Vulnslist

find the latest Cisco vulnerabilities

CVE-2019-12662

A vulnerability in Cisco NX-OS Software and Cisco IOS XE Software could allow an authenticated, local attacker with valid administrator or privilege level 15 credentials to load a virtual service image and bypass signature verification on an affected device. The vulnerability is due to improper signature verification during the installation of an Open Virtual Appliance (OVA) image. An authenticated, local attacker could exploit this vulnerability and load a malicious, unsigned OVA image on an affected device. A successful exploit could allow an attacker to perform code execution on a crafted software OVA image.

SeverityMEDIUM
CVSS6.7
CWECWE-347
KEV
Published
Modified

Related Products

Product Advisory
Cisco RV Series Routers cisco-sa-20190925-vman
Cisco Nexus Dashboard cisco-sa-20190925-vman
Cisco MDS 9000 Family of Multilayer Switches cisco-sa-20190925-vman
Cisco IOS Software cisco-sa-20190925-vman
Cisco Nexus 9000 Series Switches cisco-sa-20190925-vman
Cisco Nexus 7000 Series Switches cisco-sa-20190925-vman
Cisco Nexus 6000 Series Switches cisco-sa-20190925-vman
Cisco Nexus 5000 Series Switches cisco-sa-20190925-vman
Cisco Nexus 3000 Series Switches cisco-sa-20190925-vman
Cisco Nexus 3000 Series Switch cisco-sa-20190925-vman
Cisco NX-OS Software cisco-sa-20190925-vman
Cisco IOS XE Software cisco-sa-20190925-vman
Cisco IOS cisco-sa-20190925-vman
Cisco Catalyst 9600 Series Switches cisco-sa-20190925-vman
Cisco Catalyst 9500 Series Switches cisco-sa-20190925-vman
Cisco Catalyst 9400 Series Switches cisco-sa-20190925-vman
Cisco Catalyst 9300 Series Switches cisco-sa-20190925-vman
Cisco Catalyst 9200 Series Switches cisco-sa-20190925-vman