A vulnerability in Cisco NX-OS Software and Cisco IOS XE Software could allow an authenticated, local attacker with valid administrator or privilege level 15 credentials to load a virtual service image and bypass signature verification on an affected device. The vulnerability is due to improper signature verification during the installation of an Open Virtual Appliance (OVA) image. An authenticated, local attacker could exploit this vulnerability and load a malicious, unsigned OVA image on an affected device. A successful exploit could allow an attacker to perform code execution on a crafted software OVA image.
AI analysis not yet available
Plain-English explanation, risk summary, and remediation steps will appear here once AI analysis is complete.
No Fix Known
No patch has been released yet. Apply workarounds or mitigations where available.
Published
CVE disclosed publicly
Last Modified
Most recent update
Indexed to CVEInsight
Added to this platform
AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
55
Affected Products
2
References
cisco / ios_xe
| cisco | nx-os | - | - |
| cisco | nx-os | - | - |
| cisco | nx-os | - | - |
| cisco | nexus_3016_firmware | - | - |
| cisco | nexus_3048_firmware | - | - |
| cisco | nexus_3064_firmware | - | - |
| cisco | nexus_3064-t_firmware | - | - |
| cisco | nexus_31108pc-v_firmware | - | - |
| cisco | nexus_31108tc-v_firmware | - | - |
| cisco | nexus_31128pq_firmware | - | - |
| cisco | nexus_3132c-z_firmware | - | - |
| cisco | nexus_3132q_firmware | - | - |
| cisco | nexus_3132q-v_firmware | - | - |
| cisco | nexus_3132q-xl_firmware | - | - |
| cisco | nexus_3164q_firmware | - | - |
| cisco | nexus_3172_firmware | - | - |
| cisco | nexus_3172pq-xl_firmware | - | - |
| cisco | nexus_3172tq_firmware | - | - |
| cisco | nexus_3172tq-32t_firmware | - | - |
| cisco | nexus_3172tq-xl_firmware | - | - |
| cisco | nexus_3232c_firmware | - | - |
| cisco | nexus_3264c-e_firmware | - | - |
| cisco | nexus_3264q_firmware | - | - |
| cisco | nexus_3408-s_firmware | - | - |
| cisco | nexus_34180yc_firmware | - | - |
| cisco | nexus_34200yc-sm_firmware | - | - |
| cisco | nexus_3432d-s_firmware | - | - |
| cisco | nexus_3464c_firmware | - | - |
| cisco | nexus_3524_firmware | - | - |
| cisco | nexus_3524-x_firmware | - | - |
| cisco | nexus_3524-xl_firmware | - | - |
| cisco | nexus_3548_firmware | - | - |
| cisco | nexus_3548-x_firmware | - | - |
| cisco | nexus_3548-xl_firmware | - | - |
| cisco | nexus_5548p_firmware | - | - |
| cisco | nexus_5548up_firmware | - | - |
| cisco | nexus_5596t_firmware | - | - |
| cisco | nexus_5596up_firmware | - | - |
| cisco | nexus_56128p_firmware | - | - |
| cisco | nexus_5624q_firmware | - | - |
| cisco | nexus_5648q_firmware | - | - |
| cisco | nexus_5672up_firmware | - | - |
| cisco | nexus_5696q_firmware | - | - |
| cisco | nexus_6001_firmware | - | - |
| cisco | nexus_6004_firmware | - | - |
| cisco | nexus_7000_10-slot_firmware | - | - |
| cisco | nexus_7000_18-slot_firmware | - | - |
| cisco | nexus_7000_4-slot_firmware | - | - |
| cisco | nexus_7000_9-slot_firmware | - | - |
| cisco | nexus_7700_10-slot_firmware | - | - |
| cisco | nexus_7700_18-slot_firmware | - | - |
| cisco | nexus_7700_2-slot_firmware | - | - |
| cisco | nexus_7700_6-slot_firmware | - | - |
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Exploitability
Impact