漏洞标题
Cisco Nexus 3000系列和9000系列交换机在NX-OS模式CLI命令软件映像签名验证漏洞
漏洞描述信息
Cisco Nexus 3000系列和9000系列交换机在NX-OS模式下的CLI命令软件映像签名验证漏洞
CVSS信息
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
漏洞类别
N/A
漏洞标题
Cisco Nexus 3000 Series and 9000 Series Switches in NX-OS Mode CLI Command Software Image Signature Verification Vulnerability
漏洞描述信息
A vulnerability in the Image Signature Verification feature used in an NX-OS CLI command in Cisco Nexus 3000 Series and 9000 Series Switches could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability exists because software digital signatures are not properly verified during CLI command execution. An attacker could exploit this vulnerability to install an unsigned software image on an affected device. Note: If the device has not been patched for the vulnerability previously disclosed in the Cisco Security Advisory cisco-sa-20190306-nxos-sig-verif, a successful exploit could allow the attacker to boot a malicious software image.
CVSS信息
N/A
漏洞类别
密码学签名的验证不恰当
漏洞标题
Cisco Nexus 3000 Series和9000 Series Switches 数据伪造问题漏洞
漏洞描述信息
Cisco Nexus 3000 Series Switches和Cisco Nexus 9000 Series Switches都是美国思科(Cisco)公司的产品。Cisco Nexus 3000 Series Switches是一款3000系列交换机。Cisco Nexus 9000 Series Switches是一款9000系列交换机。 Cisco Nexus 3000 Series和9000 Series Switches中的Image Signature Verification功能(用在N
CVSS信息
N/A
漏洞类别
授权问题