{"schema_version":"public-product-v1.1","generated_at":"2026-06-10T07:41:21Z","exposure_verdict":"not_assessed","verdict_reason":"Public evidence does not evaluate exact release, platform, enabled features, configuration, compensating controls, or live exposure.","cve":{"id":"CVE-2019-1733","description":"A vulnerability in the NX API (NX-API) Sandbox interface for Cisco NX-OS Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the NX-API Sandbox interface of an affected device. The vulnerability is due to insufficient validation of user-supplied input by the NX-API Sandbox interface. An attacker could exploit this vulnerability by persuading a user of the NX-API Sandbox interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected NX-API Sandbox interface.","severity":"MEDIUM","kev":false,"epss":{"score":0.00311,"percentile":0.54399,"score_date":"2026-05-19","updated_at":"2026-05-20T02:10:44Z"},"cvss_score":5.4,"cvss_source":"NVD","cwe":"CWE-79","published_at":"2019-05-15T17:29:01Z","modified_at":"2024-11-21T04:37:12Z"},"freshness":{"last_source_refreshed_at":"2026-05-26T00:00:03Z","latest_source_refresh_at":"2026-05-26T00:00:03Z","oldest_source_refresh_at":"2026-05-22T00:16:33Z","all_sources_fresh":false,"sources":[{"source":"cisco_advisories","label":"Cisco advisories","last_success_at":"2026-05-26T00:00:03Z","stale":true},{"source":"cisco_csaf","label":"Cisco CSAF","last_success_at":"2026-05-25T03:03:26Z","stale":true},{"source":"nvd_cves","label":"NVD CVEs","last_success_at":"2026-05-22T00:16:33Z","stale":true},{"source":"cisa_kev","label":"CISA KEV","last_success_at":"2026-05-22T00:16:34Z","stale":true},{"source":"first_epss","label":"EPSS","last_success_at":"2026-05-22T00:16:40Z","stale":true}]},"summary":{"advisory_count":1,"visible_product_count":2,"public_evidence_count":2,"kev":false,"cvss_score":5.4},"advisories":[{"id":"cisco-sa-20190515-nxos-nxapi-xss","slug":"cisco-sa-20190515-nxos-nxapi-xss","title":"Cisco NX-OS Software NX-API Sandbox Cross-Site Scripting Vulnerability","source_url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-nxapi-xss"}],"public_evidence":[{"product":{"name":"Cisco NX-OS Software","slug":"cisco-nx-os-software","vendor":"Cisco"},"advisory":{"id":"cisco-sa-20190515-nxos-nxapi-xss","slug":"cisco-sa-20190515-nxos-nxapi-xss","title":"Cisco NX-OS Software NX-API Sandbox Cross-Site Scripting Vulnerability","source_url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-nxapi-xss"},"evidence_type":"structured_affected","evidence_label":{"scope":"CSAF product evidence","label":"product_status known affected"},"evidence_source":"Cisco CSAF","source":"Cisco CSAF","source_document_fetched_at":"2026-05-19T19:57:55Z","csaf_status":"known_affected","csaf_product_status":"known_affected","csaf_product_status_path":"vulnerabilities[].product_status.known_affected","raw_product_name":"7.0(0)N1(1); 7.0(1)N1(1); 7.0(1)N1(3); 7.0(2)I2(2c); 7.0(2)N1(1); 7.0(2)N1(1a); 7.0(3)F1(1); 7.0(3)F2(1); 7.0(3)F2(2); 7.0(3)F3(1); 7.0(3)F3(2); 7.0(3)F3(3); 7.0(3)F3(3a); 7.0(3)F3(3b); 7.0(3)F3(3c); 7.0(3)F3(4); 7.0(3)F3(5); 7.0(3)I1(1); 7.0(3)I1(1a); 7.0(3)I1(1b); 7.0(3)I1(2); 7.0(3)I1(3); 7.0(3)I1(3a); 7.0(3)I1(3b); 7.0(3)I2(1); 7.0(3)I2(1a); 7.0(3)I2(2); 7.0(3)I2(2a); 7.0(3)I2(2b); 7.0(3)I2(2c); 7.0(3)I2(2d); 7.0(3)I2(2e); 7.0(3)I2(3); 7.0(3)I2(4); 7.0(3)I2(5); 7.0(3)I3(1); 7.0(3)I4(1); 7.0(3)I4(2); 7.0(3)I4(3); 7.0(3)I4(4); 7.0(3)I4(8)","exposure_verdict":"not_assessed","verdict_reason":"Public evidence does not evaluate exact release, platform, enabled features, configuration, compensating controls, or live exposure.","exposure_verdict_reason":"Public evidence does not evaluate exact release, platform, enabled features, configuration, compensating controls, or live exposure.","kev":false,"epss":{"score":0.00311,"score_date":"2026-05-19","updated_at":"2026-05-20T02:10:44Z"},"cvss_score":5.4,"cvss_source":"NVD","published_at":"2019-05-15T16:00:00Z","updated_at":"2019-05-15T16:00:00Z","advisory_updated_at":"2019-05-15T16:00:00Z","source_url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-nxapi-xss","remediation":{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-nxapi-xss"},"row_display_order":1},{"product":{"name":"Cisco Adaptive Security Appliance (ASA) Software","slug":"cisco-adaptive-security-appliance-asa-software","vendor":"Cisco"},"advisory":{"id":"cisco-sa-20190515-nxos-nxapi-xss","slug":"cisco-sa-20190515-nxos-nxapi-xss","title":"Cisco NX-OS Software NX-API Sandbox Cross-Site Scripting Vulnerability","source_url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-nxapi-xss"},"evidence_type":"structured_affected","evidence_label":{"scope":"CSAF product evidence","label":"product_status known affected"},"evidence_source":"Cisco CSAF","source":"Cisco CSAF","source_document_fetched_at":"2026-05-19T19:57:55Z","csaf_status":"known_affected","csaf_product_status":"known_affected","csaf_product_status_path":"vulnerabilities[].product_status.known_affected","raw_product_name":"7.0(3)","exposure_verdict":"not_assessed","verdict_reason":"Public evidence does not evaluate exact release, platform, enabled features, configuration, compensating controls, or live exposure.","exposure_verdict_reason":"Public evidence does not evaluate exact release, platform, enabled features, configuration, compensating controls, or live exposure.","kev":false,"epss":{"score":0.00311,"score_date":"2026-05-19","updated_at":"2026-05-20T02:10:44Z"},"cvss_score":5.4,"cvss_source":"NVD","published_at":"2019-05-15T16:00:00Z","updated_at":"2019-05-15T16:00:00Z","advisory_updated_at":"2019-05-15T16:00:00Z","source_url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-nxapi-xss","remediation":{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-nxapi-xss"},"row_display_order":2}]}