Cisco Event Response Page
Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication
-
The March 6, 2019, release of the Cisco FXOS and NX-OS Software Security Advisory Collection includes 25 Cisco Security Advisories that describe 26 vulnerabilities in Cisco FXOS Software and Cisco NX-OS Software. Cisco has released software updates that address these vulnerabilities.
Twenty-six of the vulnerabilities have a Security Impact Rating (SIR) of High. Successful exploitation of the vulnerabilities could allow an attacker to gain unauthorized access, gain elevated privileges, execute arbitrary commands, escape the restricted shell, bypass the system image verification checks, or cause a denial of service (DoS) condition on an affected device.
Three of the vulnerabilities affect both Cisco FXOS Software and Cisco NX-OS Software and the remaining vulnerabilities affect only Cisco NX-OS Software. Cisco has confirmed that none of the vulnerabilities affect Cisco IOS Software or Cisco IOS XE Software.
-
The following table identifies Cisco Security content that is associated with this Cisco FXOS and NX-OS Software Security Advisory Collection:
Cisco Security Advisory CVE ID Security Impact Rating CVSS Base Score Affected Cisco Platforms cisco-sa-20190306-nxosldap
Cisco FXOS and NX-OS Lightweight Directory Access Protocol Denial of Service VulnerabilitiesCVE-2019-1597
CVE-2019-1598High 8.6 Firepower 4100 Series Next-Generation Firewalls
Firepower 9300 Security Appliance
MDS 9000 Series Multilayer Switches
Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 7000 Series Switches
Nexus 7700 Series Switches
Nexus 9000 Series Switches in standalone NX-OS mode
UCS 6200 Series Fabric Interconnects
UCS 6300 Series Fabric Interconnectscisco-sa-20190306-nxos-pe
Cisco NX-OS Software Bash Shell Privilege Escalation VulnerabilityCVE-2019-1596High 7.8 Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 3600 Platform Switches
Nexus 9000 Series Switches in standalone NX-OS mode
Nexus 9500 R-Series Line Cards and Fabric Modulescisco-sa-20190306-nx-os-lan-auth
Cisco NX-OS Software 802.1X Extensible Authentication Protocol over LAN Denial of Service VulnerabilityCVE-2019-1594High 7.4 Nexus 1000V Switch for VMware vSphere
Nexus 2000 Series Fabric Extenders
Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 7000 Series Switches
Nexus 7700 Series Switches
Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode
Nexus 9000 Series Switches in standalone NX-OS modecisco-sa-20190306-nx-os-bash-escal
Cisco NX-OS Software Bash Shell Role-Based Access Control Bypass Privilege Escalation VulnerabilityCVE-2019-1593High 7.8 Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 3600 Platform Switches
Nexus 7000 Series Switches
Nexus 7700 Series Switches
Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode
Nexus 9000 Series Switches in standalone NX-OS mode
Nexus 9500 R-Series Line Cards and Fabric Modulescisco-sa-20190306-nxos-netstack
Cisco NX-OS Software Netstack Denial of Service VulnerabilityCVE-2019-1599High 8.6 Nexus 1000V Switch for Microsoft Hyper-V
Nexus 1000V Switch for VMware vSphere
Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 3600 Platform Switches
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 7000 Series Switches
Nexus 7700 Series Switches
Nexus 9000 Series Switches in standalone NX-OS mode
Nexus 9500 R-Series Line Cards and Fabric Modules
UCS 6200 Series Fabric Interconnects
UCS 6300 Series Fabric Interconnects
UCS 6400 Series Fabric Interconnectscisco-sa-20190306-nx-os-api-ex
Cisco NX-OS Software NX-API Arbitrary Code Execution VulnerabilityCVE-2019-1605High 7.8 MDS 9000 Series Multilayer Switches
Nexus 2000 Series Fabric Extenders
Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 3600 Platform Switches
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 7000 Series Switches
Nexus 7700 Series Switches
Nexus 9000 Series Switches in standalone NX-OS mode
Nexus 9500 R-Series Line Cards and Fabric Modulescisco-sa-20190306-nxos-cmdinj-1606
Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1606)CVE-2019-1606High 5.3 Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 9000 Series Switches in standalone NX-OS modecisco-sa-20190306-nxos-cmdinj-1607
Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1607)CVE-2019-1607High 4.2 Nexus 7000 Series Switches
Nexus 7700 Series Switchescisco-sa-20190306-nxos-cmdinj-1608
Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1608)CVE-2019-1608High 4.2 MDS 9000 Series Multilayer Switches
Nexus 7000 Series Switches
Nexus 7700 Series Switchescisco-sa-20190306-nxos-cmdinj-1609
Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1609)CVE-2019-1609High 4.2 MDS 9000 Series Multilayer Switches
Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 3600 Platform Switches
Nexus 7000 Series Switches
Nexus 7700 Series Switches
Nexus 9000 Series Switches in standalone NX-OS mode
Nexus 9500 R-Series Line Cards and Fabric Modulescisco-sa-20190306-nxos-cmdinj-1610
Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1610)CVE-2019-1610High 4.2 Nexus 3000 Series Switches
Nexus 3500 Platform Switchescisco-sa-20190306-nxos-cmdinj-1611
Cisco FXOS and NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1611)CVE-2019-1611High 4.2 Firepower 4100 Series Next-Generation Firewalls
Firepower 9300 Security Appliance
MDS 9000 Series Multilayer Switches
Nexus 2000 Series Fabric Extenders
Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 3600 Platform Switches
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 7000 Series Switches
Nexus 7700 Series Switches
Nexus 9000 Series Switches in standalone NX-OS mode
Nexus 9500 R-Series Line Cards and Fabric Modulescisco-sa-20190306-nxos-cmdinj-1612
Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1612)CVE-2019-1612High 4.2 Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 3600 Platform Switches
Nexus 9000 Series Switches in standalone NX-OS mode
Nexus 9500 R-Series Line Cards and Fabric Modulescisco-sa-20190306-nxos-cmdinj-1613
Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1613)CVE-2019-1613High 4.2 MDS 9000 Series Multilayer Switches
Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 3600 Platform Switches
Nexus 7000 Series Switches
Nexus 7700 Series Switches
Nexus 9000 Series Switches in standalone NX-OS mode
Nexus 9500 R-Series Line Cards and Fabric Modulescisco-sa-20190306-aci-shell-escape
Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Shell Escape VulnerabilityCVE-2019-1591High 7.8 Nexus 9000 Series ACI Mode Switchescisco-sa-20190306-nxos-NXAPI-cmdinj
Cisco NX-OS Software NX-API Command Injection VulnerabilityCVE-2019-1614High 8.8 MDS 9000 Series Multilayer Switches
Nexus 2000 Series Fabric Extenders
Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 7000 Series Switches
Nexus 7700 Series Switches
Nexus 9000 Series Switches in standalone NX-OS modecisco-sa-20190306-nxos-sig-verif
Cisco NX-OS Software Image Signature Verification VulnerabilityCVE-2019-1615High 6.7 Nexus 3000 Series Switches
Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode
Nexus 9000 Series Switches in standalone NX-OS mode
Nexus 9500 R-Series Line Cards and Fabric Modulescisco-sa-20190306-nxos-directory
Cisco FXOS and NX-OS Software Unauthorized Directory Access VulnerabilityCVE-2019-1600High 6.7 Firepower 4100 Series Next-Generation Firewalls
Firepower 9300 Security Appliance
MDS 9000 Series Multilayer Switches
Nexus 2000 Series Fabric Extenders
Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 3600 Platform Switches
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 7000 Series Switches
Nexus 7700 Series Switches
Nexus 9000 Series Switches in standalone NX-OS mode
Nexus 9500 R-Series Line Cards and Fabric Modulescisco-sa-20190306-nxos-npv-dos
Cisco Nexus 9000 Series Switches Standalone NX-OS Mode Fibre Channel over Ethernet NPV Denial of Service VulnerabilityCVE-2019-1617High 7.4 Nexus 9000 Series Switches in standalone NX-OS modecisco-sa-20190306-nxos-fabric-dos
Cisco NX-OS Software Cisco Fabric Services Denial of Service VulnerabilityCVE-2019-1616High 8.6 MDS 9000 Series Multilayer Switches
Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 3600 Platform Switches
Nexus 7000 Series Switches
Nexus 7700 Series Switches
Nexus 9000 Series Switches in standalone NX-OS mode
Nexus 9500 R-Series Line Cards and Fabric Modules
UCS 6200 Series Fabric Interconnects
UCS 6300 Series Fabric Interconnects
UCS 6400 Series Fabric Interconnectscisco-sa-20190306-nxos-file-access
Cisco NX-OS Software Unauthorized Filesystem Access VulnerabilityCVE-2019-1601High 7.8 MDS 9000 Series Multilayer Switches
Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 3600 Platform Switches
Nexus 2000 Series Fabric Extenders
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 7000 Series Switches
Nexus 7700 Series Switches
Nexus 9000 Series Switches in standalone NX-OS mode
Nexus 9500 R-Series Line Cards and Fabric Modulescisco-sa-20190306-nxos-escalation
Cisco NX-OS Software Privilege Escalation VulnerabilityCVE-2019-1602High 7.8 Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 3600 Platform Switches
Nexus 9000 Series Switches in standalone NX-OS mode
Nexus 9500 R-Series Line Cards and Fabric Modulescisco-sa-20190306-nxos-privesc
Cisco NX-OS Software Privilege Escalation VulnerabilityCVE-2019-1603High 7.8 Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 3600 Platform Switches
Nexus 9000 Series Switches in standalone NX-OS mode
Nexus 9500 R-Series Line Cards and Fabric Modulescisco-sa-20190306-nxos-privesca
Cisco NX-OS Software Privilege Escalation VulnerabilityCVE-2019-1604High 7.3 Nexus 3000 Series Switches
Nexus 3500 Series Switches
Nexus 3600 Platform Switches
Nexus 7000 Series Switches
Nexus 7700 Series Switches
Nexus 9000 Series switches in standalone NX-OS mode
Nexus 9500 R-Series Line Cards and Fabric Modulescisco-sa-20190306-tetra-ace
Cisco Nexus 9000 Series Switches Standalone NX-OS Mode Tetration Analytics Agent Arbitrary Code Execution VulnerabilityCVE-2019-1618High 7.8 Nexus 9000 Series Switches in standalone NX-OS mode
Related Resources
Cisco Security Vulnerability Policy
MITRE Common Vulnerabilities and Exposures
Common Vulnerability Scoring System and the Security Impact Rating
Common Vulnerability Scoring System Q & A