","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}