A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability exists because software digital signatures are not properly verified during CLI command execution. An attacker could exploit this vulnerability to install an unsigned software image on an affected device.
Metrics
Affected Vendors & Products
References
History
Wed, 20 Nov 2024 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: cisco
Published: 2019-05-15T22:20:26.162102Z
Updated: 2024-11-20T17:19:07.317Z
Reserved: 2018-12-06T00:00:00
Link: CVE-2019-1812
Vulnrichment
Updated: 2024-08-04T18:28:42.875Z
NVD
Status : Modified
Published: 2019-05-15T23:29:01.277
Modified: 2024-11-21T04:37:26.070
Link: CVE-2019-1812
Redhat
No data.